Press Release


 US Department of Defense Policy Calls for Certifying Up to 80,000: ISACA’s CISA and CISM Among Approved Certifications 

Rolling Meadows, IL, USA (30 May 2006)—US Department of Defense (DoD) 8570.01-M “Information Assurance Workforce Improvement Program” manual names ISACA’s Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications among those approved for DoD information assurance (IA) professionals. The directive requires up to 80,000 professionals to earn one of 13 certifications offered by five organizations.

The DoD’s IA professionals are classified into two categories—information assurance technical (IAT) and information assurance managerial (IAM)—that are each divided into three levels. CISA is among the four approved baseline certifications for professionals in IAT Level III, and CISM is among the three approved certifications for professionals in IAM Levels II and III.

“The inclusion of CISA and CISM in the limited list of approved certifications for Department of Defense IA professionals is a testament to the quality and caliber of ISACA’s designations,” said Everett Johnson, ISACA’s international president. “ISACA’s certifications have been achieving dramatic growth and recognition. Both CISA and CISM experienced record registration for the 2005 exams and have been named among the highest-paying certifications by the independent Foote Partners LLC.”

Among other international recognition, assistant examiners employed by the US Federal Reserve Banks must pass the CISA examination before they are eligible for commissioning; the National Stock Exchange of India has recognized CISA as a requirement to conduct systems audits; and in Singapore, CISA was accredited under the Critical IT Resource Program of the National Infocomm Competency Centre (NICC), the national body that oversees accreditation of IT-related certifications. Additionally, CISM is a recognized credential in the Security Solutions Competency of Microsoft’s Partner Program.

More than 50,000 professionals have earned the CISA certification since its inception in 1978. The CISM designation has been earned by more than 6,000 professionals since it was established in 2002. Both certifications were awarded accreditation under ISO/IEC 17024 by the American National Standards Institute (ANSI) in 2005—one of the requirements for DoD-approved certifications.

“The ultimate vision of Directive 8570.1 is a sustained, professional IA workforce with the knowledge and skills to effectively secure our enterprise information systems,” said George Bieber, deputy director, IA Human Resources and Training, Defense-wide IA Program. “This effort will enable DoD to put the right people with the right skills in the right places, and it’s a tremendous opportunity for personnel to get the training they need to keep current with security in a continuously changing technology environment.”

About ISACA®

With nearly 53,000 members who live and work in more than 140 countries, ISACA® ( is a recognized worldwide leader in IT governance, control, security and assurance. Founded in 1969, the nonprofit, independent ISACA sponsors international conferences, publishes the Information Systems Control Journal®, develops international information systems auditing and control standards, and administers the globally respected CISA and CISM certifications.

Media Contacts:

Kristen Bertholomey, +1.847.590.7455,
Deborah Vohasek, +1.847.590.7466,
3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008