CISA, which stands for Certified Information Systems Auditor, is the most recognized designation for IS audit control, assurance, and security professionals.
The CISA certification is one of the four granted by ISACA, an association established in 1969 for information systems audit, assurance, security, risk, privacy and governance professionals. ISACA has more than 140,000 members in 180 countries.
The CISA certification itself was launched in 1976. In the last decade, the number of ISACA members quadrupled, with more than 27,000 IT professionals taking the exam every year.
The CISA certification is more technical and specialized than, say, a CIA or CPA. If you want to prove your technical expertise in IT auditing, and show your dedication in this industry, CISA certification will prove to be a great investment.
As a well-established qualification within IT auditing, CISA gets you past the first hurdle for some jobs that require it where otherwise you would not have a chance. As one reader commented:
I have had recruiters immediately disqualify me because i didn’t have my CISA and others wanted to make sure i was ‘actively pursuing’ it before we could continue talking.”
IT Auditing itself is an increasingly important field as more accounting functions are being done through information systems. The higher emphasis on internal control in the last 10 years keeps pushing the demand higher.
Not surprisingly, the highest demand for CISAs comes from financial institutions in both audit and non-audit capacities, including IT risk management, IT compliance and IT controls analysts.
Given the demand and the special expertise, it is not surprising that IT audit demands a higher salary than a generalist within the internal audit profession.
Here is a quick comparison on average US salaries for your reference:
|IT Audit Salary||General Internal Audit Salary|
|Entry level||$63 – $74,000||$52 – $67,000|
|Junior||$71 – $100,000||$60 – $87,000|
|Senior||$91 – $132,000||$78 – $111,000|
|Manager||$108 – $166,000||$92 – $151,000|
Source: Robert Half
You may want to check out our comprehensive page on IT audit salary and career path.
I’d like to share the thoughts from one of my readers:
It depends. I have had recruiters immediately disqualify me because i didn’t have my CISA and others wanted to make sure i was “actively pursuing” it before we could continue talking. Then I landed my current job without it and during the interview there was only a brief discussion about being “sufficiently credentialed”. I think we can all agree that any certification doesn’t make you any better or worse. I have met some pretty terrible IT Auditors that had their CISA and some great ones without it.”
Here is another response:
I think having it is worth it. It will get you past the first hurdle for some jobs that require it where otherwise you would not have a chance.”
What’s your view? I’d love to hear your thoughts below!
I am the author of How to Pass The CPA Exam (published by Wiley) and the publisher of this and several accounting professional exam prep sites.
Please log in again. The login page will open in a new window. After logging in you can close it and return to this page.