How to Maintain the CISA
CISA stands for Certified Information Systems Auditor. To earn CISA certification, you must have at least five years of experience in information system control, IT auditing or information technology system control. You must agree to the ISACA, or Information Systems Audit and Control Association, code of ethics and submit an application to take the CISA exam. If the application is approved, you must pass the CISA exam. After passing the exam, you must maintain their certification. Maintaining the CISA certification is crucial for those who rely on those credentials to be qualified to work in IT auditing.
Other People Are Reading
Things You'll Need
- Passing grade on the CISA exam
- Log of all Continuing Professional Education (CPE) hours
Instructions
-
CISA Continuing Certification Requirements
-
1
Earn at least 20 CPE (Continuing Professional Education) credits each year. Continuing Professional Education credits are earned by attending ISACA conferences, chapter meetings and professional seminars hosted by the organization.
-
2
Earn at least 120 CPE credits over three calendar years. If you earn 20 hours for two years in a row, you will need to earn 80 more to maintain the CISA.
-
-
3
Report your CPE hours earned that year when you send in the annual CISA Maintenance Fee. The CISA maintenance fee is in addition to ISACA membership dues and local ISACA chapter dues.
-
4
Maintain copies of all CPE credit course verifications in case of audit. This can include copies of sign-in sheets, course workbooks and certificates of completion given by instructors at the end of the class.
-
5
Meet the ethical standards of the ISACA profession and organization.
-
1
Tips & Warnings
If you earned a new CISA certification, the year for which you must take 20 new CPE starts Jan. 1 after passing the CISA exam. If you have just completed the exam, save money by skipping the continuing education courses until they help meet the CPE requirements.
CPE hours can be earned by taking courses for advanced CISA certifications.
Someone who has CISA certification but takes courses to earn the Certified Information Security Manager (CISM) or CISSP (Certified Information System Security Professional) certification can count all course hours toward the CPE hours required to maintain the CISA certification.
Teaching CISA courses also counts for CPE. If you have already taken all of the courses, this is a way to maintain certification and build a professional reputation.
If you are on an extended furlough, are working outside of the information security field or expect to be off work due to an extended illness, ISACA allows CISA professionals to apply for a non-practicing CISA status. While in a non-practicing status, you are not required to continue earning the Continuing Professional Education hours and their associated costs. You also avoid having to retake the exam to restore the CISA credential. However, to be allowed to use CISA as a certification on your resume or business card, you must return to active status by earning 20 CPE hours and resubmitting an Application for Active status.
If you fail to pay the maintenance fee, take the necessary number of CPE hours or have sufficient proof of coursework taken, the CISA certification will be revoked. If this happens, submit a new application and retake the exam. After passing the CISA exam, resume CPE courses to maintain the new CISA certification.
References
Resources
- Photo Credit books image by Tadija Savic from Fotolia.com
