Retaining CISAs Benefits Your Organisation
2008 marked the 30th anniversary of the CISA programme. For over 30 years, organisations have turned to professionals who have earned a CISA® designation to ensure that their reviews are conducted in accordance with globally accepted standards and guidelines, and the organisation’s information technology and business systems are adequately controlled, monitored and assessed.
“I have worked in all areas of information technology, from hardware maintenance, software development and project management to IT general management. I earned the CISA certification in 1994, and it opened up new avenues of information systems consulting for me.”
Avinash Kadam, CISA, CISM, Director of MIEL e-Security Pvt. Ltd., India
By hiring or retaining the services of a CISA, an organisation has invested in a professional who has:
- Distinguished himself/herself from other industry professionals
- Followed a career path allowing him/her to demonstrate IT audit, security and control knowledge and skill
- Committed to maintaining his/her skills through ongoing professional development
The CISA programme requires certified individuals to:
- Acquire five years of IT audit, security or control experience
- Pass a rigorous exam
- Comply with annual requirements for continuing professional education
Individuals with IS audit work experience will find the CISA designation tailored to their knowledge and skills. CISAs have experience:
- Providing IS audit services in accordance with IS audit standards, guidelines and best practices
- Providing assurance that the organisation can achieve corporate governance of IT
- Providing assurance that systems and infrastructure life cycle management meets the organisation’s objectives
- Providing assurance that IT service management practices meet the organisation’s objectives
- Providing assurance that disaster recovery and business continuity plans will ensure timely resumption of IT services while minimising the business impact
The CISA programme, global in scope and recognition, is the only certification programme devoted exclusively to IT audit, control and security. More than 60,000 individuals worldwide have earned the highly prized and respected CISA designation.
CISAs as Our Current and Future Leaders
Many CISAs achieve certification early in their IT careers, and continue to affirm its value by maintaining their certification as they advance within their organisations. A current profile of CISAs demonstrates the increasing managerial influence and authority achieved by CISAs within their organisations:
- Nearly 1,500 CISAs are now employed in organisations as the chief executive officer, chief financial officer or an equivalent executive position.
- More than 2,300 serve as chief audit executives, audit partners or audit heads.
- More than 4,300 serve as chief information officers, chief information security officers, security directors, security managers or consultants.
- More than 8,200 serve as audit directors, managers or consultants.
- Over 13,000 additional CISAs are currently employed in managerial or consulting positions in IT operations or compliance.
This strong representation in enterprise leadership ranks is testimony to the importance of the knowledge, skills and recognition achieved by CISA-certified professionals.
“CISAs represent an exclusive group of IT auditing professionals that desire to take IT to the highest standard possible. They are globally accepted and highly regarded. It is truly an honor to be among them.”
- Susanna Chiu, CISA Chief Operations Officer, DVN (Holdings) Limited, Hong Kong
Organisations employing a CISA can be assured they are getting a professional who has earned a credential that is known and respected around the world.
Not only is the CISA certification programme recognised by individuals and organisations, it is also recognised by other distinguished associations:
- The US Department of Defense (DoD) recognises CISA as one of only 13 certifications approved for use by their information assurance personnel and vendors.
- The Canadian Institute of Chartered Accountants (CICA) recognises CISA as the specialist certification programme for Chartered Accountants (CAs) practising in the areas of information systems audit, control and security.
- In recognition of the specialised knowledge that CISAs have acquired, the Institute of Internal Auditors (IIA) waives a part of the Certified Internal Auditor (CIA) exam for CISAs.
- The Institute of Chartered Accountants in Australia (ICAA) recognises the CISA designation as a designation that denotes a particular set of IT skills and knowledge.
CISA Complies With International Standard
The American National Standards Institute (ANSI) has accredited the CISA certification under ISO/IEC 17024. This standard specifies the requirements to be followed by organisations certifying individuals against specific PERSONNEL CERTIFICATION requirements and is expected to play a prominent role in facilitating global standardisation, public safety and protecting consumers. Accreditation by ANSI signifies that ISACA’s procedures meet ANSI’s essential requirements for openness, balance, consensus and due process.
The CISA designation continues to grow in stature and influence. SC Magazine selected CISA as a finalist for its 2009 Awards in the “Best Professional Certification Program” category. CISA was chosen as a finalist by a panel of 18 chief information security officers (CISOs) at major corporations and large public-sector organisations.
Hire or Encourage Staff Members to Become CISAs
“No enterprise can surpass the abilities and talents of its employees. The world of technology is ever-changing, and I need to know that my employees are prepared to face such challenges. The CISA designation is an excellent indicator of proficiency in technology controls.”
Marios Damianides, CISA, CISM
Partner, Ernst and Young LLP, USA
Attaining a CISA designation is a strong indicator that existing and newly hired employees possess the experience and knowledge required to control, monitor and assess IT and business systems. By including a requirement or preference for the CISA designation in your staff recruitment efforts, you ensure that candidates have the type of experience and knowledge you are seeking.
When you’re developing staff internally, encourage employees to strive for the CISA designation. Their professional development will pay dividends well into the future as they demonstrate and apply their skills and knowledge.