Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…
Certified Information Systems Auditor (CISA) is a certification issued by ISACA that validates an auditor's ability to assess risk, institute information technology access and management controls, execute security audits and report on compliance.
The exam for this certification covers the following topics in regards to information and communication (ICT) systems:
Acquisition, development, testing and implementation This part of the exam tests the candidate's knowledge of feasibility studies, business cases, total cost of ownership (TCO), return on investment (ROI) and software development project management.
Operations, maintenance & service management This part of the exam tests the candidate's knowledge of service management best practices, enterprise architecture, systems resiliency, information lifecycle management (ILM), IT controls and performance monitoring.
IT Governance This part of the exam tests the candidate's knowledge of enterprise risk management (ERM), specific IT governance frameworks, quality assurance (QA), performance scorecards and other topics related to business continuity and disaster recovery (BCDR).
Asset protection This part of the exam tests the candidate's knowledge of privacy laws and regulations, risk management, digital forensics, data handling and best practices for physical and environmental security controls including digital signatures and encryption.
Auditing This part of the exam tests the candidate's knowledge of auditing tools and best practices, as well as the candidate's knowledge of laws and regulations that pertain to an organization's business processes.
CISA is an advanced certification from ISACA that is intended for information technology professionals who are interested in advancing their career as an internal or consulting IT auditor. This certification fulfills the United States Department of Defense’s Information Assurance Technical Level III and Cyber Security Service Provider (CSSP) Auditor requirements.
Like ISACA’s exams for CISSP and CISM, CISA exams are four hours long and consists of 150 multiple-choice questions. A score of 450 or higher (scored on a scale of 200 to 800) is required to pass the exam. Successful candidates must agree to adhere to ISACA’s Information Systems Auditing Standards, Continuing Professional Education (CPE) Policy and Code of Professional Ethics.
Techopedia’s editorial policy is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…
What is a Standard Operating Procedure (SOP)? An SOP, which stands for Standard Operating Procedure, is a document that outlines...
Marshall GunnellTechnology Writer
What Are Payroll Deductions? Payroll deductions represent the amounts withheld from an employee's earnings for taxes, garnishments, benefits, and other...
What Is Payroll Tax? A payroll tax is a tax imposed on both employers and employees.. As mandatory payroll deductions,...
Trending NewsLatest GuidesReviewsTerm of the Day