ISACA Overview and History
ISACA got its start in 1967, when a small group of individuals with similar jobs auditing controls in the computer systems that were becoming increasingly critical to the operations of their organizations sat down to discuss the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field.

Today, ISACA’s membership more than 86,000 strong worldwide is characterized by its diversity. Members live and work in more than 160 countries and cover a variety of professional IT-related positions to name just a few, IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor. Some are new to the field, others are at middle management levels and still others are in the most senior ranks. They work in nearly all industry categories, including financial and banking, public accounting, government and the public sector, utilities and manufacturing. This diversity enables members to learn from each other, and exchange widely divergent viewpoints on a variety of professional topics. It has long been considered one of ISACA’s strengths. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

Another of ISACA’s strengths is its chapter network. ISACA has more than 175 chapters established in over 70 countries worldwide, and those chapters provide members education, resource sharing, advocacy, professional networking and a host of other benefits on a local level. Find out if there’s a chapter near you.

Since its inception, ISACA has become a pace-setting global organization for information governance, control, security and audit professionals. Its IS auditing and IS control standards are followed by practitioners worldwide. Its research pinpoints professional issues challenging its constituents. Its Certified Information Systems Auditor (CISA) certification is recognized globally and has been earned by more than 60,000 professionals since inception. The Certified Information Security Manager (CISM) certification uniquely targets the information security management audience and has been earned by more than 10,000 professionals. The Certified in the Governance of Enterprise IT (CGEIT) designation promotes the advancement of professionals who wish to be recognized for their IT governance-related experience and knowledge and has been earned by more than 200 professionals. It publishes a leading technical journal in the information control field, the ISACA Journal. It hosts a series of international conferences focusing on both technical and managerial topics pertinent to the IS assurance, control, security and IT governance professions. Together, ISACA and its affiliated IT Governance Institute leads the information technology control community and serve its practitioners by providing the elements needed by IT professionals in an ever-changing worldwide environment. For more information on the association's products and services, e-mail the membership department at membership@isaca.org or complete the Information Request Form. When will I receive my December 2008 exam results?
The exam results will be released approximately eight (8) weeks from the date of the exam. When released, they will be released by hard copy result letter and a one-time email notification notice to those who consented to item #25 on the registration form and do not have a balance due on their exam fee. To ensure the confidentiality of scores, exam results will not be reported by telephone, fax or email other than the one-time notification email. What is the date of the next CISA exam?
The next exam will be administered on Saturday, 13 June 2009 unless otherwise specified at www.isaca.org/examlocations. When does registration begin for the next exam?
Registration for the 13 June 2009 is currently open. You can register for the exam at www.isaca.org/examreg. What is the registration deadline of the next exam and what are the fees?
On or before 11 February 2009
ISACA member US $395
Nonmember US $525
After 11 February through 8 April 2009
ISACA member US $445
Nonmember US $575
Candidates can save US $50 on the exam registration fee by registering online. Can I take the CISA and CISM exams on the same day?
The CISA and CISM exams will be held simultaneously; therefore, they cannot be taken on the same day. Who do I contact for assistance with my CISA Practice Question Database CD-ROM or web download?
For technical support with your CD-ROM or web download please contact tech@cisa-support.com. Can I change my exam site or language?
A US $50 fee is required for all changes for an exam site and/or language that are received from 18 April through 24 April 2009. No changes will be accepted after 24 April 2009. Please note that all deadlines are based on Chicago, Illinois, USA 5 p.m. Central Time. For exam site or language changes, please send an email to certification@isaca.org. These changes do not include deferrals. Are there any online training materials available to assist in preparing for the CISA exam?
The CISA Online Review Course contains six modules to assist candidates in preparing the CISA exam. Learn more at www.isaca.org/elearning or click here to view a course demonstration. Can I defer my exam?
Candidates unable to take the exam can request a deferral of their registration fees to the next exam date. To learn more about deferring your exam, including deferral deadlines and costs, please visit www.isaca.org/examdefer. What do I need to do if I've received a revocation notice?
If you have received a revocation notice, please contact certification@isaca.org. Where can I find the CISA application for certification?
CISA applications are located at http://www.isaca.org/CISAapp. Please be aware that there are two different applications available depending upon the year that you passed the exam. What are the qualifications to earn the CISA credential?

Qualifying for CISA requires a combination of four "e's": experience, ethics, education and exam. Specifically, the requirements are:
• Earn a passing score on the CISA exam
• Adhere to the ISACA Code of Professional Ethics
• Commit to abide by the CISA Continuing Professional Education Policy

A minimum of five years of professional information systems auditing, control or security work experience (as described in the job practice areas) is required for certification. Substitutions and waivers of such experience may be obtained if certain education and general IS or audit experience requirements are met.

What does the CISA continuing professional education program require?
In order to become and remain a CISA an individual must agree to comply with the CISA continuing professional education program. This program requires an individual to earn a minimum of twenty (20) hours annually and one hundred twenty (120) hours every three years of continuing professional education. In addition, an annual maintenance fee of US $40 ISACA member and US $80 non-member is required. How can I earn CPE credits online?
ISACA members can earn CPE hours by taking and passing an Information Systems Control Journal CPE Quiz online. One CPE hour is awarded per quiz. ISACA members may also earn CPEs online by participating in e-symposia. The e-symposia are offered live each month or may be accessed on demand via the archives. For more information, please go to http://www.isaca.org/webcasts. In order to claim the CPE hours (generally 3 hours per e-symposia), a passing score must be earned on the quiz. How do I submit my annual continuing profession education (CPE) hours to ISACA?
CPE hours are reported annually during the renewal process which begins in October/November of each year. At renewal time, you will be asked to report the total number of CPE hours that you earn during the cycle year. Please keep track of the activities you take and retain the supporting documentation so that you are able to properly report your hours. You will be sent an email notification when the renewal process opens each year. At that time, you can go to our web site and pay your annual dues and report your CPE hours at www.isaca.org/renew. Alternatively, you can wait until we send you the hard copy annual invoice and use that as the mechanism to make your payment and report your CPE hours. What do I need to do if I've received an audit notice for my 2007 CPE hours?
If you have received an audit notice, please follow the steps provided to you in the letter to comply with the audit. When submitting your documentation, please note that it should be in the form of a letter, certificate of completion, attendance roster or Verification of Attendance form (located at http://www.isaca.org/cisacpepolicy).
At a minimum, each record should include the name of the attendee, name of the sponsoring organization, activity title, activity description, activity date, and the number of continuing professional education hours awarded or claimed. Please submit photocopies, as the documents will not be returned. I've submitted the documentation for the audit of my 2007 CPE hours. When will I receive a confirmation?
If any additional information is required or there are questions regarding your documentation, we will contact you directly. Once your documentation has been reviewed and approved, a notice will be sent to you. If you have not been contacted or received notification of compliance from the certification department by 31 July 2007, please contact us. How long is the exam?
A candidate is given 4 hours to complete a 200 multiple-choice question exam. What does the CISA exam cover?
The CISA exam will cover six IS audit, control or security areas, each of which is further defined and detailed through task and knowledge statements. How do I request additional information or report an issue regarding a current or past credential holder?
To request additional information or to report an issue regarding a current or past credential holder, please contact the CISA certification department: What are the dates and locations of the CISA certification exam ?
The exam is offered only TWICE each year in over 70 cities worldwide, about half of those are in the United States. The exam date second Saturday in June and December. If you miss that date or arrive late you will have to wait 6 months until the next exam. How do I register for the exam ?
Register online at www.isaca.org at least 3 months BEFORE the exam date to reserve your place. Who hires CISA auditor's ?
Every one that uses or needs an I.S. auditor. Employers include the Big accounting firms, Consulting firms, and any business with internal audit needs. A properly qualified auditor is usually quite busy. Recently many self-appointed I.T. professionals entered the security business claiming to offer security audits without any auditor credentials. A true professional would hold the CISA designation as proof of their ability as a dependable independent auditor. Why do all the new regulations require independent auditors ?
People are tired of business fraud. Look at just a few of the huge scandals involving Italy's Parmalat, U.S. Enron, AOL, Worldcom and so many more. The world is tired of losing their money and pension funds in business schemes that involve questionable management or misleading information from management. Independent auditor's are the watchdogs of business. Their objective is to question, observe, assess, and verify a variety of requirements for legal purposes. Who would an CISA auditor report to ?
You will interact with the top executive management. This is an excellent opportunity to win friends and gain opportunities from the top. If you hold multiple skills the CISA will insure you can keep their interest and gain significant respect. Normally the auditor works for internal audit, audit committee or performs pre-audit work intended to improve their clients audit score. What makes the CISA exam so difficult ?
The twice a year exam and diverse subject material. I.S. Audit and Control Association (ISACA) publishes a rather cumbersome study guide compiled by a committee of volunteers, however you will likely fail if that is your only study preparation. The CISA exam is about significantly more that terms and definitions. You have to know quite a bit of detail concerning scope, reporting relationships, duties and ethical boundries. In our opinion, the $135 ISACA study quide was written for a CPA to gain CISA certification and assumes you already understand the CPA background knowledge. Details a CPA would know about audit rules, responsibilities and duties. This is what led David to write the Sybex study guide designed for use by both beginners and professionals with more experience. How many years experience is required for CISA certification ?
You can substitute education for up to two years of the five year experience requirement. Upon sucessfully passing the exam you have five years to submit your exerience for certification. Your test results are valid for 5 years. Passing the exam proves you know something about I.S. auditing. What about self-study ?
The free study groups have a poor overall pass rate too. Most of the free instructors just teach for CISA renewal credits and lack the emphasis to make you successful. Our instructors are actual study guide authors. We teach you details and specific techniques that will repidly advance your audit career. You only get one chance to impress your client. Set your sights to our standards and you will have no trouble passing the exam. Better yet, you will earn more money than everyone else. We'll show you exactly how to do it during class. How much money does a CISA earn ?
Depends on who you work for. We normally hear of personal pay between $43 and $114 per hour. Usually it is quite a bit of money, travel, and high dollar perks. Surely you have seen the high dollar suits and how these people are treated when they arrive at your company. Not cheap. Overall the auditor's life is very comfortable.