CISA is to Audit what CPA and CA are to Accounting CISAs are recognized internationally as professionals with the knowledge, skills, experience and credibility to leverage standards, manage vulnerabilities, ensure compliance, offer solutions, institute controls and deliver value to the enterprise. CISA job practice analysis has been completed by ISACA. This analysis resulted in a new CISA job practice which reflects the vital and evolving responsibilities of IT auditors. The new CISA job practice was effective beginning with the June 2011 CISA exam administration. For purposes of these statements, the terms "enterprise" and "organization" or "organizational" are considered synonymous.
Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included
Plan specific audits to determine whether information systems are protected, controlled and provide value to the organization
Conduct audits in accordance with IS audit standards, guidelines and best practices to meet planned audit objectives
Communicate emerging issues, potential risks, and audit results to key stakeholders
Advise on the implementation of risk management and control practices within the organization, while maintaining independence
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.