CISA Exam Format – Complete Details
CISA Exam Format – To qualify as CISA, candidates have to have five years of work experience in the fields of Information Systems Auditing, Control, Assurance or Security. Only those who clear the CISA exam will be certified. The work experience must be gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the exam.
CISA Exam Format, Rules and Regulation
The CISA exam is a one-time exam, consisting of 200 multiple-choice questions, and the time frame given is four hours. The exam is held thrice a year, on the second Saturday of June, September (in select locations) and December.
The CISA course is divided into five modules that covers the complete scope of IS audits and review. Each of these modules comes with individual professional credits that get reflected in the final certificate.
- Module 1 – The Process of Auditing Information Systems
This helps the candidate gain the knowledge required to comply with the highest standards of information systems and provide the best audit practices for the same. For organisations, this would mean thorough control and protection of their business and information systems.
- Module 2 – CISA’s role in IT governance
Topics covered under Module 2 helps learning to develop sound IS control practices and management mechanisms. Certified professionals will provide the organisation with the assurance of best policies, accountability and structures of monitoring to arrive at the desired IT governance.
- Module 3 – CISA’s role in Systems and Infrastructure Life Cycle Management
This Module covers the processes and methodologies that modern organisations employ while changing or reinventing the infrastructure components of their application systems.
- Module 4 – CISA’s role in IT Service Delivery and Support
Here in the candidate is required to review the processes and methodologies applicable to different IT systems. Further, it will deliver learning of the IS audit in the event of a disruption. Businesses can gain by expect disaster recovery methodologies and timely resumption of database services, thus minimising the negative impact on a range of business processes.
- Module 5 – CISA’s role in Protection of Information Assets
The key component of Module 5 enables a professional to be able to ensure the integrity, availability and confidentiality of information assets while instituting physical and logical access controls and other security measures.
The CISA study community was created as an additional resource to help exam registrants successfully prepare for the exam. In addition to CISA exam registrants, chapter certification coordinators have also been invited to respond to questions and share their study methods. Community leaders are past top exam scorers that will moderate, facilitate and drive discussion.
The primary focus of this community includes:
- Successful study methods
- Study resources and materials
- What to expect the day of the exam
Useful information on CISA exam administration and results, including admission tickets, receiving your score report, reporting of your test results and retaking the exam.
1. Admission Ticket
Admission tickets for the exam will be released approximately 2-3 weeks prior to the exam date via email to the email address in the candidate profile. Once released, exam candidates can also download a copy of the admission ticket at the MyISACA page of the web site. Candidates must bring either a print out of the eTicket or download version on exam day for entry into the exam.
The ticket will indicate the date, registration time and location of the exam, as well as a schedule of events for that day and a list of materials that candidates must bring with them to take the exam. Candidates are not to write on the admission ticket.
Candidates who are discovered engaging in any kind of misconduct, such as giving or receiving help; using notes, papers, note pads or other aids; attempting to take the exam for someone else; using any type of communication device including cell phones during the exam administration; or removing the exam booklet, answer sheet or notes from the testing room will be disqualified. Candidates who leave the testing area without authorisation or accompaniment by a test proctor will not be allowed to return to the testing room and will be subject to disqualification. Candidates who continue to write the exam after the proctor signals the end of the examination time may have their examination voided. The testing agency will report such irregularities to the respective ISACA Certification Committee.
Candidates must record their answers on their answer sheet. No additional time will be allowed after the exam time has elapsed to transfer or record answers should candidates mark their answers in the question booklet. The exam will be scored based on the answer sheet recordings only.
Observe the Test Centre’s Rules
- Candidates will not be admitted to a test centre after the oral instructions have begun.
- Candidates should bring several sharpened No. 2 or HB (soft lead) pencils and a good eraser. Pencils and erasers will not be available at the test centre
- Candidates are not allowed to bring reference materials, blank paper, notes or note pads or language dictionaries into the test centre.
- Candidates are not allowed to bring or use a calculator in the test centre.
- Candidates are not allowed to bring any type of communication devices (i.e. cell phones, tablets, smart watches, mobile devices, etc.) into the test centre.
- Visitors are not permitted in the test centre.
- No food or drinks are allowed in the test centre (without advanced authorisation from ISACA).
- Candidates are not allowed to leave the testing area without accompaniment by a test proctor. Exam candidates that do not adhere to this rule will not be allowed to return to the testing room and will be subject to disqualification.
Reasons for Dismissal or Disqualification
- Unauthorised admission to the test centre.
- Candidate creates a disturbance, or gives or receives help.
- Candidate attempts to remove test materials or notes from the test centre.
- Candidate impersonates another candidate.
- Candidate brings items into the test centre that are not permitted.
- Candidate possession of any communication device (i.e. cell phones, tablets, smart watches, mobile devices, etc.) during the exam administration. If a candidate is observed with any communication device during the exam administration, their exam will be voided and they will be asked to immediately leave the test site.
- Candidate unauthorised leave of the test area.
3. Exam Day Comments/Issues
Candidates who wish to address any additional comments or concerns about the examination administration, including candidate issues on exam day, site conditions or the content of the exam, should contact ISACA international headquarters by letter or by email (firstname.lastname@example.org). Please include the following information in your comments: exam ID number, testing site, date tested and any relevant details on the specific issue. Only those comments received by ISACA during the first 2 weeks after the exam administration will be considered in the final scoring of the exam. Appeals undertaken by a certification exam taker, certification applicant or by a certified individual are undertaken at the discretion and cost of the exam taker, applicant or individual. For more information on the Appeals Policy visit www.isaca.org/appeals.
4. Personal Belongings and Security
Candidates are not allowed to bring any type of communication devices into the test center. If an exam candidate is observed with any communication device (i.e. cell phones, tablets, smart watches, mobile devices, etc.) during the exam administration, their exam will be voided and they will be asked to immediately leave the test site. ISACA will not assume responsibility for stolen, lost or damaged personal property of candidates.
Personal items brought to the exam site and stored in the belongings area of the testing center may not be accessed until the exam candidate has completed his/her exam.
The following guidelines have been established for the security of the exam, as well as the safety of your personal belongings. These guidelines will be enforced at each testing centre.
The following items must be kept on your desk during the exam:
- Exam admission ticket
- Current government-issued photo identification
- Writing instruments (Pencils)
The following items may be kept on your desk, if needed:
- Pencil sharpeners
- Other ISACA approved medical items
The following items are permitted in the testing room but must remain in your pockets or in the designated area of the testing room when not in use:
- Wallet (money purse)
- Tissues and other approved personal items
The following items are not permitted in the testing room:
- Cell phones, tablets, smart watches, mobile devices
- Computers, electronic organisers, personal data assistants
- any other remote communication or photographic devices
The following items may not be brought in the testing room. If it is necessary to bring any of these items with you, they cannot be kept on or under your desk and will be stored in a designated area of the testing room. However, please note that these items will not be guarded:
- Food or drinks, unless special accommodations have been arranged and approved in advance by ISACA
- Baggage of any kind including transparent bags, backpacks, handbags/purses, tote bags, briefcases, luggage, carrying cases, or pencil cases
- Study materials including notes, papers, textbooks, or study guides
- Scratch paper
- Wristwatches with engaged audible alarms/timers or any type of desk clock/time
Please comply with all of these requests. ISACA will not assume responsibility or liability for stolen, lost, or damaged personal property. Neither ISACA or its testing vendor takes responsibility for personal belongings of candidates.
Additional information can be found in the ISACA Exam Candidate Information Guide.
5. Receiving Your Score Report
Please notify the certification department immediately if your registration contact information changes. Approximately five weeks for CISA and CISM and eight weeks for CGEIT and CRISC after the test date, the official exam results will be mailed to candidates. Additionally, with the candidate’s consent during the registration process, an e-mail message containing the candidate’s pass/fail status and score will be sent to the candidate. This e-mail notification will only be sent to the address listed in the candidate’s profile at the time of the initial release of the results. To ensure the confidentiality of scores, exam results will not be reported by telephone or fax. To prevent e-mail notification from being sent to spam folders, candidates should add email@example.com to their address book, whitelist or safe-senders list.
6. Reporting of Your Test Results
Candidate scores are reported as a scaled scored. A scaled score is a conversion of a candidate’s raw score on an exam to a common scale. ISACA uses and reports scores on a common scale from 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established by the respective ISACA Certification Committee. A candidate receiving a passing score may then apply for certification if all other requirements are met.
The CISA exam contains some questions which are included for research and analysis purposes only. These questions are not separately identified and not used to calculate your final score.
Passing the exam does not grant the CISA designation. To become a CISA, you must earn the required job experience and submit a CISA application. The application is available at www.isaca.org/cisaapp. Until your application is received and approved, you are not CISA certified and cannot use the designation.
7. Retaking the Exam
A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future exam administration. To assist with future study, the results letter each candidate receives will include a score analysis by content area. There are no limits to the number of times a candidate can take the exam.
Recommended Read : Complete Details of CISA Exam preparation tips, Study material
CISA Exam Format – Complete Details