CISA Job Practice Areas

A job practice serves as the basis for the exam and requirements to earn the certification. This job practice consists of task and knowledge statements, organized by domains.

CISA Certification Job Practice

Notice: A CISA job practice analysis has been completed. This analysis resulted in a new CISA job practice which reflects the vital and evolving responsibilities of IT auditors. The new CISA job practice (identified below) was effective beginning with the June 2011 CISA exam administration.

For purposes of these statements, the terms "enterprise" and "organization" or "organizational" are considered synonymous.

The job practice domains and task and knowledge statements are as follows:

Domain 1—The Process of Auditing Information Systems (14%)

Domain 2—Governance and Management of IT (14%)

Domain 3—Information Systems Acquisition, Development and Implementation (19%)

Domain 4—Information Systems Operations, Maintenance and Support (23%)

Domain 5—Protection of Information Assets (30%)

For detailed information on the job practice areas click here

Make the most of your relatioship with ISACA

Become a Member