Instructions for Completion of the Application (Sections A1-A4) (Click to Expand or Collapse Instructions)

CGEIT Certification�Code of Professional Ethics  (will open in a new window or tab)

I have read and understand the above referenced Ethics statements and will adhere to them.


Application for CGEIT Certification
       Exam Passers 2008-2012

Page A1
Applicant Name: Exam ID #:

A. IT Governance Experience

�For each employer (starting with the most current), enter information pertaining to the positions where you have performed tasks specifically described in the CGEIT job practice domains (see pages V1-V2 for task descriptions).
  Employer Name and Job Title Dates of employment
performing CGEIT tasks
Duration of experience CGEIT job practice areas in which tasks were performed (check all that apply below the number of each domain)
1 Employer Name MM/YY to MM/YY Years Months 1 2 3 4 5 6
Job Title to
2 Employer Name MM/YY to MM/YY Years Months 1 2 3 4 5 6
Job Title to
3 Employer Name MM/YY to MM/YY Years Months 1 2 3 4 5 6
Job Title to
Add the years and months of duration of experience and total to the right
(must be a total of three or more years) in Section A.
Are your total cumulative years of experience in CGEIT Domain 1, one(1) year or greater?    (Check Yes or No)

B. Substitutions for IT Governance Experience (two (2) years maximum allowed)

To recognize other management experience and/or the achievement of IT-governance related credentials, advanced (post-graduate) degrees and certificates, up to two (2) years of experience can be substituted.

(1) Other Management Experience (up to one (1) year substitution)

For each employer (starting with the most current), enter information pertaining to the positions where you have had other management responsibility. This experience cannot be claimed during the same dates of employment in section A above.
  Employer Name Job Title Dates of
Duration of
MM/YY to MM/YY Years Months
1 to
2 to
3 to
Total years and months of other management experience (maximum 1 year):

(2) Credentials, Advanced Degrees and Certificates (one (1) year substitution each.)

One year of experience may be substituted for each of the following credentials, advanced (post-graduate) degrees and certificates. Check each that apply below.

Yes  CISA in good standing with ISACA
Yes  CISM in good standing with ISACA
Yes  CITP in good standing with the American Institute of CPAs (attach a copy of your certificate)
Yes  CITP in good standing with the British Computer Society (attach a copy of your certificate)
Yes  PMP in good standing the Project Management Institute (attach a copy of your certificate)
Yes  I.S.P. in good standing with the Canadian Information Processing Society (attach a copy of your certificate)
Yes  CIA issued by the Institute of Internal Auditors (attach a copy of your certificate)
Yes  CBM issued by The Association of Professionals in Business Management (attach a copy of your certificate)
Yes  Achieved ITIL Service Manager certification (attach a copy of your certificate)
Yes  Achieved Implementing IT Governance using COBIT or Val IT certificate issued by ISACA (Val IT certificate available in 2009)
Yes  Achieved Prince2�Registered Practitioner certification from the Office of Government Commerce (attach a copy of your certificate)
Yes  Other: (please list)
Yes  Other: (please list)
Applicant Name: Exam ID #: Page A1.1
Institution Name Degree name Date awarded

B. Summary

  Duration of Experience
Substitutions Claimed Years Months
(1) Other Management Experience
(2) Credentials, Advanced Degrees and Certificates

C. Summary of Work Experience

Record the total number of years from sections A and B in the appropriate box below. The total in box A must be three (3) years or more. The total in box B can be no greater than two (2) years, which is the maximum allowable substitution allowed.
  Years Months  
Total years of IT governance experience (Must be 3 years or more) from Section A above
Total number of years being substituted (Must be 2 years or less) from Section B Summary above
Total Work Experience�add boxes (Must be 5 years or more) Total

  Page A2

Applicant Information

First Name Middle Name/Initial Last/Family Exam ID#
E-mail Address: Applicant's Phone Number:
Immediate Supervisor Name: Supervisor Title
Supervisor E-mail Address: Supervisor Business Phone:
Person(s) you have requested to verify your work experience (a work experience verification form must be submitted for each person listed below):

Verifier(s) Contact Information

1. Name: Title:
Company: Business Phone Number:
E-mail Address:
2. Name: Title:
Company: Business Phone Number:
E-mail Address:
3. Name: Title:
Company: Business Phone Number:
E-mail Address:
ISACA reserves the right to contact your immediate supervisor and verifiers for confirmation of work experience.
I hereby apply to ISACA for the Certified in the Governance of Enterprise IT (CGEIT) certification in accordance with and subject to the procedures and policies of ISACA. I have read and agree to the conditions set forth in the CGEIT Application for Certification and the Continuing Professional Education (CPE) Policy in effect at the time of my application, covering the Certification process; and CPE policy.I agree to provide proof of meeting the eligibility requirements and that ISACA may ask for clarification or further verification of information submitted and/or may directly contact the verifying professional to confirm the information submitted; comply with the requirements to attain and maintain the certification, including eligibility requirements carrying out the tasks of a CGEIT; complying with ISACA�s Code of Ethics, standards, and policies as appropriate, and to fulfill renewal requirements; notify the ISACA certification department promptly if I am unable to comply with the certification requirements; carry out the tasks of a CGEIT; make claims regarding certification only with respect to the scope for which certification has been granted; not use the CGEIT certificate or logos or marks in a misleading manner. I understand and agree that my Certification application will be denied and any credential granted me by ISACA will be revoked and forfeited in the event that any of the statements or answers provided by me in this application are false or in the event that I violate any of the examination rules or requirements. I understand that all certificates are owned by ISACA and if my certificate is granted and then revoked, I will destroy the certificate, discontinue its use and retract all claims of my entitlement to the Certification .

I authorize ISACA to make any and all inquiries and investigations it deems necessary to verify my credentials and my professional standing. I acknowledge that if I am granted the CGEIT certification, my certification status will become public, and may be disclosed by ISACA to third parties who inquire. If my application is not approved, I understand that I am able to appeal the decision by contacting Appeals undertaken by a certification exam taker, certification applicant or by a certified individual are undertaken at the discretion and cost of the examinee or applicant.

By signing below, I authorize ISACA to disclose my certification status. This contact information will be used to fulfill my certification inquiries and requests, and may also be used by ISACA to send me information about related ISACA goods and services, and other information in which ISACA believes I may be interested. By signing below, I authorize ISACA to contact me at the address and numbers provided and that the information I provided is my own and is accurate. I authorize ISACA to release confidential certification application and certification information if required by law or as described in ISACA�s Privacy Policy.

To learn more about how we use the information you have provided on this form, please read our Privacy Policy, available at If you are already an ISACA member, and/ or if you elect to attend one of our events or purchase other ISACA programs or services, information you submit may also be used as described to you at that time.

I hereby agree to hold ISACA, its officers, directors, examiners, employees, and agents, harmless from any complaint, claim, or damage arising out of any action or omission by any of them in connection with this application; the application process; the failure to issue me any certificate; or any demand for forfeiture or redelivery of such certificate.


Name: Date:

(For your application to be complete you must sign and date on the line above.)

Applicant Name: Exam ID #: Page V1

Verification of Work Experience

I, , am applying through ISACA for the Certified in the Governance of Enterprise IT (CGEIT) certification. As such, my IT governance and management work experience must be independently verified by my current and/or previous employer(s). The individual verifying the work experience must be an independent verifier and not of any relation to the applicant nor can the applicant verify his/her own work. If I currently or once worked as an independent consultant, I can use a knowledgeable client or colleague to perform this role.

I would appreciate your cooperation in completing this form, by verifying my IT governance and/or management work experience as noted on my application form attached and as described by CGEIT job practice domains and task statements (see below and reverse side of form). Please return the completed form to me for my submission to ISACA. If you have any questions concerning this form, please direct them to or +1.847.660.5660. Thank you.

DateApplicant's Signature

Employer's Verification Information

Verifier's Name Company Name
Professional Title  
Street Address State / Province
Street Address Line 2 Postal/Zip Code
City Country
Company Telephone Number Company Email Address
Name of Employer being verified in Section A1
The following statements are to be confirmed by the Verifier after printing the application:
1. I have functioned in a supervisory or other related position to the applicant and can verify his/her IT governance work experience (see Section A of Application).    Yes   No   N/A
2. I can attest to the duration of the applicant's other management work experience (see Section B of Application) with my organization.   Yes No N/A
3. I am qualified and willing to verify the applicant's:
� IT governance work experience (see Section A of Application) prior to his/her affiliation with my organization.   Yes No N/A
� Other management work experience (see Section B of Application) prior to his/her affiliation with my organization.   Yes No N/A
4. If verifying IT governance work experience:
� I can attest that the tasks performed by the applicant with my organization, as listed on pages V2 and V3 of this form, are correct to the best of my knowledge. If no, what is incorrect?
  Yes No
� I can attest to the fact that, according to the CGEIT job practice domains and task statements, the applicant has worked in, and is competent in, performing tasks in these areas.   Yes No
5. Is there any reason you believe this applicant should not be certified in the governance of enterprise IT?   Yes No

Date Verifier's Signature

Applicant Name: Exam ID #: Page V2
Verifier Name:

CGEIT Job Practice Areas

Domain 1�IT Governance Framework�Develop, or be part of the development of, an IT governance framework that includes the following responsibilities and tasks.
Define the requirements and objectives for, and drive the establishment of, IT governance in an enterprise, considering values, philosophy, management style, IT awareness, organization, standards and policies.
Ensure that an IT governance framework exists and is based on a comprehensive and repeatable IT process and control model that is aligned with the enterprise governance framework.
Establish appropriate management governance structures, such as an enterprise investment committee, IT strategy committee, IT steering committee, technology council, IT architecture review board, business needs committee and IT audit committee.
Ensure that the enterprise and IT governance frameworks enable the enterprise to achieve optimal value for the enterprise.
Confirm that the IT governance framework ensures compliance with applicable external requirements and ethical statements that are aligned with, and confirm delivery of, the enterprise�s goals, strategies and objectives.
Obtain independent assurance that IT conforms with relevant external requirements; contractual terms; organizational policies, plans and procedures; generally accepted practices; and the effective and efficient practice of IT.
Apply IT best practices to enable the business to achieve optimal value from implementation of IT services and IT-enabled business solutions.
Ensure the establishment of a framework for IT governance monitoring (considering cost/benefits analyses of controls, return on investment for continuous monitoring, etc.), an approach to track all IT governance issues and remedial actions to closure, and a lessons-learned process.
Ensure that appropriate roles, responsibilities and accountabilities are established and enforced for information requirements, data and system ownership, IT processes, and benefits and value realization.
Report IT governance status and issues, and effect transparency in reporting.
Establish a communications plan to continuously market, communicate and reinforce the need and value of IT governance across the enterprise.
Domain 2�Strategic Alignment: Develop, or be part of the development of, an enterprise�s IT strategy that includes the following responsibilities and tasks.
Define and implement a strategic planning framework, requiring and facilitating collaborative and integrated business and IT management planning.
Actively support/promote and participate in IT management planning by employing best practice enterprise architecture (EA) frameworks.
Ensure that appropriate policies and procedures are in place, understood and followed to support IT and business strategic alignment.
Identify and take action on barriers to strategic alignment.
Ensure that effective communication and engagement exists between business and IT management regarding shared strategic initiatives and performance.
Ensure business and IT goals cascade down through the enterprise into clear roles, responsibilities and actions.
Assist senior management by aligning IT initiatives with business objectives and facilitating prioritization of business strategies that optimally achieve business objectives.
Identify and monitor the interdependencies of strategic initiatives and their impact on value delivery and risk.
Ensure that the strategic planning process is adequately documented, transparent and meets stakeholder needs.
Maintain and update the IT management plans, artifacts and standards for the enterprise.
Monitor, evaluate and report on the effectiveness of the alignment of IT and enterprise strategic initiatives.
Monitor and assess current and future technologies and provide advice on the costs, risks and opportunities that they bring.
Domain 3�Value Delivery: Develop, or be part of the development of, a systematic, analytical and continuous value governance process that includes the following responsibilities and tasks.
Ensure that business takes ownership and accountability for business cases, business transformation, organizational change, business process operation and benefit realization for all IT-enabled business investments.
Ensure that all IT-enabled investments are managed as a portfolio of investments.
Ensure that all IT-enabled investments are managed as programs and include the full scope of activities and expenditures that are required to achieve business value.
Ensure that all IT-enabled investments are managed through their full economic life cycle so that value is optimized.
Recognize that different categories of investments need to be evaluated and managed differently.
Ensure that all IT solutions are developed and maintained effectively and efficiently through the development life cycle to deliver the required capabilities.
Ensure that all IT services are delivered to the business with the right service levels.
Ensure that IT services enable the business to create the required business value using assets (people, applications, infrastructure and information) to deliver the appropriate capabilities at optimal cost.
Define and monitor appropriate metrics for the measurement of solution and service delivery against objectives and for the measurement of benefits realized, and respond to changes and deviations.
Engage all stakeholders and assign appropriate accountability for delivery of business and IT capabilities and realization of benefits.
Ensure that IT investments, solutions and services are aligned with the enterprise strategies and architecture.
Applicant Name: Exam ID #: Page V3
Verifier Name:
Domain 4�Risk Management: Develop, enhance and maintain a systematic, analytical and continuous enterprise risk management process across the enterprise that includes the following responsibilities and tasks.
Ensure that IT risk identification, assessment, mitigation, management, communication and monitoring strategies are integrated into business strategic and tactical planning processes.
Align the IT risk management processes with the enterprise business risk management framework (where this exists).
Ensure a consistent application of the risk management framework across the enterprise IT environment.
Ensure that risk assessment and management is included throughout the information life cycle.
Define risk management strategies, and prioritize responses to identified risks to maintain risk levels within the appetite of the enterprise.
Ensure that risk management strategies are adopted to mitigate risk and to manage to acceptable residual risk levels.
Implement timely reporting on risk events and responses to appropriate levels of management (including the use of key risk indicators, as appropriate).
Establish monitoring processes and practices to ensure the completeness and effectiveness of established risk management processes.
Domain 5�Resource Management: Develop, or assist in the development of systematic and continuous resource planning, management and evaluation processes that include the following responsibilities and tasks.
Ensure that the requirements for trained resources with the requisite skill sets are understood and are assessed appropriately.
Ensure the existence of appropriate policies for the training and development of all staff to help meet enterprise requirements and personal/professional growth.
Develop and facilitate the maintenance of systems to record the resources available and potentially available to the enterprise.
Undertake gap analyses to determine shortfalls against requirements to ensure that the business and IT resources (people, application, information, infrastructure) are able to meet strategic objectives.
Effectively and efficiently ensure clear, consistent and enforceable human resource allocation to investment programs and services.
Ensure that sourcing strategies are based on the effective use of existing resources and the identification of those that need be acquired.
Ensure that people, hardware, software and infrastructure procurement policies exist to effectively and efficiently fulfill resource requirements.
Through periodic assessment of the training requirements for human resources, ensure that sufficient, competent and capable human resources are available to execute the current and future strategic objectives and that they are kept up to date with constantly evolving technology.
Ensure integration of resource identification, classification, allocation and periodic evaluation processes into the business�s strategic and tactical planning and operations.
Ensure that the IT infrastructure is standardized; economies of scale are achieved, wherever possible; and interoperability exists, where required, to support the agility needs of the enterprise.
Ensure that IT assets are managed and protected through their economic life cycle and are aligned with current and long-term business operations requirements to support cost-effective achievement of business objectives.
Domain 6�Performance Measurement; Develop, or assist in the development of, systematic and continuous performance management and evaluation processes that include the following responsibilities and tasks.
Establish the enterprise�s strategic IT objectives, with the board of directors and executive leadership team, categorized into four areas: financial (business contribution), customer (user orientation), internal process (operational excellence), learning and growth (future orientation), or whatever areas are appropriate for the enterprise.
Establish outcome and performance measures, supported by metrics, and targets that assess progress toward the achievement of enterprise and IT objectives and the business strategy.
Evaluate IT process performance, track IT investment portfolio performance, and measure IT service delivery through the use of outcome measures and performance drivers.
Use maturity models and other assessment techniques to evaluate and report on the health of the enterprise�s performance level.
Use continuous performance measurement to identify, prioritize, initiate and manage improvement initiatives and/or appropriate management action.
Report relevant portfolio, program and IT performance to relevant stakeholders in an appropriate, timely and accurate manner.

Insert Additional Verification of Work Experience

Clicking the Print button below does not submit your information.
Please sign the completed application and either email, fax or postal mail your application to:

3701 N. Algonquin Rd.
Suite 1010
Rolling Meadows, IL, USA 60008
Fax: 847.253.1443