CISA STUDY

Other Exams
CISA

Certified Information Systems Auditor (CISA) refers to a designation issued by the Information Systems Audit and Control Association (ISACA). The designation is the global standard for professionals who have a career in information systems, in particular, auditing, control, and security.

How to Become CISA Certified 

1. Successful completion of the CISA Examination The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. For a more detailed description of the exam see CISA Certification Job Practice. Also, CISA Exam Preparation resources are available through the association and many chapters host CISA Exam Review Courses (contact your local chapter).

2. Submit an Application for CISA Certification Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience, to a maximum of 3 years, may be obtained as follows:
A maximum of 1 year of information systems experience OR 1 year of non-IS auditing experience can be substituted for 1 year of experience. 60 to 120 completed university semester credit hours (the equivalent of an 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years, respectively, of experience.
A bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.
A master's degree in information security or information technology from an accredited university can be substituted for 1 year of experience. Exception: 2 years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for 1 year of experience.
As an example, at a minimum (assuming a 2-year waiver of experience by substituting 120 university credits), an applicant must have 3 years of actual work experience. This experience can be completed by:
3 years of IS audit, control, assurance or security experience OR 2 years of IS audit, control assurance or security experience and 1 full year non-IS audit or IS experience or 2 years as a full-time university instructor.

It is important to note that many individuals choose to take the CISA exam prior to meeting the experience requirements. This practice is acceptable and encouraged although the CISA designation will not be awarded until all requirements are met. The work experience for CISA certification must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. The CISA Application for Certification is available at www.isaca.org/cisaapp. Note that candidates have 5 years from the passing date to apply for certification.

3. Adherence to the Code of Professional Ethics Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.

4. Adherence to the Continuing Professional Education (CPE) Program.
The objectives of the continuing education program are to:
  1. Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of information systems auditing, control or security.
  2. Provide a means to differentiate between qualified CISAs and those who have not met the requirements for continuation of their certification
  3. Provide a mechanism for monitoring information systems audit, control and security professionals' maintenance of their competency
  4. Aid top management in developing sound information systems audit, control and security functions by providing criteria for personnel selection and development

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

Requirements for CISA Certification

The CISA designation is awarded to those individuals with an interest in Information Systems auditing, control, and security who have met and continue to meet the following requirements regarding:

 
  1. Successful completion of the CISA examination
  2. Information systems auditing, control or security experience
  3. Adherence to the Code of Professional Ethics
  4. Adherence to the continuing professional education program
  5. Compliance with the Information Systems Auditing Standards
 
  1.   Successful Completion of the CISA Examination  The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all documents required to apply for certification with their notification of a passing score. For a more detailed description of the exam see Exam Information. Also, CISA Exam Preparation resources are available through the association and many chapters host CISA Exam Review Courses (contact your local chapter). The CISA examination is offered twice a year, in June and December. The Bulletin of Information (BOI) is published online when it becomes available for each exam. You may also request a BOI by completing the online Request for Information form or by emailing your complete mailing address to certification@isaca.org. You may register online or by completing the registration form within the BOI and faxing or mailing it to ISACA for processing. For registration dates and deadlines please see the Exam Information page.
  2.  Experience as an Information Systems Auditor  A minimum of five years of professional information systems auditing, control or security work experience (as described in the job content areas) is required for certification. Substitutions and waivers of such experience may be obtained as follows: A maximum of one year of information systems experience OR one year of financial or operational auditing experience can be substituted for one year of information systems auditing, control or security experience. 60 to 120 completed college semester credit hours (the equivalent of an Associate or Bachelor degree) can be substituted for one or two years, respectively, of information systems auditing, control or security experience. A bachelor's or master's degree from a university that enforces the ISACA sponsored Model Curricula can be substituted for one year of information systems auditing, control, assurance or security experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if three years of experience substitution and educational waiver have already been claimed. Two years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for one year of information systems auditing, control or security experience. Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination. Retaking and passing the examination will be required if the application for certification is not submitted within five years from the passing date of the examination. All experience must be verified independently with employers.
  3. The Code of Professional Ethics  Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.
  4. Continuing Professional Education (CPE) Policy  The objectives of the continuing education program are to: Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of information systems auditing, management, accounting and business areas related to specific industries (e.g., finance, insurance, business law, etc.) Provide a means to differentiate between qualified CISAs and those who have not met the requirements for continuation of their certification Provide a mechanism for monitoring information systems audit, control and security professionals' maintenance of their competency Aid top management in developing sound information systems audit, control and security functions by providing criteria for personnel selection and development Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period. Upon completing the requirements for initial certification, the CISA will be provided with the CPE policy booklet for detailed criteria to be used in developing a personal CPE program. View the complete Continuing Professional Education Policy.
  5.   Information Systems Auditing Standards
    6.  

Individuals holding the CISA designation agree to adhere to the Information Systems Auditing Standards as adopted by ISACA.
Pls contact us to register for CISA in Nigeria
Email: info@westpackassociates.com
Tel: +234 8055111886