The American National Standards Institute (ANSI), a nonprofit organization that promotes and facilitates criteria around openness, balance, consensus and due process in assessment programs, has accredited two certifications offered by the Information Systems Audit and Control Association (ISACA).
The Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM) certification programs were evaluated under the ISO/IEC 17024 standard (general requirements for bodies operating certification of persons), a traditional benchmark that presents the requirements in education, knowledge, skills and experience a certificant in any field and industry would be expected to meet.
The CISA program, which was launched in 1978, covers audit, control and security issues involved with information systems. More than 40,000 people have attained the CISA certification since it was established, and over 19,000 registered for the June 2005 CISA exam, a 40 percent increase from 2004. The next CISA exam is scheduled for Dec. 10, 2005. The CISA exam has seven content areas: protection of information assets (the largest part of the test); management, planning and organization of IS; technical infrastructure and operational practices; disaster recovery and business continuity; business application system development, acquisition, implementation and maintenance; business process evaluation and risk management; and the IS audit process.
The CISM, which has been attained by more than 5,200 professionals in its first two years of existence, is specifically designed for experienced information security managers. To obtain the CISM, candidates must pass the exam, agree to follow ISACA’s code of professional ethics and validate that…
Please log in or subscribe to read this article