Documente Academic
Documente Profesional
Documente Cultură
ISACA
Trustin,andvaluefrom,informationsystems
www.isaca.org
05/02/2013
ISACAFacts
ANSIAccreditation
05/02/2013
CISACertificationDetails
www.isaca.org/cisa
WhyBecomeaCISA?
EnhancedKnowledgeandSkills Todemonstrateyourwillingnesstoimproveyourtechnical knowledgeandskills Todemonstratetomanagementyourproficiencytoward organizationalexcellence CareerAdvancement Toobtaincredentialsthatemployersseek Toenhanceyourprofessionalimage WorldwideRecognition Tobeincludedwithover90,000otherprofessionalswhohave gainedtheCISAdesignationworldwide
05/02/2013
CISAintheWorkplace
Nearly2,500areemployedinorganizationsastheCEO,CFOor equivalentexecutiveposition. Morethan2,000serveaschiefauditexecutives,auditpartnersor auditheads. Over2,200serveasCIOs,CISOs,orchiefcompliance,riskorprivacy officers. Almost8,200areemployedassecuritydirectors,managersor consultantsandrelatedstaff. Morethan10,400areemployedasITdirectors,managers, consultantsandrelatedstaff. Nearly27,000serveasauditdirectors,managersorconsultantsand auditors(ITandnonIT). Over7,800areemployedinmanagerial,consultingorrelated positionsinIToperationsorcompliance.
RecentCISAProgram Recognitions
05/02/2013
RecentCISAProgram Recognitions
The WorldLotteryAssociation(WLA)hasrecognizedISACAs CISAandCISMascertificationsthatarerequiredforsomeone tobeaWLAauditor.TheWLAsGuidetoCertificationforthe WLASecurityControlStandarddetailsthatacertification auditorseekingaccreditationfromtheWLAtoconductWLA SCScertificationauditsshouldbeactivelyinvolvedinthe businessofinformationsystems,beeitherISO/IEC27001:2005 leadauditorcertified,oranITsecurityexpertorITauditor,as certifiedbyaninternationallyrecognizedcertificationbody, possessexperienceinthelotterysectorofreasonableduration andholdoneormoredesignationsofwhichtheCISAand CISMcertificationsqualify.
OtherCISAProgram Recognitions
TheUSDepartmentofDefenseincludesCISAinitslistofapproved certificationsforitsinformationassuranceprofessionals. InIndia,boththeNationalStockExchangeandtheIndianComputer EmergencyResponseTeam(CERTIN)requireCISAcertificationfor employeestocarryoutsecurityaudits. AllassistantexaminersemployedbytheFederalReserveBanksmust passtheCISAexaminationbeforetheyareeligibleforcommissioning. TheNationalAssociationofInsuranceCompanies(NAIC)includes CISAamongtheapprovedcertificationsforqualifiedITexaminers. Moreinformationmaybefoundatwww.isaca.org/recognitions
05/02/2013
CISAs by Area
CISAJobPracticeAreas
(Effective2011)
Domain1 TheProcessofAuditingInformationSystems(14%)
ProvideauditservicesinaccordancewithITauditstandardstoassistthe organizationinprotectingandcontrollinginformationsystems.
Domain2 GovernanceandManagementofIT(14%)
Provideassurancethatthenecessaryleadershipandorganizationstructureand processesareinplacetoachieveobjectivesandtosupporttheorganization's strategy.
05/02/2013
CISAJobPracticeAreas
(Effective2011) (continued)
www.isaca.org/cisajobpractice
CISACertification Requirements
EarnapassingscoreontheCISAExam Submitverifiedevidenceofaminimumoffiveyears ofverifiableISaudit,controlorsecurityexperience (substitutionsavailable) SubmittheCISAapplication(within5yearsof passingdate)andreceiveapproval AdheretotheISACACodeofProfessionalEthics AbidebyISAuditingStandards asadoptedbyISACA Complywithcontinuingprofessionaleducation policy
05/02/2013
Administrationof theCISAExam
2012ExamDates:
Saturday8June2013 Saturday14December2012 TheCISAexamisofferedin11languagesandatover240 locationsworldwide OfferedineverycitywherethereisanISACAchapterora largeinterestinindividualssittingfortheexam Passingmarkof450onacommonscaledscaleof200to 800
2013RegistrationFees Exam:8June2013
EarlyRegistration Onorbefore13February2013:
ISACAMember:US$485.00(less$75ifonlinereg.) NonMember:US$660.00(less$75ifonlinereg.)
FinalRegistration After13February,butonorbefore12April2013:
ISACAMember:US$535.00(less$75ifonlinereg.) NonMember:US$710.00(less$75ifonlinereg.)
RegisterOnlineatwww.isaca.org/examreg andsave$$
OnlineregistrationviatheISACAwebsiteisencouraged,as candidateswillsaveUS$75.NonmemberscanjoinISACAatthe sametime,whichmaximizestheirsavings.
Examregistrationfeesmustbepaidinfulltositfortheexams.Thosewhoseexam registrationfeesarenotpaidwillnotbesentanexamadmissionticketandtheir registrationwillbecancelled.
05/02/2013
2013RegistrationFees Exam:14December2013
EarlyRegistration Onorbefore21August2013:
ISACAMember:US$445.00(less$75ifonlinereg.) NonMember:US$595.00(less$75ifonlinereg.)
FinalRegistration After21August,butonorbefore25October2013:
ISACAMember:US$495.00(less$75ifonlinereg.) NonMember:US$645.00(less$75ifonlinereg.)
RegisterOnlineatwww.isaca.org/examreg andsave$$
OnlineregistrationviatheISACAwebsiteisencouraged,as candidateswillsaveUS$50.NonmemberscanjoinISACAatthe sametime,whichmaximizestheirsavings.
Examregistrationfeesmustbepaidinfulltositfortheexams.Thosewhoseexam registrationfeesarenotpaidwillnotbesentanexamadmissionticketandtheir registrationwillbecancelled.
BulletinofInformation andRegistrationForm
ThereisaBulletinofInformation foreachexam administrationforeachexam. TheCISABulletinofInformation canbedownloadedfromthe ISACAwebsiteat:www.isaca.org/cisaboi Isavailablein11languages. Bulletinincludes:
Requirementsforcertification Examdescription Registrationinstructions Testdateprocedures Scorereporting Testcenterlocations Registrationforms
05/02/2013
TypesofQuestionson theCISAExam
QualityoftheExam Ensuredby:
JobPracticeAnalysisStudy: Determinescontent TestDevelopmentStandards: Ensureshighstandardsforthe developmentandreviewofquestions ReviewProcess: Providestworeviewsofquestionsby independentcommitteesbeforeacceptanceintopool PeriodicPoolCleaning: Ensuresthatquestionsinthepoolare uptodatebycontinuouslyreviewingquestions StatisticalAnalysisofQuestions: Ensuresqualityquestions andgradingbyanalyzingexamstatisticsforeachlanguage
10
05/02/2013
2013StudyMaterials
ISACAMembers
NonMembers
11
05/02/2013
HowtoStudyfor theCISAExam
ReadtheCandidatesGuidethoroughly StudytheCISAReviewManual WorkthroughtheCISAReviewQuestions,Answers& ExplanationsManual,SupplementandCD ParticipateinanISACAChapterReviewCourse Readliteratureinareaswhereyouneedtostrengthenskills Spendtimestudyingthecomplementofyourfield:Ifexternal auditor,studyISauditfromtheinternalauditperspectiveand viceversa Joinororganizestudygroups TaketheISACAonlinereviewcourse,availableat www.isaca.org/elearningcampus.
Applicationfor Certification
Isavailableatwww.isaca.org/cisaapp Contains:
Requirementsforcertification CodeofProfessionalEthics Instructionsforcompletionofform.Translatedinstructions arealsoavailableatwww.isaca.org/cisaapp. Verificationofworkexperienceforapplicantform CISAapplicationform
12
05/02/2013
CISAContinuingProfessional Education(CPE)PolicyDetails
www.isaca.org/cisacpepolicy
ContinuingProfessional Education(CPE)Requirements
Oncecertified,thecertificationmustberenewedannually.Maintainingthe certificationrequires: Earningandreportinganannualminimumof20hoursofcontinuing professionaleducation Earningandreportingaminimumof120hoursofcontinuingeducation foreachfixedthreeyearperiod(each3yearcycle) Paytheannualcertificationmaintenancefee Respondandsubmitrequireddocumentationofcontinuingeducation activitiesifselectedforanannualaudit ComplywiththeISACACodeofProfessionalEthics (www.isaca.org/ethics)
ISACAmembershipprovidesmanyCPEopportunitieswhichcanassistyou withmeetingthisrequirement.Formoredetailsvisitwww.isaca.org/cpe.
13
05/02/2013
ISACACodeof ProfessionalEthics
ISACAsetsforththisCodeofProfessionalEthicstoguidetheprofessionalandpersonal conductofmembersoftheassociationand/oritscertificationholders.Failuretocomply withthisCodeofProfessionalEthicscanresultinaninvestigationintoamember'sor certificationholder'sconductand,ultimately,indisciplinarymeasures.
Members and ISACA certification holders shall: 1. Supporttheimplementationof,andencouragecompliancewith, appropriatestandardsandproceduresfortheeffectivegovernanceand managementofenterpriseinformationsystemsandtechnology, including: audit,control,securityandriskmanagement. 2. Performtheirdutieswithobjectivity,duediligenceandprofessionalcare, inaccordancewithprofessionalstandards. 3. Serveintheinterestofstakeholdersinalawfulmanner,whilemaintaining highstandardsofconductandcharacter,andnot discreditingthe professionortheAssociation.
ISACACodeof ProfessionalEthics
(continued)
MembersandISACAcertificationholdersshall: 4.Maintaintheprivacyandconfidentialityofinformationobtainedinthe courseoftheiractivitiesunlessdisclosureisrequiredbylegalauthority. Suchinformationshallnotbeusedforpersonalbenefitorreleasedto inappropriateparties. 5.Maintaincompetencyintheirrespectivefieldsandagreetoundertakeonly thoseactivitiestheycanreasonablyexpecttocompletewiththenecessary skills,knowledgeandcompetence. 6. Informappropriatepartiesoftheresultsofworkperformed;revealingall significantfactsknowntothem. 7. Supporttheprofessionaleducationofstakeholdersinenhancingtheir understandingofthegovernanceandmanagementofenterprise informationsystemsandtechnology,including: audit,control,securityand riskmanagement. www.isaca.org/ethics
14
05/02/2013
Wanttoknowmore? Pleasecontactusat:
15