Why AAIA is the Next Step for CISAs

Additional resources

No Looking Back: Transforming Audit with Artificial Intelligence

IT auditors have traditionally had to rely on looking backward at what already has happened, but with artificial intelligence transforming IT audit, a more forward-looking lens has become possible.

Why IT Auditors Need AAIA: Addressing AI Challenges in Audit

The new ISACA Advanced in AI Audit (AAIA) credential equips auditors for a changing landscape in which artificial intelligence is reshaping roles and presenting auditors with new opportunities.

Top ISACA Resources for Auditors to Keep Pace with AI

Artificial intelligence is reshaping the audit profession – to the extent that 70% of audit/assurance professional respondents to ISACA’s 2025 AI Pulse Poll believe they will need to increase their skills and knowledge in AI within the next year to advance their career or even simply retain their jobs.

ISACA Launches First Advanced AI Certification for Seasoned IT Auditors

ISACA introduces the ISACA Advanced in AI Audit (AAIA), the first advanced AI certification specifically designed to equip experienced IT auditors with the expertise to assess and govern AI systems.

It is unlikely to be news to anyone reading this blog post that Artificial Intelligence (AI) is the leading topic of conversation in most industries. It is talked about so much that I know I am personally feeling the AI discussion fatigue.

At the most recent conference that I attended in the information security space, there were 17 break-out session times with multiple session options during each. All but one of those breakout sessions timeslots had an option with AI in the title or description of the topic.  From every AI-related presentation I’ve attended, the common themes that always come up are the likely suspects: AI is going to take your job, AI poses risks to privacy, AI hallucinations are causing harm, etc. What was lacking at this conference and the many AI presentations I’ve been at was actionable insights into gaining assurance of AI.

The hype about AI is justifiable given the continued increase in AI adoption across all industries. Gartner reported that 58% of finance teams used AI in 2024, up from 37% in 2023. That’s more than half using AI for automation, reporting anomaly detection and analytics/forecasting-related functions. As AI continues to expand in use throughout business processes, there will need to be professionals that can confidently provide assurance that the risks associated with AI adoption are being addressed. If you have a CISA credential like me, you are exactly the type of professional capable of taking on this challenge.

ISACA’s Advanced in AI Audit (AAIA) certification was released in May to help audit professionals address these risks. AAIA provides experienced auditors with a path for continued education and skill development in the emerging field of AI. The AAIA certification is for anyone with proven experience in IT audit or advisory-related roles and some expertise related to auditing, assessing, implementing and maintaining AI systems. The primary requirement is to have an active Certified Information Systems Auditor (CISA) from ISACA or another qualifying credential.*

Assurance professionals need to proactively prepare themselves to embrace and be able to audit AI systems. Those holding the CISA certification are in a unique position to lead the charge for AI assurance given their role in applying audit and security best practices to information systems throughout the years. Since the CISA certification was introduced in 1978, computers have advanced from mainframes to client-server architecture, virtualization and cloud computing. Along the way, CISAs have had to apply security best practices to this rapidly changing technological landscape.

The pace at which technology continues to evolve will only continue accelerating with AI. If you subscribe to Moore’s law, we’re looking at processing power doubling every two years and the capabilities of AI increasing right along with it. This will take the traditional mindset of people, process and technology and likely shift it to focus heavily on the technology part of that triangle.

CISA-certified professionals and others with the background in auditing information systems and applying security best practices must continue to sharpen their skills as it relates to AI. The AAIA provides auditors with a focused set of knowledge that can help to jump-start the practice of providing proactive assurance for AI. Whether your organization is implementing off-the-shelf AI solutions or developing your own AI tools, it is important to have assurance that those solutions are operating as expected and without harm to society.

*Those with an active credential from the following list are eligible to pursue the AAIA:

All qualify:

• CISA (Certified Information Systems Auditor from ISACA)

Must be in an IT audit or IT advisory role to qualify:

• CIA (Certified Internal Auditor from the Institute of Internal Auditors (IIA))
• CPA (Certified Public Accountant from the American Institute of Certified Public Accountants (AICPA))
• ACCA (Association of Chartered Certified Accountants Qualification from the Association of Chartered Certified Accountants)
• FFCA (ACCA Fellow Chartered Certified Accountant from the Association of Chartered Certified Accountants (ACCA))
• Canadian CPA (Canadian Chartered Professional Accountant from the Chartered Professional Accountants of Canada)
• CPA Australia (Certified Practicing Accountant)
• FCPA (CPA Australia Fellow Certified Practicing Accountant)
• Japanese CPA (Japanese Certified Public Accountant from the Japanese Institute of Certified Public Accountants (JICPA))