CISA

ISACA Certified Information Systems Auditor

ISACAPersonnel certification (ISO 17024)Audit

Created per CertMap methodology · Updated 12 May 2026 · About the editorial team →

▾ Jump to …4 sections

Overview

What is CISA?

The CISA has been considered the gold standard for IT auditors and audit professionals worldwide for decades. It covers the entire lifecycle of IS audits, from planning through execution to reporting, and is in high demand in regulated industries such as banking, insurance, and the public sector. The certification requires five years of relevant professional experience, clearly positioning it as a senior-level credential. For career changers from IT, it serves as a springboard toward governance and compliance. The CISA is recognized globally by employers and regulators and is nearly ubiquitous in job postings for IT audit roles.

Quick facts

AccreditationISO/IEC 17024 by ANSI

Languagesen · de · fr · es · ja · ko · zh · it · tr

RecognitionGlobal

Key details

Cost, prerequisites, exam & renewal

Cost over 5 years

Exam fee (acquisition)€699

AMF (5 years)€207

CPE time value (5 years)€8,000

5-year total€8,906

CPE effort: 20 h per year · 100 h over 5 years · Valued at 80 €/h.

How is TCO calculated? →

Classification

CertMap score and matching roles

Rating

Market recognition3 / 33 / 3

Scheme quality3 / 33 / 3

Practice evidence2 / 32 / 3

Maintenance2 / 32 / 3

Matching NICE roles

Cybersecurity Curriculum Development Cybersecurity Instruction Privacy Compliance Security Control Assessment Technology Program Auditing Vulnerability Analysis

Mapping from NIST NICE Framework SP 800-181, status 2025. NIST source ↗

More certifications

From ISACA

AAIAAdvanced in AI Audit AAIRAdvanced in AI Risk AAISMAdvanced in AI Security Management CCOACertified Cybersecurity Operations Analyst CDPSECertified Data Privacy Solutions Engineer CGEITISACA Certified in the Governance of Enterprise IT CISMISACA Certified Information Security Manager CRISCISACA Certified in Risk and Information Systems Control

In Audit

PECB 22301LAPECB PECB 42001LAPECB

This page follows CertMap methodology: editorial content is curated by hand. Score, costs and NICE mapping are aggregated from official provider documents. Score methodology → · TCO methodology →

Transparency: CertMap is operated by Daniel Thomas Heessel, who is also managing director of Threat‑Informed, a company specialising in Threat‑Informed Defense. He additionally offers consulting services on CertMap. CertMap currently receives no commissions from certification providers, no affiliate links, no sponsored placements. Podcast and interview guests are not paid for appearances and receive no affiliate commissions.

From the knowledge base

View all articles →

Methodology

About the CertMap editorial team

CertMap is an independent platform for comparing cybersecurity certifications, built on data-journalism standards that combine editorial curation with mechanical aggregation.

3 min read

Fundamentals