CISA salary guide

What is the CISA Certification?

The CISA designation is granted by the Information Systems Audit and Control Association (ISACA) to information systems audit professionals around the world. The professional certification originated in 1978 and is held by over 100,000 professionals. Gaining the certification solidifies an employee’s knowledge and expertise in identifying critical issues and creating practices to increase the value of information systems.


CISA is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. Is the CISA certification the boost that your career needs?

Who should earn the CISA?

IT professionals who perform work in auditing, monitoring, controlling and assessing business systems can benefit from attaining CISA certification. Often attained by more experienced professionals, the certification requires at least five years of experience in information systems auditing, control or security.

Common CISA job titles and average salary ranges

Information Technology (IT) Auditor

IT auditors use technology systems to help organizations protect their internal controls and data. This role involves safeguarding sensitive information, identifying weaknesses in the network and strategizing about how to prevent technological security breaches. CISA is considered an essential certification for this role.

Senior Information Security (IS) Auditor

IS auditors work specifically on a company’s security system to report on the efficiency and effectiveness of the system. CISA certification is highly recommended and sometimes required for those who work as information security professionals. In addition, certification can help an IS auditor gain the management skills needed for promotion.

Internal Audit Manager

Internal audit managers ensure compliance, conduct risk assessments and create plans to monitor annual auditing reports. Strong analytical skills, high integrity, clear communication skills and an ability to work independently are required to be an internal audit manager. The CISA can further an internal audit manager’s audit skill set by quantifying the manager’s IT skills.

Information Technology (IT) Manager

IT managers coordinate, plan and lead computer-related activities in an organization, like implementing computer systems. Some IT managers also oversee a company’s telecommunications systems and other electronic support systems. This position generally requires a couple of years of experience working in IT operations, strong problem-solving skills, and project management expertise.

Internal Audit Director

Employment as an internal audit director requires approximately 10 years of experience, as well as several years of managerial experience. Proficiency in audit and accounting is fundamental, along with strong communication skills. The CISA can confirm an internal audit director’s knowledge of information systems and help the director to gain a full view of the scope of the company’s auditing.

PositionLow-end salaryAverage salaryHigh-end salary
Information Technology Auditor$49,000$63,000$97,000
Senior Information Security Auditor$69,000$85,000$116,000
Internal Audit Manager$70,000$96,000$134,000
Information Technology Manager$72,000$105,000$149,000
Internal Audit Director$86,000$124,000$192,000
Salary information provided by payscale.com from McAfee’s Information Security Certification Salary Guide.

Interested in beginning your path to becoming a CISA? Start studying today with Surgent CISA Review, the most efficient CISA review course on the market.