I: Overview of CISA
CISA (Certified Information System Auditor) has been registered by ISACA since 1978. CISA certification has become a symbol of the achievements of the holder in the professional fields of information system audit, control and security, and advanced into a internationally accepted normal gradually. CISA certified auditors in China play an imperative hero in the pitch of material security and control, and information system audit is recognized by domestic enterprises increasingly. In addition, it will bring considerable benefits of professional and personal.
1: Enhanced Knowledge and Skills
Obtaining the CISA certificate helps you to establish the reputation of a professional as a qualified information system audit, control, assurance and security professional. CISA holders have a solid and reliable ability to conduct various reviews in accordance with globally recognized standards and guidelines to ensure that the organization’s information technology and business systems are controlled fully. monitored and evaluated. CISA certifications assure employers that their employees have met the latest standards of education and practical experience successfully that are necessary to achieve job performance.
Because the individuals certified by the CISA program are proficient in these skills that most needed today, so employers are more willing to hire and retain people who meet and maintain the qualifications required by the CISA program. Whether you want to improve your performance, get a promotion or compete for a new position, having a CISA certification will give you a competitive advantage that others can’t reach.
3: Global Recognition
Perhaps this certification is not absolutely necessary for employment, but more and more organizations require or suggest that employees get a CISA certification. In order to ensure your success in the global market, it is essential to choose a certification which is based on globally recognized technology practices. This is what CISA provides. CISA, as the preferred qualification certificate for professionals in the field of information system audit, control, authentication and security, has been recognized widely by all industries in the world.
4: CISA Examination Form
CISA requires candidates to complete 150 single choice questions within 4 hours. Candidates’ scores are reported in proportion to their scores. Proportional score is the score obtained by converting the original examination score into the general proportion. ISACA uses and reports scores on a common scale from 200 to 800. For example, a proportional score of 800 represents a full score, and all questions are answered correctly; The percentage score of 200 is the lowest, which means that only a few of the questions are answered correctly. Candidates must have a score of 450 or higher to pass the test. 450 points represents the lowest unified knowledge standard set by the CISA Certification Committee of ISACA.
II: Content of CISA Examination
CISA examination questions are related to the five knowledge areas in the ISACA published examination syllabus, but will not be classified by category. The scope covers five work practice areas created according to the latest CISA work practice analysis. The following practice areas and percentages indicate that the keys of the questions presented in the examination. ISACA will employ well-known industry leaders, subject matter experts and industry practitioners to analyze work practice and verify it.
1. Information system audit process (21%) – provide audit services in accordance with it audit standards to help organizations protect and control their information systems.
2. IT governance and management (16%) – to ensure the necessary leadership, organizational structure and processes achieve relevant objectives and support organizational strategy.
3. Acquisition, development and implementation of information systems (18%) – to ensure that the acquisition, development, testing and implementation of information systems are in line with the organization’s strategy and objectives.
4. Operation, maintenance and support of information system (20%) – to ensure that the operation, maintenance and support process of information system is in line with the organization’s strategy and objectives.
5. Protection of information assets (25%) – to ensure that the organization’s security policies, standards, procedures and controls for the confidentiality, integrity and availability of information assets.
III: CISA Registration and Requirements of Certification
There are no restrictions on the application conditions. You can apply for the examination, but you need to apply for the CISA qualification after passing the examination!
To become a certified information system auditor, the applicant must:
1. Pass the CISA. Only pass the cisa certification spoto CISA examination, but fail to obtain the work experience listed below, the examination results can only be valid for five years. If the applicant fails to meet the certification requirements of CISA within five years, the test results will be invalid.
2. Provide confirmation form of 5 years’ working experience in information system audit, control, assurance or security. Work experience must be within 10 years prior to the date of application for certification, or within five years from the date of first passing the examination.
Those with the following equivalent experience can apply for deduction according to the regulations, and the maximum amount of deduction is three years:
■ A maximum of one year of information system experience or one year of non-information system audit experience can be used to offset one year of work experience.
■ complete 60-120 university credits (equivalent to two or four years of university education), not limited by 10 years of previous experience, can be offset by one or two years of work experience.
■ a bachelor’s or master’s degree in a university offering ISACA model courses is equivalent to one year of work experience. If the three-year experience deduction and education exemption have been used, this regulation cannot be used.
■ a master’s degree in information security or information technology from an accredited university can offset one year of work experience.
Exception: two years of full-time university lecturer working experience in related fields (e.g. computer science, accounting, information system audit, etc.) can be offset by one year of working experience.
For example, as a minimum requirement (assuming 120 university credits to offset two years of work experience), the applicant must have three years of practical work experience. This experience can be obtained in the following ways:
■ Three years working experience of information system audit, control, assurance or security field.
■ Two years of working experience in the field of information system audit, control, assurance or security plus one year of non-information system audit or information system working experience or two years of full-time university lecturer experience.
It is important to note that many people choose to take the CISA examination before they meet the experience requirements. This practice is acceptable and encouraging, but CISA certification will only be granted after all requirements are met.
1:Agree to comply with Code of Professional Ethics of ISACA.
2:Agree to comply with the Information System Audit Standards adopted by ISACA.
3:Agree to abide by the Registered
information System Auditor Continuing Vocational Education Policy (CPE).