<
p class=””>CISA is possibly the one ‘pure’ Information systems audit qualification that is recognised anywhere. It is balanced between technical IT knowledge and business understanding. And it has lovely exam questions – and I should know, as I wrote some of them.
There are other IT audit certifications – from the IIA’s aborted QiCA to supporting CPA type accounting quals and tech quals such as CCNA – but none with the universal recognition CISA holds.
Having said that, it is a baseline and not a gold standard. If you can’t do this after a few years experience, you probably shouldn’t be an IT auditor. Holding it doesn’t prove your competence in any particular area – but it does verify that you understand what you are doing and have the skills and experience to undertake at least simpler audit assignments.
How can I obtain a CISA qualification?
There are two things you need to do to qualify: Pass a 200 question multiple choice exam in 4 hours, and demonstrate 5 years relevant experience. You can get a year or two off the experience requirement from relevant degrees and qualifications, or other relevant experience.
The exam is wide in it’s scope, but for anyone with a good all-round understanding of enterprise IT and a comprehension of business risk it should not be too hard. There is a book to support it and also a CD question bank for practice – both are worth having. The book is mind-numbingly dull and best used as a tool to identify any areas within the syllabus that where you may need further study. The CD is a far-too-accurate practice questions tool, and many candidates have noticed a strong similarity between some of the CD questions and exam questions on the day. Still, if a few questions are similar it’s nowhere near enough to pass, so use the practice questions to identify areas of weakness. Address these areas with the book or other resources, then re-test yourself.
What does it cover?
The syllabus is split into six domains. You need to do well in all areas to pass the exam, but some areas are more important than others:
<
ul>
IS Audit Process – 10% exam weighting
IT Governance – 15% of Exam
Systems and Infrastructure Lifecycle Management – 16% exam weighting
IT Service Delivery and Support – 14% exam weighting
Protectio
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.