The Information Systems Audit and Control Association (ISACA) administers the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and Certified in the Governance of Enterprise Information Technology (CGEIT) certifications. These certifications are helpful for professionals who work in organizations subject to various security regulations including Sarbanes-Oxley, Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), and the Payment Card Industry Data Security Standard (PCI DSS).
The 200-question multiple-choice CISA exam, offered biannually in June and December, covers the following six job-practice areas:
Information Systems Audit Process
Information Technology Governance
Systems and Infrastructure Lifecycle Management
Information Technology Service Delivery and Support
Protection of Information Assets
Business Continuity ...