For someone who wants to get into infosec auditing, the Certified Information System Auditor (CISA) program tops the list. This program is sponsored by the Information Systems Audit and Control Association (ISACA). It has its own distinct niche when it comes to security certifications. "The CISA program is essentially based on the audit of information systems and the assurance of information security, so as such there is no equivalent for a CISA program," says Pushpa Redkar, the head of business development for MIEL e-Security's education division.
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to searchSecurity.in you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of searchSecurity.in is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
| |||||||||||||||||
To get a CISA program certification, you have to pass the exam, adhere to ISACA's code of professional ethics, and present proof that supports a work experience of at least five years in professional information systems auditing, control or security. However, you can substitute a part of the work experience required for the CISA program in the following ways.
According to the CISA program, you can substitute one year of the required work experience by having:
• At least one year experience in either information systems, or financial or operational auditing, or
• 60 credit hours of a completed college semester equivalent of a bachelor degree, or
• A bachelor's or master's degree from a university that implements model curricula that is sponsored by ISACA, or
• Experience of two years as a full-time university instructor in any field such as computer science, accounting, or information systems auditing.
Two years of the required work experience for CISA program can be substituted with 120 credit hours of a completed college semester of a bachelor degree. This experience should have been garnered in a 10-year span before appearing for the exam. The CISA program exam is offered twice a year in June and December.
According to KK Mookhey, the founder and principal consultant of NII Consulting, a CISA program certified professional can look at various job opportunities including IT head, audit & risk advisory manager, information security risk analyst, information security officer, information security auditor or as a senior IT consultant. As a result, the CISA program is in much demand in India, and there is a significantly higher demand for CISA program certified professionals than supply. Adds Redkar, "Currently, the CISA program clubbed with the Certified Internal Auditor, and the CISA program with Cisco Certified Network Associate are also very much in demand in the Indian market."
Assurance, audit and information security professionals are sought after, but it does not mean that finishing any of these certifications (including the CISA program) will lead to guaranteed employment. At the end of the day, your information security career also depends on other skills such as communication, practical experience and attitude.