Since 1978, the CISA certification has been a globally accepted standard of achievement among information systems (IS) audit, control and security professionals. More than 129,000 professionals have earned the CISA designation since inception. CISA retention each year consistently remains more than 90 percent, including more than 94 percent for the most recent period.
The CISA certification is sought by those who audit, control, monitor and assess an enterprise’s information technology and business systems. CISAs are recognized internationally as professionals with the assurance, knowledge, skills, experience and credibility to leverage standards, manage vulnerabilities, ensure compliance, offer solutions, institute controls and deliver value to the enterprise. Often, CISA is a mandatory qualification for employment as an information systems auditor.
CISA Certification Requirements
To earn the CISA certification, candidates are required to:
- Pass the CISA examination (offered worldwide as computer-based testing 1 May – 30 June, 1 August – 30 September and 1 November – 31 December, in 11 languages and at more than 800 locations)
- Submit evidence of a minimum of five years of professional IS auditing, control or security work experience
- Adhere to ISACA’s Code of Professional Ethics
- Adhere to the Information Systems Auditing Standards as adopted by ISACA
- Agree to comply with the CISA Continuing Education Policy
CISA in the Workplace
- More than 31,000 serve as audit directors, managers or consultants and auditors (IT and non-IT).
- More than 12,000 are IT directors, managers, consultants and related staff.
- More than 12,500 are employed in managerial, consulting or related positions in IT operations or compliance.
- More than 11,000 are security directors, managers, consultants and related staff.
- More than 2,800 CISAs are CEOs, CFOs or equivalent executives.
- More than 3,300 are CIOs, CISOs, or chief compliance, risk or privacy officers.
- More than 2,800 serve as chief audit executives, audit partners or audit heads.
- CISA is among the highest-paying IT certifications in Foote Partners IT Skills and Certification Pay Index™ (IT SCPI ) for the quarter ending 1 April 2015. CISA has been consistently noted in this report for having gained in market value.
- CISA is the third highest-paying certification for 2015 in Certification Magazine’s Jobs and Salary Annual Salary Survey.
- CISA is one of the top five highest-paying certifications for the second consecutive year, according to Global Knowledge’s 2015 IT Skills and Salary Survey.
• CISA is accredited by the American National Standards Institute (ANSI) under the International Standard ANSI/ISO/IEC 17024:2012
• CISA was named Best Professional Certification Program in the SC Awards 2017. It marked the seventh straight year that CISA was a finalist in the award category.
• CISA is listed as a prerequisite for the Australian Government iRAP certification.
• The Australian Signals Directorate listed CISA as a prerequisite for its Information Security Registered Assessor Program.
• The Securities and Exchange Board of India (SEBI) mandates that trading members who have obtained approval from Exchange for Computer-to-Computer Link (CTCL) trading software are required to have the CTCL trading facility audited by a CISA/CISSP/ISA/DISA-certified auditor.
• The Income Tax Department of India (ITD) requires all e-return intermediaries to be CISA- or ISA-certified.
For a more comprehensive list of CISA recognitions, please visit
CISA in the News
• TechWorm—Highest-Paying IT Certifications
• Chron—Skills of an IT Auditor
• Global Knowledge—15-Top Paying Certifications for 2016
• Times of India—CBSE XII Result: Lucknow cancer survivor scores high
About ISACA Certifications
ISACA’s portfolio of experience-based certifications has provided ISACA the recognition of being the global leader in IT certifications. In addition to CISA, ISACA offers the Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) and Certified in the Governance of Enterprise IT (CGEIT) certifications. For more information, visit www.isaca.org/certifications.