Examination Structure

The CISA program is designed to assess and certify individuals in the IS audit, control and security professionals who demonstrate exceptional skill and judgment in IS audit. The CISA credential measures expertise in the areas of:

The Process of Auditing Information System 21%
Governance and Management of IT 16%
Information Systems Acquisition, Development and Implementation 18%
Information System Operation, Maintenance and Support 20%
Protection of Information Assets 25%

Scoring the Exams: Candidate scores are reported as a scaled score. A scaled score is a conversion of a candidate's raw score on an exam to a common scale. ISACA uses and reports scores on a common scale from 200 to 800. A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge. A candidate receiving a passing score may then apply for certification if all other requirements are met.