CISA Frequently Asked Questions 

CISA Logo 

Get the answers you seek for the topics of Exam Registration & Administration, Certification Requirements and Exam Content.

Exam Registration & Administration
Certification Requirements  |  Exam Content  |  Other

Exam Registration & Administration

  1. What is the date of the next CISA/CISM/CGEIT/CRISC exam?
  2. When does registration begin for the June exam?
  3. What are the June 2014 exam deadlines?
  4. How do I know if my online registration has been confirmed?
  5. Can I still defer my June 2014 exam?
  6. Will I receive a receipt for my registration payment?
  7. What is the exact location of the 14 June 2014 exam?
  8. How is the exam scored?
  9. Where can I find CISA/CISM/CGEIT/CRISC applications for certification?
  10. What are the requirements for CISA/CISM/CGEIT/CRISC certification?
  11. What specific experience is required for certification?
  12. Why doesn’t ISACA currently offer computer-based esting (CBT)?

1. What is the date of the next CISA/CISM/CGEIT/CRISC exam?

The next exam date for CISA, CISM, CGEIT and CRISC exams will be 14 June 2014 unless otherwise noted at www.isaca.org/examlocations. Please note that CISA Italian, German and Hebrew languages will be offered onlyat the June 2014 exam administration.

2. When does registration begin for the June exam?

Registration for 14 June 2014 exam is open now. You can register for the exam at www.isaca.org/examreg.

Registration for the 6 September 2014 exam will open mid-April 2014 and the 13 December 2014 exam will open mid-June 2014.

3. What are the June 2014 exam deadlines?

14 June 2014
Early registration deadline: 12 February 2014
Final registration deadline: 22 April 2014

For more details please visit ISACA Exam Candidate Information Guide at www.isaca.org/examguide.

Candidates can save US $75 on the exam registration fee by registering online.

4. How do I know if my online registration has been confirmed?

Once you have completed the registration process, an email confirmation is sent to you within one day to the email address listed in your profile. If you have not received the email confirmation, please check your Spam folder as well. Additionally, you may confirm your order in the myISACA portion of the website. If you have not received a confirmation of your registration, please contact exam@isaca.org for further assistance. Please put "exam confirmation request" in the subject line.

5. Can I still defer my June 2014 exam?

Candidates unable to take the June exam can request a deferral of their registration fees to the 6 September 2014 exam or the 13 December 2014 exam. The 6 September exam will only offer the CISA and CISM exams at select worldwide locations (www.isaca.org/sept2014sites) and 13 December 2014 for all ISACA exams at all locations (www.isaca.org/examlocations).

Note: The CISA German, Italian and Hebrew languages are offered only at the June exam. Please contact exam@isaca.org for further information.

Deferral requests received on or before 25 April are charged a US $50 processing fee. From 26 April through 23 May, a processing fee of US $100 will be charged. Deferral requests will not be accepted after 23 May 2014. To request a deferral, please go to www.isaca.org/examdefer. to complete the process. The exam and deferral fees are nonrefundable and nontransferable. Please note: Deferral requests will not be processed until deferral fees have been paid in full. Payment is due in full by 14 June 2014. All deadlines are based on Chicago, Illinois USA, 5 p.m. CT (central time).

6. Will I receive a receipt for my registration payment?

Yes, a receipt for the payment is mailed to you once the registration form and payment has been received and processed.

7. What is the exact location for the 14 June 2014 exam?

There are 200+ worldwide exam sites. The specific location for each exam site is not determined until closer to the exam date in order to accommodate all candidates registered for the exam. The specific exam location details will be listed in your admission ticket.

The admission ticket will be sent to you via email and available for download from your ISACA profile approximately 4 weeks prior to the exam. If you have not received an admission ticket by 1 June 2014 for the 14 June 2014 exam, contact exam@isaca.org .

8. How is the exam scored?

ISACA uses a 200-800 point scale with 450 as the passing mark for the exams. A scaled score is a conversion of the raw score on an exam to a common scale. It is important to note that the exam score is not based on an arithmetic or percent average. For example, the scaled score of 800 represents a perfect score with all 200 questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly.

A candidate must receive a scaled score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established for the exam by the respective ISACA Certification Committee. The passing score of 450 represents the minimum number of questions that must be answered correctly by the candidate in order to demonstrate practical application of the job task and knowledge statements. A candidate receiving a passing score may then apply for certification if all other requirements are met.

9. Where can I find CISA/CISM/CGEIT/CRISC applications for certification?

CISA applications are located at www.isaca.org/cisaapp.
CISM applications are located at www.isaca.org/cismapp.
CGEIT applications are located at www.isaca.org/cgeitapp.
CRISC applications are located at www.isaca.org/criscapp.

10. What are the requirements for CISA/CISM/CGEIT/CRISC certification?

CISA requirements for certification are available at www.isaca.org/cisarequirements.
CISM requirements for certification are available at www.isaca.org/cismrequirements.
CGEIT requirements for certification are available at www.isaca.org/cgeitrequirements.
CRISC requirements for certification are available at www.isaca.org/criscrequirements.

11. What specific experience is required for certification?

To determine if your experience is applicable to the CISA/CISM/CGEIT/CRISC certification please visit the sites below for a complete breakdown of the task and knowledge requirements.

CISA: www.isaca.org/cisajobpractice.
CISM: www.isaca.org/cismjobpractice.
CGEIT: www.isaca.org/cgeitjobpractice.
CRISC:t www.isaca.org/criscjobpractice.

12. Why doesn’t ISACA currently offer computer-based esting (CBT)?

ISACA is often asked why our exams are not offered in an online environment. It’s a great question, especially given that ISACA members and certifieds are primarily IT professionals. It is also an issue that ISACA’s Credentialing Board and certification committees continue to evaluate each and every year.

There are three primary objectives that ISACA considers when offering exams:

  • Can exams be offered more efficiently?
  • Can exams be offered more securely?
  • Can exams be offered more affordably?

In order to determine whether to move from paper-based testing to computer-based testing, ISACA has weighed various factors including, but not limited to, being assured that:

  • Exam candidates are offered a consistent and suitable exam experience regardless of where they sit for the exam
  • Exam items are properly safeguarded
  • Exams are offered at a reasonable and fair fee

It is clear that there are advantages and disadvantages to offering exams in both paper-based and computer-based formats. Research has indicated that suitable CBT sites are not available in many of the more than 270 locations that ISACA currently offers exams, and many other CBT sites are not viable and secure for high-stakes exams. In addition, we have seen others who have shifted from paper-based testing to CBT increase their exam fees significantly (often by 100%) given the higher administrative costs.

At this time, ISACA’s Credentialing Board has determined that the cost of transitioning to CBT would outweigh the benefits to test takers and to ISACA as a whole. ISACA is proud of the success and demand for our certifications that has been achieved, and is committed to continuing to look at additional options for offering ISACA exams.

Certification Requirements  |  Exam Content  |  Other


Certification Requirements

  1. What do I need to do if I've received a revocation notice?
  2. Where can I find the CISA application for certification?
  3. Is there a fee to apply for certification?
  4. What are the qualifications to earn the CISA credential?
  5. What does the CISA continuing professional education program require?
  6. Do I need to submit documentation for my CPE hours?
  7. How do I renew my certification and/or report my CPE?
  8. Does ISACA provide discount on certification maintenance (renewal) fees if I have multiple certifications?

1. What do I need to do if I've received a revocation notice?

If you have received a revocation notice, please contact certification@isaca.org.

2. Where can I find the CISA application for certification?

CISA applications are located at Apply for Certification.

3. Is there a fee to apply for certification?

For certification applications received on 1 June 2012 and forward, an application processing fee of US $50 will be required to apply for certification. The application processing fee will support our dedication to efficient and proper processing of certification applications according to industry standards. The fee will also help support the integrity of the application process, which in turn reinforces the strength and reputation of the overall certification programs.

Payment for the CISA application processing fee can be made online at www.isaca.org/cisapay.

4. What are the qualifications to earn the CISA credential?

The CISA designation is awarded to individuals with an interest in Information Systems auditing, control and security who meet the following requirements:

  • Earn a passing score on the CISA exam
  • Adhere to the ISACA Code of Professional Ethics
  • Commit to abide by the CISA Continuing Professional Education Policy
  • Acquire a minimum of 5 years of professional information systems auditing, control or security work experience (as described in the job practice areas). Substitutions and waivers of such experience may be obtained if certain education and general IS or audit experience requirements are met.
  • Comply with Information Systems Auditing Standards

For further details, click here.

5. What does the CISA continuing professional education program require?

In order to become and remain a CISA an individual must agree to comply with the CISA continuing professional education program. This program requires an individual to earn a minimum of 20 hours annually and 120 hours every 3 years of continuing professional education. In addition, an annual maintenance fee of US $45 ISACA member and US $85 non-member is required.

  Download CPE policy

6. Do I need to submit documentation for my CPE hours?

Documentation of CPE hours does not need to be provided to ISACA unless you are selected for an audit of your CPE hours.

7. How do I renew my certification and/or report my CPE?

To renew the certification requires earning and reporting CPE hours annually and over a fixed 3-year cycle period and paying an annual certification maintenance fee.

Our CPE reporting system has recently been enhanced and certified individuals are now able to report CPE as they are earned.

Play View the Video Quick Tour
     Download the PDF Quick Tour
     CPE Reporting FAQs

How to report your CPE:

Log in at www.isaca.org

  • Click on MY ISACA
  • Click on MY CERTIFICATIONS
  • Click on Manage My CPE
  • Scroll down, then click on Add CPE button
  • Enter CPE activity information and click Save.

To pay the annual maintenance fee:

8. Does ISACA provide a discount on certification maintenance (renewal) fees if I have multiple certifications?

Yes, for those individuals who renew 3 or more ISACA certifications, ISACA offers a discount on the 3rd and 4th renewal fees of $20 for members and $35 for nonmembers.

Exam Registration & Administration  |  Exam Content  |  Other


Exam Content

  1. How long is the exam?
  2. What does the CISA exam cover?

1. How long is the exam?

A candidate is given 4 hours to complete a 200-question multiple-choice exam.

2. What does the CISA exam cover?

The CISA exam covers 5 IS audit, control or security areas, each of which is further defined and detailed through task and knowledge statements. For details, please go to CISA Job Practice Areas.

Exam Registration & Administration  |  Certification Requirements  |  Other


Other

  1. How do I request additional information or report an issue regarding a current or past credential holder?
  2. How can I become a CISA Exam Item Writer?

1. How do I request additional information or report an issue regarding a current or past credential holder?

To request additional information or to report an issue regarding a current or past credential holder, please contact the CISA certification department:

Email: exam@isaca.org
Tel: +1.847.660.5660
Fax: +1.847.253.1443

2. How can I become a CISA Exam Item Writer?

Apply online to become a CISA Exam Item Writer.

Exam Registration & Administration  |  Certification Requirements  |  Exam Content