Select regional store:

CISA - Certified Information Systems Auditor


The CISA qualification

Established in 1978, the Certified Information Systems Auditor (CISA) qualification awarded by ISACA® is the globally accepted standard of achievement among information systems (IS) audit, control, and security professionals.

IT Governance is the exclusive approved reseller of ISACA publications and offers the complete range of official ISACA study guides, which are designed to help you pass the CISA examination at the first attempt

What are the requirements for the CGEIT qualification?

The CISA certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.

  • Domain 1: Framework for the Governance of Enterprise IT (25% of exam)

    “Ensure the definition, establishment, and management of a framework for the governance of enterprise IT in alignment with the mission, vision and values of the enterprise.”

  • Domain 2: Strategic Management (20% of exam)

    “Ensure that IT enables and supports the achievement of enterprise objectives through the integration and alignment of IT strategic plans with enterprise strategic plans.”

  • Domain 3: Benefits Realization (16% of exam)

    “Ensure that IT-enabled investments are managed to deliver optimized business benefits and that benefit realization outcome and performance measures are established, evaluated and progress is reported to key stakeholders.”

  • Domain 4: Risk Optimization (24% of exam)

    “Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.”

  • Domain 5: Resource Optimization (15% of exam)

    “Ensure the optimization of IT resources including information, services, infrastructure and applications, and people, to support the achievement of enterprise objectives.”

For more information, please see the official ISACA 'How to Become CISA Certified' web page.

How do you pass the CISA exam at the first attempt?

We recommend the following:

  1. Check that you have the relevant five years of work experience to qualify
  2. Register and schedule your exam direct with ISACA
  3. Purchase the official ISACA study guides and third-party textbooks
  4. Plan a self-study program that covers all of the key knowledge domains
  5. Attend an exam preparation training course a few days before you sit the exam

How to register and schedule the CISA exam

The CISA exam is offered via a computer-based testing (CBT) sessions, which are available all year round. All candidates must first register online direct with ISACA and pay for the examination in advance. They will then receive email instructions on how to schedule an exam appointment at a local PSI exam centre.

For further information, please review the ISACA Exam Candidate Information Guides.

Maintaining your CGEIT

The CGEIT CPE (continuing professional education) policy aims to ensure that all CGEITs maintain an adequate level of knowledge and proficiency by attaining and reporting 20 CPE hours a year.

In addition, a minimum of 120 contact hours are required during a fixed three-year period. Failing to comply with these requirements will result in your CGEIT designation being revoked.

See the Maintain Your CGEIT page on the ISACA website for further details.

Essential CISA books and study guides


CISA Review Manual, 26th Edition

Official ISACA CISA Review Manual, 26th Edition

The CISA Review Manual is the core text for candidates taking the CISA exam. Updated each year, it is also the industry-leading source of information for individuals who wish to understand the roles and responsibilities of an information systems auditor.

CISA is divided into five areas, each of which is covered in the CISA Review Manual and the exam:

  • The Process of Auditing Information Systems
  • Governance and Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Asset

Shop now

CISA Review Questions, Answers & Explanations Manual, 11th Edition

Official ISACA CISA Review Questions, Answers & Explanations Manual

The official ISACA CGEIT Review Questions, Answers & Explanations Manual, 4th Edition, provides 250 multiple-choice questions, along with their thoroughly explained answers, to allow you to practise for the CGEIT exam.

Many questions within the manual have been revised or completely rewritten to be more representative of the CGEIT exam question format, and/or to provide further clarity or explanation of the correct answer.

Shop now

CISA Exam Passport

CISA Exam Passport

This package contains the official CISA Review Manual, 26th Edition and the CISA Review Questions, Answers & Explanations Manual, 11th Edition. Both official ISACA books have been updated to reflect the CISA job practice domains, and are the most up-to-date study resources for the 2016 CISA exam.

Shop now

Continuing professional education

There is a continuing professional education (CPE) policy in respect of qualified CISA professionals. The goal of this policy is to ensure that all CISAs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.

CISAs who successfully comply with the “continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organizations.” The responsibility for setting the continuing professional education requirements rests with the CISA Certification Board, which oversees the process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.

See the Maintain Your CISA page on the ISACA website for further details.

This website uses cookies. View our cookie policy