About the CISA Exam

The Certified Information Systems Auditor (CISA) certification is a globally-recognized credential conferred by the Information Systems Audit and Control Association (ISACA) to candidates who demonstrate proficiency in information systems audit control, assurance and security through the CISA exam.

Education and Experience

CISA candidates are required to have at least five years of professional experience in information systems auditing, control, or security work. Up to three years may be waived.

Note: Candidates are able to sit for the exam before the professional education requirement has been met, but will not be certified until then.


Free Trial

Register for a free trial to learn why so many professionals choose Surgent CISA Exam Review to prepare for, and pass, the Certified Information Systems Auditor Exam.

Start your Free Trial today!


Watch our free demo to learn more about the Surgent's A.S.A.P® Technology to help you pass the Certified Information Systems Auditor Exam faster.



About the Exam


The purpose of the CISA exam is to evaluate the candidates’ technical competence in the purpose of information systems audits. The CISA exam is comprised of a single test covering five subject areas, and is administered at PSI testing centers globally.



Duration: 4 Hours

Exam Question Count

150 Multiple Choice


1. The Process of Auditing Information Systems (21%)
2. Governance and Management of IT (17%)
3. Information Systems Acquisition, Development, and Implementation (12%)
4. Information Systems Operations and Business Resilience (23%)
5. Protection of Information Assets (27%)

Learn More

What is the CISA exam?

The Certified Internal Auditor (CISA) exam is a five-part assessment that measures candidates’ knowledge of information systems auditing disciplines. The CISA exam is administered by the Information Systems Audit and Control Association (ISACA). Upon passing, candidates are given a CISA certification.

How difficult is the CISA Exam?

The CISA exam is notoriously difficult with only an average of 50% of test takers passing, and even lower numbers for first time participants. This is why we recommend an adaptive course with an exam readiness indicator, like ReadySCORE, so you know if you're actually ready to sit - and pass.

How much does it cost to take the CISA exam?

The exam requires a $50 application fee. Once your application is accepted, there is a fee to sit the actual Exam. For ISACA members, this fee is $465. And for non-members, the fee is $595.