From The FAQ Project
You have decided to go for the CISA® Certification !
First – how do I know whether I qualify for the certification
- Yes, it's always good to know your strengths before taking the plunge ! Check if your education, experience and knowledge meets the requirements set by ISACA.
- Education : None defined but degree holders are entitled to a waiver of upto two years from the minimum requirement 5 year work experience needed.
- Experience : 5 years in IS audit, control, assurance, security within the past 10 years or within 5 years from passing the exam.
- Knowledge : Take the demo exam and see how you score. In any case what you score in the demo should not be a decision factor since it is there to give you a feel of the exam style. Your experience and domain knowledge are what will get you through the exam and to being certified.
Quoted from Requirements for CISA® Certification - ISACA.
A minimum of five years of professional information systems auditing, control or security work experience
(as described in the job practice areas) is required for certification. Substitutions and waivers of such
experience may be obtained as follows:
- A maximum of one year of information systems experience OR one year of financial or operational auditing
experience can be substituted for one year of information systems auditing, control or security experience.
60 to 120 completed college semester credit hours (the equivalent of an Associate or Bachelor degree) can
be substituted for one or two years, respectively, of information systems auditing, control or security
- A bachelor's or master's degree from a university that enforces the ISACA sponsored Model Curricula can
be substituted for one year of information systems auditing, control, assurance or security experience. To
view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if
three years of experience substitution and educational waiver have already been claimed.
- Two years as a full-time university instructor in a related field (e.g., computer science, accounting,
information systems auditing) can be substituted for one year of information systems auditing, control or
Experience must have been gained within the 10-year period preceding the application date for certification
or within five years from the date of initially passing the examination. Retaking and passing the examination
will be required if the application for certification is not submitted within five years from the passing
date of the examination. All experience must be verified independently with employers.
I do not have 5 years work ex :(
- No problem, you have 5 years after passing the exam to apply for certification. So you can build up your experience once you have passed he exam.
Are there any waivers which I can get for my experience etc
- Yes there are waivers which are listed here
OK I believe that I can do both the CISA® and CISM® certifications - is this possible ?
- This is great, but sorry you cannot do both at one time ! Since both the exams are held on the same day, same venue and same time, it is not possible for you to appear for both the exams at one go. You will have to take one exam, and then the other. So please be careful when you are registering for the exam - do not go rush in and pay for both exams. Decide carefully which certification you want to pursue first and then make your payment.
So what is my next step ?
- Register for the exam asap. The exam is held twice a year so it makes sense to register right away and not lose out the opportunity for getting certified at the earliest. Go to the Exam Registration page on the ISACA website right away if you want to (you can come back to this page later).