ISACA

www.isaca.org

The Information Systems Audit and Control Association (ISACA) administers the Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certifications. These certifications are helpful for professionals that work in organizations subject to various security regulations including Sarbanes-Oxley, HIPAA, GLBA, and PCI.

The CISA exam covers the following areas:

• IS Audit Process

• IT Governance

• Systems and Infrastructure Lifecycle Management

• IT Service Delivery and Support

• Protection of Information Assets

• Disaster Recovery and Business Continuity

The CISM exam covers the following areas:

• Information Security Governance

• Risk Management

• Information Security Program Management

• Information Security Management

• Response Management