How to Become CGEIT Certified 


The CGEIT certification is intended to recognize a wide range of professionals for their knowledge and application of IT governance principles and practices.  

Requirements for CGEIT Certification—2012 exams and prior

The CGEIT is designed for professionals who have management, advisory, and/or assurance responsibilities relating to the governance of IT. To earn the CGEIT credential, an individual must:

  1. Pass the CGEIT exam
  2. Adhere to the ISACA Code of Professional Ethics
  3. Agree to comply with the CGEIT Continuing Education Policy
  4. Provide evidence of appropriate IT governance work experience as defined by the CGEIT Job Practice
View New Requirements for those testing effective
June 2013 and beyond

IT Governance Experience

Five (5) or more years of experience managing, serving in an advisory or oversight role, and/or otherwise supporting the governance of the IT-related contribution to an enterprise is required to apply for certification. This experience is defined specifically by the domains and task statements described in the CGEIT Job Practice.


A minimum of 1 year of experience relating to the development and/or maintenance of an IT governance framework is required. The type and extent of experience accepted is described in CGEIT domain 1 (see IT Governance Framework in Job Practice Areas).

Additional broad experience directly related to any two or more of the remaining CGEIT domains is required. The type and extent of experience accepted is described in CGEIT domains 2 through 6. These domains are:

  • Strategic Alignment
  • Value Delivery
  • Risk Management
  • Resource Management
  • Performance Measurement

Individuals can take the CGEIT exam prior to earning the above work experience.

Substitutions for IT governance experience (2 years maximum)

To recognize other management experience and/or the achievement of specific IT governance related credentials, advanced (post-graduate) degrees and certificates, up to two (2) years of the five years of required IT governance experience can be substituted.

Specifically, each of the following will qualify (substitute) for one (1) year of IT governance experience, with a maximum of two years of substitutions being accepted.

  • Other Management Experience—Other management experience that is not specific to IT governance, such as performing consulting, auditing, assurance or security management related duties will qualify for up to one year of substitution.
  • Specific Credentials, Advanced (Post-graduate) Degrees and Certificates—Credentials (in good standing), advanced (post-graduate) degrees and certificate programs which include an IT governance and/or management component or are specific to one or more of the CGEIT domains will qualify for up to one year of substitution.

    These include:
    • Certified Information Systems Auditor (CISA) issued by ISACA
    • Certified Information Security Manager (CISM) issued by ISACA
    • Implementing IT Governance using COBIT and Val IT certificate issued by ISACA (available in 2008)
    • ITIL Service Manager certification program
    • Chartered Information Technology Professional (CITP) issued by the British Computer Society
    • Certified Information Technology Professional (CITP) issued by the American Institute of CPAs
    • Project Management Professional (PMP) issued by the Project Management Institute
    • Information Systems Professional (I.S.P.) issued by the Canadian Information Processing Society
    • Certified Internal Auditor (CIA) issued by the Institute of Internal Auditors
    • Certified Business Manager (CBM) issued by The Association of Professionals in Business Management
    • Prince2 – Registered Practitioner certificate from the Office of Government Commerce
    • Advanced (post-graduate) degree from an accredited university in governance, information technology, information management or business administration (For example: Masters in Corporate Governance, Masters of Business Administration, Masters in Information and Operations Management, Masters of Information Systems Management, Masters in Information Technology)

Exception: Two years as a full-time university instructor teaching IT governance related subjects at an accredited university can be substituted for every one year of IT governance experience.

Applicants who have earned/acquired other credentials, advanced (post-graduate) degrees and/or certificates that include a significant IT governance and/or information management component and are not listed above are welcome to submit them to the CGEIT Certification Board for consideration.