Smiling Certified Information Systems Manager working on his computer with ISACA CISA logo overlaid on image

Certified Information Systems Auditor FAQs

Continuing & Professional Education Staff

Monday, December 18, 2023

What is a Certified Information Systems Auditor?

CISA® stands for Certified Information Systems Auditor®. CISA is a globally-recognized credential from ISACA® that demonstrates expertise in the following domains:

  • The process of auditing information systems
  • Governance and management of IT
  • Information systems acquisition, development and implementation
  • Information systems operations and business resilience
  • Protection of information assets

Why should I get an information systems auditor certification?

For employers, CISA validates that an employee or prospective hire has the knowledge and skills to audit, control, monitor and assess IT and business systems, efficiently and effectively.

That is why CISAs are in high demand (and command high salaries).

CISA is consistently one of the top-requested IT certifications in Arizona and across the country, and the average salary of CISA credential holders is over $149,000.

CISA is also a DoD 8570-approved baseline certification, required for many federal government IT/IS roles, including contractor roles.

Is there demand for CISA certification in Arizona?

Yes. CISA is one of the top IT certifications requested in Arizona job postings. Demand is particularly high in the Phoenix Metro area.

The top Arizona employers hiring CISAs include:

  • Wells Fargo
  • Deloitte
  • USAA
  • Banner Health
  • KPMG
  • Dell Technologies
  • Charles Schwab
  • PricewaterhouseCoopers
  • Verizon Communications

Arizona job postings that ask for CISA certification pay over $123,000 per year on average.

Source: Burning Glass Labor Insight, last 12 months of job postings through July 31, 2022

Is there demand for CISA certification in the U.S.?

Yes, CISA is in demand nation-wide (and even world-wide). It is consistently one of the top IT certifications requested in job postings across the country.

Source: Burning Glass Labor Insight, last 12 months of job postings through July 31, 2022

How is CISA different from other information security certifications?

As you might expect from the name of the certification, CISA is more focused on information systems auditing compared to other IT certifications.

CISA demonstrates your ability to audit, control, monitor and assess IT and business systems using a risk-based approach.

How do I get CISA certified?

To earn your CISA, you must pass the CISA exam and demonstrate that you meet the education and work experience requirements. Applicants must also agree to follow the ISACA Code of Professional Ethics, Information Systems Auditing Standards and Continuing Professional Education (CPE) Policy.

CISA certification requires a minimum of five years of professional information systems auditing, control or security work experience (or a combination of education, work experience and other credentials). 

Per ISACA, the following can be substituted for up to three years of the required work experience:

  • A maximum of one year of information systems experience OR one year of non-IS auditing experience can be substituted for one year of experience.
  • A 2-year degree or 60 completed university semester credit hours can be substituted for one year of experience
  • A 4-year degree or 120 completed university semester credit hours can be substituted for two years of experience
  • A master's degree in information security or information technology from an accredited university can be substituted for one year of experience.

It is important to note: you do not need to meet the experience requirements before taking the exam. Once you pass the CISA exam, you have five years to meet the experience requirements and apply for CISA certification.

Learn more about CISA requirements.

How can I prepare for the CISA exam?

The CISA exam is challenging because it tests candidates’ knowledge and skills across a broad range of technology and auditing topics.

Those with technical backgrounds may struggle to shift from an “IT mindset” to an “auditor” mindset. The reverse can also be true: CISA candidates who come from an auditing or financial background may not have the core technology knowledge to succeed on the exam. A CISA Exam Prep course can help fill those knowledge gaps.

Even those who have experience in both IT/IS and auditing may benefit from an exam prep course.

Certification exams are meant to be challenging. That is why earning a certification is a meaningful achievement. An exam prep course that includes practice exams and practical test-taking strategies will help you master not just the material but also how to take the exam.

Taking an exam prep course is an investment of time, effort and money. You want to make sure you are getting high quality training that will help you succeed on the exam. If you choose ISACA-accredited training and exam prep, you can be sure you are receiving the up-to-date, relevant information you need to pass the exam.

Learn about CISA Exam Prep

How much does the CISA exam cost?

As of September 2022, the exam cost $575 for ISACA members and $760 for non-members. Some exam prep courses (including the University of Arizona CISA course) include a free ISACA membership and CISA exam voucher.

 

Contact Dr. John DeLalla at 520-626-6389 or jd@arizona.edu to learn more.