CISA: The Changing World Of Accounting
CISA, Certified Information Systems Auditor having uniform certification criteria has, gained worldwide acceptance by all industries, as the standard of achievement among IS audit, risk management and security professionals.
Vacancies in the areas of IT security management, IT audit or IT risk management often ask for a CISA certification.
Need of CISA:
CISA professionals are well equipped with the necessary skills, knowledge and expertise to identify and manage vulnerabilities, evaluate the compliance of processes, implement solutions to rectify any detected risks, employ control mechanisms and consequently, add value to an organization.
As we become more dependent on technology the proper security of our data is more important than ever been before. The need for enterprises to evaluate the processes and policies they use to secure their data will only continue to grow in the future. One of the primary criteria organizations look for when hiring an IT Auditor is CISA (Certified Information Systems Auditor) certification. As of this writing, there are currently over 106,000 CISA certified professionals worldwide.
CISA v/s CIA:
The IIA (Institute of Internal Auditors) survey of 2012 showed that IT Auditors with a CISA certification earn a higher salary than those with the CIA (Certified Internal Auditor) certification. The main reason behind this being the CISA goes into greater technical detail and is more geared towards information technology in comparison to the CIA.
CISA Certification:
- Increased confidence—The synergistic benefits that you get from having both accounting and CISA qualifications is a huge confidence boost. CISA certification increases your value as an accountant in this ever-changing, complex and competitive business environment.
- Confirms your knowledge and experience
- Quantifies and markets your expertise
- Demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise
- Is globally recognized as the mark of excellence for the IS audit professional
Exam Pattern:
The world unified CISA exams are conducted three times a year: in June, September and December. The exam is known to be difficult examination and having four hours in length, consists of 150 multiple choice questions and uses the format of one correct answer per question.
The scoring is weighted depending on predetermined value for each question with a passing score of 450 points and an 800-point score as the maximum. Some questions are purely for statistical purposes and do not affect the candidate’s score.
Various educational institutions across the globe organize the CISA Review Courses , where students go through the CISA Review manual in the five domains which are:
- Domain 1 — The Process of Auditing Information Systems (Contains 21% of the Total Marks or 31 Questions)
- Domain 2 — Governance and Management of IT (Contains 16% of the Total Marks or 24 Questions)
- Domain 3 — Information Systems Acquisition, Development and Implementation (Contains 18% of the Total Marks or 30 Questions)
- Domain 4 — Information Systems Operations, Maintenance and Service Management (Contains 20 % of the Total Marks or 30 Questions)
- Domain 5 — Protection of Information Assets (Contains 25 % of the Total Marks or 38 Questions)
Globally:
In the United States, assistant examiners employed by the US Federal Reserve Banks must pass the CISA examination before they are eligible for commissioning. The US Department of Defense’s Information Assurance Workforce Improvement Program, has approved CISA and directed as many as 80,000 professionals to be required to earn one of 13 different certifications offered by some five different organizations (ISACA included).
In the same vein, the National Stock Exchange of India and CERT-IN, the Indian Computer Emergency Response Team, has recognized CISA as one of the requirements to conduct security audits in the Country.
READ ALSO: Best Career Opportunities For A CA
In Singapore, CISA was accredited under the Critical IT Resource Program of the National Infocomm Competency Centre (NICC), the national body that oversees accreditation of IT-related certifications.
The same story goes in Hong Kong, ISACA members who have held a CISA certification for at least four years have the right to vote for the city’s legislative counselors as representatives of the IT category among the functional constituencies.
In Romania, banks desiring to implement distance or electronic payment instruments are required by law to be certified by CISA-holding auditors.