How to get CISA certified

You’ve prepared by doing the work, taken the exam and are now ready to apply for your CISA® Certification. Let’s make sure you have everything you need:

Members save on CPEs, renewals, and exams

JOIN

CISA certification requirements

CISA Logo

Successfully complete the CISA examination

The CISA exam is open to anyone who has an interest in information security. You can still take the CISA exam even if you haven’t met the experience requirements yet, although you’ll have to meet those before getting certified. When you take the CISA exam, we’ll send you your results, and if you passed, the details you need to apply for your CISA certification. Candidates have five years from the passing date to apply for certification.

Demonstrate the minimum required work experience

A minimum of 5-years of professional information systems auditing, control or security work experience–as described in the CISA job practice areas–is required for certification. Work experience for the CISA certification must be gained within the 10-year period preceding the application date for certification. Candidates have 5-years from the passing date to apply.

Earn & report CPE hours

Attain and report a minimum of 120 Continuing Professional Development (CPE) hours during a three-year reporting period, completing a minimum of 20 CPE hours per year. If these CPEs satisfy the requirements for other ISACA certifications, they may also count toward those designations.

Adhere to the Code of Professional Ethics

Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.

Comply with Information Systems Auditing Standards

Individuals holding the CISA designation agree to adhere to the Information Systems Auditing Standards as adopted by ISACA.

Already certified and need to maintain your certification?