Am i eligible

reagantony

Hi All,

I m in IT development for 4 years as a software developer. And i would like to change my career . Currenlty i m doing my Masters and i m planning to take Information security as it specailization. So will this help me in becoming Cisa auditor.

andhow

Having a background in IT and knowledge of Information security is very helpful in the IT audit field.

You could certainly take the CISA exam, but you'd need to make sure you have the qualifications to get the designation. Here's some info from the ISACA website (http://www.isaca.org/Certification/CISA-Certified-Information-Systems-Auditor/How-to-Become-Certified/Pages/default.aspx):
Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience, to a maximum of 3 years, may be obtained as follows:

• A maximum of 1 year of information systems experience OR 1 year of non-IS auditing experience can be substituted for 1 year of experience.
• 60 to 120 completed university semester credit hours (the equivalent of an 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years, respectively, of experience.
• A bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.
• A master's degree in information security or information technology from an accredited university can be substituted for 1 year of experience.

Exception: 2 years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for 1 year of experience.
As an example, at a minimum (assuming a 2-year waiver of experience by substituting 120 university credits), an applicant must have 3 years of actual work experience. This experience can be completed by:

• 3 years of IS audit, control, assurance or security experience

OR

• 2 years of IS audit, control assurance or security experience and 1 full year non-IS audit or IS experience or 2 years as a full-time university instructor.

It is important to note that many individuals choose to take the CISA exam prior to meeting the experience requirements.
This practice is acceptable and encouraged although the CISA designation will not be awarded until all requirements are met.
The work experience for CISA certification must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. The CISA Application for Certification is available atwww.isaca.org/cisaapp. Note that candidates have 5 years from the passing date to apply for certification.

reagantony

Thanks for ur your valuable information,

What does the term "Information systems experience" refers to. Does my pervious role as software developer count here, can it be replaced as one year experience. Could you please some more explanation to the term Information systems experience".

andhow

I'm not sure. You may want to look at the CISA application where there is more detail (the link is above). If in doubt though, I would recommend contacting ISACA directly at certification@isaca.org.

wd40

Look at the Job Practice Areas
You need to check some of the boxes only, Actual Audit work is not Mandatory.


Job Practice Areas 2016

anthonxxx

Hello All,

Sorry for hijacking this thread but I have a similar question. My story: I already passed the CISA exam last June 2015 and currently working as an ITGC auditor. I'm working as an independent contractor and my contract is for 5 months. I am planning to request for an Educational Exemption of 2 years and another 1 year of non IT audit experience (financial audit). So that leaves me 2 more years of IS audit experience that I have to fill.

Question: Can I include some of my financial audit experience as IT audit experience? We did perform some control functions but not as extensive as my current work now. Besides the way I understand the process is that you only need to put a check mark on CISA Job practice areas. How many employer verification do I need? Can I just submit one with my current employer/client for 5 months?

Thanks all.

eric_gokongwei

anthonxxx wrote: »

Hello All,

Sorry for hijacking this thread but I have a similar question. My story: I already passed the CISA exam last June 2015 and currently working as an ITGC auditor. I'm working as an independent contractor and my contract is for 5 months. I am planning to request for an Educational Exemption of 2 years and another 1 year of non IT audit experience (financial audit). So that leaves me 2 more years of IS audit experience that I have to fill.

Question: Can I include some of my financial audit experience as IT audit experience? We did perform some control functions but not as extensive as my current work now. Besides the way I understand the process is that you only need to put a check mark on CISA Job practice areas. How many employer verification do I need? Can I just submit one with my current employer/client for 5 months?

Thanks all.

You can submit any number of employer verification as needed. In my case, I had multiple employers in the past who know my experiences but only my current employer verified for my CISA. There is a portion in the form which your employer can select if he wants to verify your past experiences which in my case, my current boss selected. As long as your employer is willing to attest your experiences, you wont have a problem.