CGEIT Frequently Asked Questions 

 

Get the answers you seek for the topics of Exam Registration & Administration, Certification Requirements and Exam Content.
 

CGEIT Certification :: Application Processing
Exam Registration & Administration :: Exam Content :: Certification Requirements

CGEIT Certification

  1. Why does ISACA offer an IT governance certification?
  2. Who is the CGEIT certification intended for?
  3. Do CISAs and CISMs qualify for CGEIT?

1. Why does ISACA offer an IT governance certification?

Boards and executive management have long understood the need for enterprise and corporate governance. As information technology (IT) has become more important to the achievement of enterprise goals and delivery of benefits, there has been an increasing realization that governance must be extended to IT as well. IT governance is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization's IT sustains and extends the organization's strategies and objectives. ISACA recognized this shift in emphasis in 1998, and formed the IT Governance Institute (ITGI) to focus on original research, publications, resources and symposia on IT governance and related topics. To support and promote this significant body of work, ISACA and the ITGI are proud to offer a certification program for professionals charged with satisfying the IT governance needs of an enterprise.

2. Who is the CGEIT certification intended for?

The CGEIT certification is intended to recognize a wide range of professionals for their knowledge and application of IT governance principles and practices. It is designed for professionals who have a significant management, advisory and/or assurance responsibilities relating to the governance of enterprise IT. Among them are:

  • Chief Executive Officer (CEO)/President
  • Chief Information Officer (CIO)
  • Chief Technology Officer (CTO)
  • Chief Audit Executive (CAE)/Partner/Principal
  • Chief Information Risk Strategist
  • Chief Information Security Officer (CISO)
  • Chief Security Officer (CSO)
  • IT Governance Director/Manager
  • IS/IT Director/Manager
  • IS/IT Consultant
  • IS/IT Audit Director/Manager
  • IS/IT Security Director/Manager
  • IS/IT Compliance Director/Manager
  • Project Manager
  • Business Manager
  • General Manager

3. Do CISAs and CISMs qualify for CGEIT?

The CGEIT certification program recognizes the IT governance components of the CISA and CISM credentials and as such, both certifications can be used as 1-year experience waiver towards the requirements for the CGEIT certification. To see educational and experience waivers for CGEIT, visit www.isaca.org/cgeitrequirements.

Application Processing :: Exam Registration & Administration
Exam Content :: Certification Requirements

CGEIT Application Processing

  1. Where can I find the CGEIT Application?
  2. Is there an application fee?
  3. My view is that IT governance involves assessing how financial resources are to be spent to maximize a business process. Would you agree?
  4. I have been working in assurance or compliance related jobs my entire career. Can I qualify?
  5. Does my Information Security Governance experience qualify as IT Governance experience?
  6. As an IT manager, I've had experience with identifying the skill gaps of the people who work for me. Does that qualify as experience in the Resource Management domain?

1. Where can I find the CGEIT Application?

The CGEIT application is available at www.isaca.org/cgeitapplication.

2. Is there an application fee?

For all applications received 1 June 2012 and after, there will be a US $50 application fee required in order to process ISACA certifications for application.

3. My view is that IT governance involves assessing how financial resources are to be spent to maximize a business process. Would you agree?

IT governance is broader than that. If it were only "assessing how financial resources are to be spent to maximize a business process," then good investment management and program/project management is all you would need. The broader view says that IT governance is about the leadership, the organizational structures, and the processes in the organization that together help ensure that the detailed IT work contributes to business goals and objectives. So good project management practices help make sure you meet time, budget and scope requirements, but IT governance processes are about how those projects get selected and how the available resources get split between new projects and sustaining operations; they're about the measurement of expected business outcomes to actuals. It's about how alignment of the entire IT effort with business objectives is ensured.

4. I have been working in assurance or compliance related jobs my entire career. Can I qualify?

You may but you need to have had experience that goes beyond just doing audits or checking compliance. Go through the CGEIT Job Practice. Think of examples from your roles and responsibilities where you participated in work that furthered the purpose/objective of each of the governance domains. Assurance professionals can, and do, make contributions beyond inspection and reporting. If you have, record those specific examples in the application narrative so that the CGEIT Board Certification Board members can see that you have an understanding of, and experience in, enterprise governance of IT.

5. Does my Information Security Governance experience qualify as IT Governance experience?

Very likely, but not automatically. You need to be able to relate that experience to how it contributed to the broader IT governance domains described in the CGEIT Job Practice.

6. As an IT manager, I've had experience with identifying the skill gaps of the people who work for me. Does that qualify as experience in the Resource Management domain?

Probably not, although it may appear so. For example, there is a task statement in the CGEIT Job Practice that says, "Ensure that the requirements for trained resources with the requisite skill sets are understood and are assessed appropriately." You might be doing that within the organization you manage, but at that level it isn't IT governance, it's good management. The CGEIT Job Practice task statements must be considered within the context of the domain description. In this example, the CGEIT Certification Board is looking at this task as it contributes to the development of "systematic and continuous resource planning, management, and evaluation processes" to "ensure that IT has sufficient, competent and capable resources to execute current and future strategic objectives". If your assessment of the skill gaps of your people was part of a broader governance effort, OR if your efforts somehow lead to better enterprise IT resource planning (beyond your group), then the experience would apply.

CGEIT Certification :: Exam Registration & Administration
Exam Content :: Certification Requirements

Exam Registration & Administration

  1. When will I receive my admission ticket for the June 2012 exam?
  2. What is the exact location of the test site for my June 2012 exam?
  3. What time should I arrive at the exam site?
  4. Can I still defer my June 2012 exam?
  5. What should I bring to the exam?
  6. What is the next exam date?
  7. When will registration open for the 8 December 2012 exam?
  8. How do I provide comments on testing conditions?
  9. How is the exam scored?

1. When will I receive my admission ticket for the June 2012 exam?

Admission tickets for the June 2012 exam were released via email on 27 April 2012. Hard copy tickets will be sent to candidates the week of 30 April 2012 via the post. Candidates can use either a print out of the email e-ticket or the postal copy for entry into the exam.

Candidates can also reprint the ticket online. To reprint, login to www.isaca.org, click on the My ISACA tab and then click on the myCERTIFICATIONS tab where you will find a link to “Print CGEIT Admission Ticket”.

2. What is the exact location of the test site for my June 2012 exam?

The exam details, including the exact exam location, will be listed on your exam admission ticket. To ensure that you arrive in plenty of time for the exam, we recommend that you become familiar with the exact location and the best travel route to your exam site prior to the date of the exam. Test center phone numbers and web site references will be provided (when available) to assist you in obtaining directions to the facility.

3. What time should I arrive at the exam site?

Your arrival time will be listed on your exam ticket. Please check your admission ticket for the exam time for your exam location as time can vary by site.

NO CANDIDATE WILL BE ADMITTED TO THE TEST CENTER ONCE THE CHIEF EXAMINER BEGINS READING THE ORAL INSTRUCTIONS. Any candidate who arrives after the oral instructions have begun will not be allowed to sit for the exam and will forfeit their registration fee.

4. Can I still defer my June 2012 exam?

Candidates unable to take the exam can request a deferral of their registration fees to the next exam date. From 21 April through 24 May, a processing fee of US $100 will be charged. Deferral requests will not be accepted after 24 May 2012. To request a deferral, please go to www.isaca.org/examdefer to complete the process. The exam and deferral fees are nonrefundable. Please note: Deferral requests will not be processed until deferral fees have been paid in full. Payment is due in full by 9 June 2012. All deadlines are based upon Chicago, Illinois USA, 5PM CT (central time).

5. What should I bring to the exam?

In addition to your admission ticket, bring several sharpened No. 2 or HB pencils, an eraser, and an acceptable form of photo identification such as a driver’s license, passport or government ID. This ID must be a current and original government issued identification that contains both your name as it appears on the admission ticket and your photograph. Any candidate who does not provide an acceptable form of identification will not be allowed to sit for the exam and will forfeit their registration fee.

Candidates are not allowed to bring any type of communication device (i.e., cell phone, PDA, Blackberry, etc.) into the test center. If a candidate is observed with any communication device during the exam administration, his/her exam will be voided and he/she will be asked to immediately leave the test site.

Please visit www.isaca.org/cisabelongings, www.isaca.org/cismbelongings, www.isaca.org/cgeitbelongings, and www.isaca.org/criscbelongings for a list of items which are permitted and are not permitted in the exam site.

6. What is the next exam date?

The next exam date is 8 December 2012.

7. When will registration open for the 8 December 2012 exam?

Registration for the 8 December 2012 exam will open mid June. Once open, you can register at www.isaca.org/examreg

8. How do I provide comments on testing conditions?

Candidates wishing to comment on the test administration conditions may do so at the conclusion of the testing session by completing the “Test Administration Questionnaire.” The Test Administration Questionnaire is presented at the back of the examination booklet and your questionnaire answers should be entered in boxes P through S of the Special Codes section (Grid No. 4) on the front of your Answer Sheet.

Candidates who wish to address any additional comments or concerns about the examination administration or content of the examination should contact ISACA international headquarters by e-mail (exam@isaca.org). These comments or concerns are to be received by ISACA within 2 weeks after the examination date. Only those comments received by ISACA during the first 2 weeks after the exam administration will be considered in the final scoring process of the examination.

9. How is the exam scored?

ISACA uses a 200-800 point scale with 450 as the passing mark for the exams. A scaled score is a conversion of the raw score on an exam to a common scale. It is important to note that the exam score is not based on an arithmetic or percent average. For example, the scaled score of 800 represents a perfect score with all 200 questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly.

A candidate must receive a scaled score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established for the exam by the respective ISACA Certification Committee. The passing score of 450 represents the minimum number of questions that must be answered correctly by the candidate in order to demonstrate practical application of the job task and knowledge statements. A candidate receiving a passing score may then apply for certification if all other requirements are met.

CGEIT Certification :: Application Processing :: Exam Content :: Certification Requirements

Exam Content

  1. How long is the exam?
  2. What does the CGEIT exam cover?
  3. What is the CGEIT job practice and how was it developed?

1. How long is the exam?

A candidate is given 4 hours to complete the exam.

2. What does the CGEIT exam cover?

The CGEIT exam will cover (6) IT governance domains, each of which is further defined and detailed through task and knowledge statements. The governance areas, or domains, include: IT Governance Framework, Strategic Alignment, Value Delivery, Risk Management, Resource Management, and Performance Measurement. For specific details, please go to Job Practice Areas.

3. What is the CGEIT job practice and how was it developed?

ISACA's philosophy toward certification is to measure the individuals' ability and knowledge as it pertains to the performance of their job. The job practice serves as the basis for the exam and the experience requirements to earn the CGEIT certification. This job practice consists of task and knowledge statements, organized by domains. These statements and domains were based on feedback from IT governance subject matter experts from around the world. Numerous reference sources were also utilized including research conducted by the IT Governance Institute and COBIT 4.1.

View the detailed CGEIT Job Practice Areas.

CGEIT Certification :: Application Processing
Exam Registration & Administration :: Certification Requirements

Certification Requirements

  1. What do I need to do if I've received a revocation notice?
  2. Where can I find the CGEIT application for certification?
  3. What are the qualifications to earn the CGEIT credential?
  4. What does the CGEIT continuing professional education program require?
  5. How can I earn CPE credits online?
  6. How do I submit my annual continuing profession education (CPE) hours to ISACA?
  7. How can I renew my certification for 2012?
  8. How can I report my CPE?
  9. Does ISACA provide a discount on certification maintenance (renewal) fees if I have multiple certifications?
  10. What does a CGEIT “in good standing” mean?
  11. Do I need to submit documentation for my CPE hours?
  12. I was selected for an audit of my CPE hours and have provided the documentation. When will I receive a confirmation?

1. What do I need to do if I've received a revocation notice?

If you have received a revocation notice, please contact certification@isaca.org.

2. Where can I find the CGEIT application for certification?

There are three ways to obtain the CGEIT application:

  Online Application Form

  Download application (450K)

  Request an application (sent in postal mail)

3. What are the qualifications to earn the CGEIT credential?

Qualifying for CGEIT requires a combination of four "e's": experience, ethics, education and exam. Specifically, the requirements are:

  • Earn a passing score on the CGEIT exam
  • Adhere to the ISACA Code of Professional Ethics
  • Commit to abide by the CGEIT Continuing Professional Education Policy
  • A minimum of 5 years of experience managing, serving in an advisory or oversight role, and/or otherwise supporting the governance of the IT-related contribution to an enterprise. This experience is defined specifically by the domains and task statements described in the CGEIT Job Practice. Some substitutions and waivers of such experience are available.

CGEIT Requirements >>

4. What does the CGEIT continuing professional education program require?

In order to become and remain a CGEIT, an individual must agree to comply with the CGEIT continuing professional education program. This program requires an individual to earn a minimum of 20 CPE hours annually and 120 CPE hours over their 3-year cycle. In addition, an annual maintenance fee of US $40 ISACA member and US $85 non-member is required.

  Download CGEIT CPE Policy

5. How can I earn CPE credits online?

ISACA members can earn CPE hours by taking and passing an ISACA Journal CPE Quiz online. One CPE hour is awarded per quiz. ISACA members may also earn CPEs online by participating in eSymposia, offered live each month or may be accessed on demand via the archives. For more information, please go to webcasts. In order to claim the CPE hours (generally 3 hours per e-Symposium), a passing score must be earned on the quiz.

6. How do I submit my annual continuing profession education (CPE) hours to ISACA?

CPE hours are reported annually during the renewal process which begins in October/November of each year. At renewal time, you will be asked to report the total number of CPE hours that you earn during the cycle year. Please keep track of the activities you take and retain the supporting documentation so that you are able to properly report your hours. You will be sent an email notification when the renewal process opens each year. At that time, you can go to our web site and pay your annual dues and report your CPE hours at www.isaca.org/renew. Alternatively, you can wait until we send you the hard copy annual invoice and use that as the mechanism to make your payment and report your CPE hours.

7. How can I renew my certification for 2012?

Log in at www.isaca.org – click the MY ISACA tab at the top of the page and then click the RENEW button within the page. Renewal of your certification requires payment of the annual maintenance fee and reporting the required CPE hours.

If you have forgotten your password, click on "Forgot Password?" link. After remitting your payment by credit card, you will receive a purchase receipt online and via email, in addition to a receipt by postal mail. If you are not paying by credit card and want to pay by check or bank transfer, click the "Pay by Check or Bank Transfer" button when you reach the shopping cart.

8. How can I report my CPE?

To update or enter CPE hours, log in to www.isaca.org using your personalized login credentials.

  • Click on the MY ISACA tab at the top of the page
  • Click on My CERTIFICATIONS tab
  • Click the Edit MY CPE Hours link
  • Click on My Demographic, Certification CPE and Other Information tab. Scroll to the bottom of the page to view and edit the appropriate CPE fields.
  • Enter CPE hours - then click Save at the bottom of the page.

You may also use this form to update personal contact, demographic and professional information.

9. Does ISACA provide a discount on certification maintenance (renewal) fees if I have multiple certifications?

Yes, for those individuals who renew 3 or more ISACA certifications, ISACA offers a discount on the 3rd and 4th renewal fees of $15 for members and $35 for nonmembers.

10. What does a CGEIT “in good standing” mean?

In order to be a CGEIT “in good standing”, the following must be achieved:

  • Certification granted from the corresponding Board, resulting from an approved application
  • Continuing professional education is current and up-to-date
  • All renewal fees/maintenance payments are current
  • Continued compliance with the ISACA’s Code of Professional Ethics

11. Do I need to submit documentation for my CPE hours?

Documentation of CPE hours does not need to be provided to ISACA unless you are selected for an audit of your CPE hours.

12. I was selected for an audit of my CPE hours and have provided the documentation. When will I receive a confirmation?

If any additional information is required or there are questions regarding your documentation, we will contact you directly via email. Once your audit documentation has been reviewed and approved, a notice will be sent to you via the post. If you have not been contacted or received notification of compliance from the certification department please contact us at CGEITaudit@isaca.org.

CGEIT Certification :: Application Processing
Exam Registration & Administration :: Exam Content