English Language Indonesian Language

 CISA & CISM
   CISA Overview
   CISM Overview


CISA® (CERTIFIED INFORMATION SYSTEMS AUDITOR™)


CISA® is a professional certification sponsered by ISACA®, thus it is not an academic degree issued by a university. However, CISA® adds value to individuals who achieve it because it is internationally recognized as the certification for those who possess sound knowledge, skills and experience as an IS auditor. Since 1978, the Certified Information Systems Auditor™ (CISA) program has been the globally accepted standard of achivement among IS audit, control, assurance & security professionals.


With a growing demand for professionals possessing IS audit, control, assurance and security skills, CISA® has become the certification program preferred by individuals and organizations around the world.


The following are benefits for achieving CISA® designation:

  • Assure a positive reputation as a qualified IS audit, control, assurance & security professional.
  • Because the CISA® program certifies individuals who demonstrate proficiency in today’s most sought-after skills, employers prefer to hire and retain those who achieve and maintain the designation.
  • Although certification may not mandatory for you at this time, a growing number of organizations are requiring or recommending that employees become certified. To help ensure success in the global marketplace, it is vital to select a certification program based on universally accepted tehnical practices. CISA® is recognized worldwide, by all industries, as the preferred designation for IS audit, control, assurance & security professionals.
  • The American National Standards Institute (ANSI) has accredited the CISA® certification under ISO/IEC 1702:2003, General Requirements for Bodies Operating Certification Systems of Persons. ANSI accreditation, among others, protects the integrity of the certifications and enhances consumer and public confidence in the certifications and the people who hold them.
CISA® Requirements

The CISA® program is designed to assess and certify individuals in the IS audit, control, assurance & security professions who demonstrate exceptional skill and judgment. To earn the CISA® designation, candidates are required to:

1. Succesfully complete the CISA® exam.
2. Adhere to ISACA® Code of Professional Ethics.
3. Submit verified evidence of a minimum of five (5) years of professional IS audit, control, assurance and/or security work experience. Substitution and waivers of such experience may be obtained as follows:

  • A maximum of one year of information systems OR one year of non-IS audit experience can be substituted for one year of information systems audit, control, assurance or security experience;
  • 60 to 120 completed university semester credit hours (the equivalent of a two-year or four-year degree), not limited by the 10 year preceding restriction, can be substituted for one or two years, respectively, of information systems audit, control, assurance or security experience; and
  • Two years as full-time university instructor in a related field (e.g., computer science, accounting or information systems auditing) can be substituted for one year of information systems audit, control, assurance or security experience.
Experience must have been gained within the 10-year period preceding the application for certification or within five years from the date of initially passing the exam. Applications for certification must be submitted within five years after the year-end of the passing date of the CISA exam. All experience must be verified independently with employers.

The CISA® Exam

The CISA® exam is offered each year in June and December. It consists of 200 multiple-choice questions, administered during a four-hour session. The purpose of the exam is to test a candidate’s knowledge, evaluation and application of IS audit principles and practices and technical content areas. These areas and their definitions are as follows:

  • IS audit process – Provide IS audit services in accordance with IS audit standards, guidelines and best practices to assist the organization in ensuring that its information technology and business systems are protected and controlled.
  • IT governance – Provide assurance that the organization has the structure, policies, accountability, mechanisms and monitoring practices in place to achieve the requirements of corporate governance of IT.
  • Systems and infrastructure life cycle – Provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure will meet the organization’ objectives.
  • IT service delivery and support – Provide assurance that the IT service management practices will ensure delivery of the level of services required to meet the organization’s objectives.
  • Protection of information assets – Provide assurance that the security architecture (policies, standards, procedures and controls) ensures the confidentiality, integrity and availability of information assets.
  • Business continuity and disaster recovery – Provide assurance that, in the event of a disruption, the busines continuity and disaster recovery processes will ensure the timely resumption of IT services, while minimizing the business impact.

    CISA® exam questions are developed and maintained carefully to ensure they accurately test and individual’s proficiency in IS audit, control and security practices.

    Preparing for the CISA® Exam

    There are several ways to prepare yourself for the CISA® exam. One of them is to participate in CISA® Review Course conducted by ISACA® Indonesia Chapter. For further information, please contact CISA Coordinator of ISACA Indonesia Chapter at abhartono2003@yahoo.com

    To get study aids, including 2006 CISA® Review Manual, please refer to ISACA Bookstore.

    CISA® Exam Registration

    The next CISA® exam will be administered on Saturday, 10 June 2006. Registration form can be obtained from CISA® Bulletin of Information (http://www.isaca.org/cisaboi).

     

    ISACA Member

    Non-ISACA Member

    NOTE: Registration form and payment

    must be received on or before 8 February 2006 to qualify for the early registration date.

    Early registrations received on or before 8 February 2006

    US $340

    US $460

    Final registrations received by 5 April 2006

    US $390

    US $510

    A US$50 fee is required for all changes to CISA® exam registration information received between 14 April 2006 and 28 April 2006. No changes will be accepted after 28 April 2006.

    On-line registration via the ISACA® web site (www.isaca.org/examreg) is encouraged. Candidates registering on-line will save US $35. Non-members can also maximize their savings by joining ISACA® at the same time as they register.

    Please click here to get more information on CISA®.

    • Copyright © 2005-2006 ISACA Indonesia. All Rights Reserved.