Complete resources to ensure you achieve and maintain your CISA qualification

Established in 1978, the Certified Information Systems Auditor (CISA) qualification awarded by ISACA® is the globally accepted standard of achievement among information systems (IS) audit, control and security professionals.

This page offers an introduction to the concepts and topics covered by CISA, as well as information about the products offered by IT Governance that will help you pass the CISA exam first time.

For advice and guidance on how you can achieve and maintain the CISA qualification, get in touch with one of our experts today.

Speak to an expert

Study for the Certified Information Systems Auditor (CISA) examination

Our complete range of CISA study guides and training services:

What are the requirements for CISA qualification?

The CISA certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.

ISACA defines five CISA domains on which you will be examined:

  • Domain 1 - The Process of Auditing Information Systems (21% of exam)
  • Domain 2 - Governance and Management of IT (16% of exam)
  • Domain 3 - Information Systems Acquisition, Development and Imp. (18% of exam)
  • Domain 4 - Information Systems Operations, Maintenance and Support (20% of exam)
  • Domain 5 - Protection of Information Assets (25% of exam)

For more information, please see the official ISACA 'How to Become CISA Certified' web page.

""Any ISACA programme when followed through from study, to exams, to actual certification, provides greater recognition in the marketplace and influence at the executive level. It is not just about attending a course and passing the exam, it is about being able to demonstrate application of that knowledge and recognition of your work, management and educational experience."

- Paula Kench, Delegate on the CISA Exam Preparation Course

How do you pass the CISA exam at the first attempt?

We recommend the following:

  1. Check that you have the relevant five years of work experience to qualify.
  2. Register and schedule your exam direct with ISACA.
  3. Purchase the official ISACA study guides and third-party textbooks.
  4. Plan a self-study programme that covers all of the key knowledge domains.
  5. Attend an exam preparation training course a few days before you sit the exam.

How to register and schedule the CISA exam

From 2017, the CISA exam will be offered via a computer-based testing (CBT) session, which is available during three testing windows per year. All candidates must first register online direct with ISACA and pay for the examination in advance. They will then receive email instructions on how to schedule an exam appointment at a local PSI exam centre. For the May-June 2017 window only, this notification will be delayed until 15 February 2017 for anyone who purchases prior to this date.

Key exam registration dates:

1 February - 24 May 2019 Testing Window

1 November 2018:
Registration and Scheduling Opens

18 May 2019:
Final Registration Deadline 

23 May 2019:
Final Scheduling Deadline 

Certified Information Systems Auditor (CISA) Training Course

CISA Classroom Course

The Certified Information Systems Auditor (CISA) Training Course has been specifically designed to ensure that you pass the ISACA CISA examination at the first attempt. This four-day course runs at our UK training centres and offers the perfect revision and preparation programme for the CISA exam. Full details of this course, together with dates and venues, can be found on the CISA training course page.

Essential CISA books and study guides

As preparation is essential to passing the CISA examination, we strongly recommend that all delegates purchase the CISA exam study guides before taking the relevant course. All titles are available from our dedicated ISACA Certification Bookstore.

We particularly recommend that you purchase the Official CISA Exam Passport package, which contains copies of the CISA Review Manual, 26th Edition and the CISA Review Questions, Answers and Explanations Manual, 11th Edition.

Continuing professional education

There is a continuing professional education (CPE) policy in respect of qualified CISA professionals. The goal of this policy is to ensure that all CISAs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.

CISAs who successfully comply with the “continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organisations.” The responsibility for setting the continuing professional education requirements rests with the CISA Certification Board, which oversees the process and requirements to ensure their applicability.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period. Maintain Your CISA provides further details.

Speak to an expert

Please contact our team for advice and guidance on our CISA products and services.