October 13, 2008
 

About the CISA Exam

 

The Certified Information Systems Auditor (CISA) is ISACA’s cornerstone certification.  It is for the IS audit, control, assurance and/or security professionals who wish to set themselves apart from their peers.

 

When and where is the exam offered?
The CISA exam is offered just twice a year in June and December.  To find the testing location nearest you, go to the ISACA website. 

 

What does the exam consist of?
The CISA exam consists of 200 multiple-choice questions that cover the six job practice areas created from the most recent CISA job practice analysis, including:

  • IS audit process - Provide IS audit services in accordance with IS audit standards, guidelines and best practices to assist the organization in ensuring that its information technology and business systems are protected and controlled.
  • IT governance - Provide assurance that the organization has the structure, policies, accountability, mechanisms and monitoring practices in place to achieve the requirements of corporate governance of IT.
  • Systems and infrastructure life cycle - Provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure will meet the orgainzation's objectives.
  • IT service delivery and support - Provide assurance that the IT service management practices will ensure delivery of the level of services required to meet the organization's objectives.
  • Protection of information assets - Provide assurance that the security architecture (policies, standards, procedures and controls) ensures confidentiality, integrity and availability of information assets.
  • Business continuity and disaster recovery - Provide assurance that, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resuption of IT services, while minimizing the business impact.

 

Time limits for passing
Candidates may retake the exam during any future exam administration.  There are no limits to the number of times a candidate can take the exam.

 

Scoring and grade delivery
Scores are reported as a scaled score, which is a conversion of a candidate's raw score on an exam to a common scale.  ISACA uses and reports scores on a common scalle from 200 to 800.  A candidate must receive a score of 450 or higher to pass the exam.  A candidate receiving a passing score may then apply for certification if all other requirements are met.  Approximately eight weeks after the test date, the official exam results will be mailed to candidates.  Additionally, an optional e-mail message containing the candidate's pass/fail status and score can also be sent to candidates.

 

Improve your score
The most important thing you can do to pass the CISA exam is to undertake a consistent, intensive study program and prepare with MyExamScore simulated CISA exams.  Visit ExamMatrix for information about a highly interactive online CISA study program with a proven track record of success.