CISA (Certified Information Systems Auditor)
The dominant IT-audit credential globally; required de facto for SOX IT-control audits at public companies and IT-audit roles at Big-4 firms. Strong overlap into cybersecurity-audit career paths.
Aviso: esta página contiene enlaces de afiliados.
Sitio web oficial →Fundado
1978
Sede
Schaumburg, IL, USA
Público objetivo
IT auditors, IT compliance professionals, IT governance specialists, SOX IT-control auditors at Big-4, internal audit teams, and IT compliance functions at regulated industries.
Características principales
- 150 multiple-choice questions, 4 hours, scaled scoring 200-800 (450 to pass)
- Five domains: Information System Auditing Process (~21%), Governance & Management of IT (~17%), Information Systems Acquisition/Development/Implementation (~12%), IS Operations & Business Resilience (~23%), Protection of Information Assets (~27%)
- CBT format at PSI testing centers or via online proctoring, year-round
- Pass rate: ~55-60% (ISACA reporting)
- Required: 5 years of professional IS auditing/control/security experience (waivers reduce to as low as 1 year with degree + general experience + CPE)
- 20 hours of CPE annually + 120 hours over 3-year cycle
- ~170,000+ active CISAs globally; deeply embedded in Big-4 IT-audit practices and corporate IT-compliance
Cómo obtener esta certificación
Prerrequisitos
5 years of professional IS audit/control/security experience (within 10 years of exam pass or 5 years post-pass). Substitutions: bachelor's degree (1 year credit), master's (1 year), 2 years teaching/training in related field, or 1 year general IT operational experience.
Por qué certificarse — ROI
Impacto salarial
CISAs in the US report a $15,000–$35,000 premium versus non-certified IT auditors (ISACA 2024 IT Audit Compensation Study). Median US CISA total compensation: $110,000-$150,000.
Beneficios profesionales
- Lo que la distingue
- The dominant IT-audit credential globally; required de facto for SOX IT-control audits at public companies and IT-audit roles at Big-4 firms. Strong overlap into cybersecurity-audit career paths.
- Reconocimiento del sector
- ISACA proprietary; ANSI/ISO 17024 accredited.
Reconocimiento laboral
ANSI/ISO 17024Costo vs retorno
$575
Precios
$15,000/yr
Impacto salarial
~2w
Retorno estimado
Quién debería obtener esta certificación
Ideal para:
- IT auditors
- IT compliance professionals
- IT governance specialists
- SOX IT-control auditors at Big-4
- internal audit teams
- and IT compliance functions at regulated industries.
Considere alternativas si:
- Sits at the intersection of audit and IT — useful for IT-audit specialists, less so for either pure financial-audit (CPA/CIA) or pure cybersecurity (CISSP/CISM) career tracks
- 5-year experience requirement is high; substitutions help but only partially
Cómo mantener esta certificación
- Ciclo de renovación:
- 3 años
Precios
| Concepto | Precio |
|---|---|
| Exam Fee Member | $575 |
| Exam Fee Nonmember | $760 |
| Currency | USD |
| Isaca Membership Annual | $165 |
| Application Fee Post Pass | $50 |
| Annual Certification Maintenance Fee Member | $45 |
| Annual Certification Maintenance Fee Nonmember | $85 |
| Review Materials Isaca Official Member | 189–999 |
| Total Typical Path | 1200–2000 |
| Cpe Hours Required 3yr | $120 |
| As Of | 2025 |
Debilidades
- Sits at the intersection of audit and IT — useful for IT-audit specialists, less so for either pure financial-audit (CPA/CIA) or pure cybersecurity (CISSP/CISM) career tracks
- 5-year experience requirement is high; substitutions help but only partially
- $45-85 annual maintenance fee + CPE adds long-term cost
- Pass-rate disclosures are limited (ISACA publishes less granular pass-rate data than AICPA/IIA)
Mercados disponibles
Global
Aviso: esta página contiene enlaces de afiliados.
Comparar con certificaciones similares
CPA (Certified Public Accountant)
The only US credential authorized to issue audit/attest opinions on financial statements — a regulat
CMA (Certified Management Accountant)
The global management-accounting credential; particularly strong fit for industry/corporate FP&A and