Professional Documents
Culture Documents
ISOM - Becoming A CISA (Notes)
ISOM - Becoming A CISA (Notes)
Risk with becoming too dependent on
technology:
Sharing the audit results and
Service Delays providing recommendations to
Significant Losses management based on the results.
Vulnerabilities – weakness in the o Two outcomes: compliance
system that can be exploit by external & non – compliance
threats, o Recommendations: value
o People with malicious adding in the activity
intents Performing re-examinations of the
o System glitch audits to ensure the recommended
o Outdated anti-virus actions have been performed by the
management.
Certified Information Systems Auditor
Benefits of CISA Certification
The CISA is a certification and
globally recognized standard for Expands knowledge and skills, builds
appraising and IT auditor’s confidence
knowledge, expertise and skill in Increases marketability and career
assessing vulnerabilities and options
instituting IT controls in an enterprise Builds customer confidence/
environment. international credibility
Issued by the Information Systems
Audit and Control Association Requirements to be CISA
(ISACA) to those in charge of
Becoming a CISA
monitoring, managing, and protecting
an organizations’ IT systems. At least five (5) years of working
experience, with minimum of two (2)
Responsibilities of a CISA
year of professional working
Implementing and audit strategy for experience in IS auditing, control or
information systems that is based on security;
risk management. Adherence of the ISACA Code of
Planning audits that can be used to Professional Ethics; and.
determine whether or not IT assets Passing the CISA Examination
are protected, managed, and
Maintaining the CISA Certification
valuable.
o Failure to plan leads to At least two (2) continuing
waste of project. professional education (CPE) unit
Executing the audits in compliance over 3 years; and,
with the organizations’ set standards Abiding with the IS Auditing
and objectives. Standards
CISA Certification Examination
IS Audit Area %
IS audit process 21%
IT governance 17%
IS acquisition, development, and 12%
maintenance
IS operation and maintenance 23%
Protection of information assets 27%