Information Technology Reference
In-Depth Information
We are seeing a number of accountants taking up IS auditing as a profession or a combina-
tion of the two.
After reading this chapter, you might be thinking of taking up a course and write an exam
in IS auditing, if you are not already CISA or CIA certified. You are on the right path. By
the time you reach the last chapter of the topic, you will have a firm foundation of IS audit-
ing. There are various types of certifications which you may consider. Some are specific to
IS auditing whilst others are more specialised in other areas such as information security,
IT governance, and IT risks.
One way of enhancing your standing as a professional IS auditor is to study for one of the
following certifications. You will be required to sit for an examination and also have pro-
fessional experience in order to be officially certified. Listed in figure 1.2 below are the
some of the major IS auditing professional certifications.
#
Certification
Examining Body
1
Certified Information System Auditor (CISA)
ISACA
2
Certified Internal Auditor (CIA)
IIA
Figure 1.2 IS Auditing Certifications
There are also other IS audit-related certifications you may consider in the areas of IT gov-
ernance, security, and risk management certifications listed in figure 1.3
# Certification
Examining Body
1 Certified Information Systems Security Professional (CISSP)
(ISC)²
2 Certified Information Security Manager (CISM)
ISACA
3 Certified in Risk and Information Systems Control (CRISC)
ISACA
4 Certified in the Governance of Enterprise IT (CEGIT)
ISACA
5 Certified ISO 27001 Lead Auditor
ISO
6 COBIT
ISACA
Figure 1.3 IT Assurance Certifications
Search WWH ::
Custom Search