Along with passing the CISA certification exam, you must have five or more years of experience in information systems (IS) audit, control, assurance or security to apply for CISA certification. At the discretion of ISACA, you may substitute education and related work experience for up to three years of the required five years of experience.
About the CISA Exam
You will have four hours to answer 200 questions based on the five domains:
- Domain 1: The Process of Auditing Information Systems
- Domain 2: Governance and Management of IT
- Domain 3: Information Systems Acquisition, Development and Implementation
- Domain 4: Information Systems Operations, Maintenance and Support
- Domain 5: Protection of Information Assets
CISAs are required by ISACA to earn 120 Continuing Professional Education (CPE) hours per three-year certification period, with a minimum of 20 hours each year.
Maintaining CISA Certification
The CISA continuing professional education (CPE) policy requires that you attain at least 20 CPE hours per year and 120 CPE hours every three years.