Select regional store:

CISA - Certified Information Systems Auditor

The CISA qualification

Established in 1978, the Certified Information Systems Auditor (CISA) qualification awarded by ISACA® is the globally accepted standard of achievement among information systems (IS) audit, control and security professionals.

A CISA qualification demonstrates an individual's audit experience, knowledge, and skills, and that they are able to manage vulnerabilities, ensure compliance and institute controls within an organization. CISA qualifications are internationally recognized and are consistently listed as one of the most highly sought-after and well-paying IT certifications.

What are the requirements for CISA qualification?

The CISA certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.

ISACA defines five CISA domains on which you will be examined:

  • Domain 1 - The Process of Auditing Information Systems (21% of exam)
  • Domain 2 - Governance and Management of IT (16% of exam)
  • Domain 3 - Information Systems Acquisition, Development and Imp. (18% of exam)
  • Domain 4 - Information Systems Operations, Maintenance and Support (20% of exam)
  • Domain 5 - Protection of Information Assets (25% of exam)

For more information, please see the official ISACA 'How to Become CISA Certified' web page.

How do you pass the CISA exam at the first attempt?

We recommend the following:

  1. Check that you have the relevant five years of work experience to qualify.
  2. Register and schedule your exam direct with ISACA.
  3. Purchase the official ISACA study guides and third-party textbooks.
  4. Plan a self-study programme that covers all of the key knowledge domains.
  5. Attend an exam preparation training course a few days before you sit the exam.

How to register and schedule the CISA exam

Since 2017, the CISA exam has been offered via a computer-based testing (CBT) sessions, which are available during three testing windows per year. All candidates must first register online direct with ISACA and pay for the examination in advance. They will then receive email instructions on how to schedule an exam appointment at a local PSI exam centre.

For further information, please review the ISACA Exam Candidate Information Guides.

CISA Exam Preperation

CISA Review Manual, 26th Edition

CISA Review Manual, 26th Edition

The CISA Review Manual is the core text for candidates taking the CISA exam. Updated each year, it is also the industry-leading source of information for individuals who wish to understand the roles and responsibilities of an information systems auditor.

CISA is divided into five areas, each of which is covered in the CISA Review Manual and the exam:

  • The Process of Auditing Information Systems
  • Governance and Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Asset

CISA Review Questions, Answers & Explanations Manual, 11th Edition

CISA Review Questions, Answers & Explanations Manual, 11th Edition

It is also advised that any candidate taking the CISA exam purchases and studies a copy of the Official CISA Review Questions, Answers & Explanations.

The official Manual, 11th edition from ISACA provides 1,000 multiple-choice questions, along with their thoroughly explained answers, to allow you to practice thoroughly before sitting the CISA exam.

Continuing professional education

There is a continuing professional education (CPE) policy in respect of qualified CISA professionals. The goal of this policy is to ensure that all CISAs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.

CISAs who successfully comply with the “continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organizations.” The responsibility for setting the continuing professional education requirements rests with the CISA Certification Board, which oversees the process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.

See the Maintain Your CISA page on the ISACA website for further details.

Speak to an expert

For more information on our CISA products and services, speak to one of our experts today.

This website uses cookies. View our cookie policy