Certified Information Systems Auditor

Overview

The Certified Information Systems Auditor certification programme is a professional examination that combines knowledge of information systems with risk assessment and control principles.  The CISA is not a technical exam.   Rather, it focuses on the skills needed to monitor, review and evaluate the management, control, security and logical framework of an IT system.   

The CISA has been run for over 30 years by the Information Systems Audit and Control Association (www.isaca.org), the world’s largest IT Governance and Control professional organisation.    Given the focus of the CISA on the review of IT systems, it is suited to IT professionals, auditors, management consultants, management analysts and Board members

Future Progression

Possession of the CISA enables you to function as either an IT auditor, management analyst, internal auditor, IT Security officer, quality assurance officer, or consultant    

What You Will Cover

The IS Audit Process: Ensure that the organization's information technology and business systems are adequately controlled, monitored, and assessed

IT Governance: Review the organisation structure, policies, accountability, mechanisms, and monitoring practices in place to achieve IT corporate governance requirements

Systems and Infrastructure Life Cycle: Identify management practices for the development/acquisition, testing, implementation, maintenance, and disposal of systems and infrastructure meet the organization’s objectives

Business Continuity and Disaster Recovery: Ensure the business continuity and disaster recovery processes will ensure the timely resumption of IT services while minimizing the business impact.

IT Service Delivery and Support: Ensure IT service management practices will ensure the delivery of the level of services required to meet the organization’s objectives

Protection of Information Assets: To provide assurance that the security architecture (policies, standards, procedures, and controls) ensures the confidentiality, integrity, and availability of information assets.

Entry Requirements
There are no entry requirement for the CISA.   However, persons will not be able to obtain and use the qualification without five years IT Audit experience.  This experience can be gained either before or after the exam.

Key Programme Dates
There are two class periods for the programme each year – November – May and June - November.   The respective registration deadlines are October 31 and April 30.   Examinations are held in June and December. 

Classes are held on Saturdays from 9:30 A.M. to 11:30 A.M.