BE THE SOLUTION—BE A CISA

In today’s complex business environment, information has become the most valuable currency for enterprises. Information systems professionals play vital roles in leveraging the value, and assuring the security and integrity of information that drive business. CISA® is recognized as proof of competency and experience in providing assurance that critical business assets are secured and available.

Key Exam Registration Dates:

Testing Window

1 May - 30 June 2017

15 November 2016
Registration Opens
15 February 2017
Scheduling Opens
28 February 2017
Early Registration Deadline
23 June 2017
Final Registration Deadline

Testing Window

1 August - 30 September 2017

1 May 2017
Registration & Scheduling Opens
31 May 2017
Promotion Registration Deadline
22 September 2017
Final Registration Deadline

WHY CISA?

PREPARE FOR SUSTAINABLE CAREER SUCCESS

As it has become more important than ever that organizations recruit employees who can take a comprehensive view of information systems and their relationship to organizational and business success, many hiring managers look for CISA-certified candidates. For some business and governmental agencies, CISA is even a prerequisite for information systems and information technology roles. CISA has become world-renowned as the standard of achievement for those who assess an organization’s information technology and business systems and provide assurance on their availability and sustainability.  

  • Having a CISA certification on your resume/CV makes you quickly identifiable to employers as a highly qualified, experienced professional.
  • CISA demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise.
  • CISA is proof not only of competency in IT controls, but also your understanding of how IT relates to business.
  • Unlike many certifications, CISA requires real-world, hands-on work experience in addition to the achievement of passing a comprehensive exam. By recognizing this additional professional experience, CISA adds breadth to your credibility in the marketplace and in your role.
  • CISA holders are consistently recognized among the most-qualified professionals in the fields of IS auditing, control and security.

WHO SHOULD CHOOSE CISA?

The CISA Certification was specifically created for professionals with work experience in information

  • systems auditing, control or security that include:
  • IS/IT Auditors 
  • Security Professionals
  • IS/IT Consultants 
  • IS/IT Audit Managers

HOW ISACA MUMBAI HELPS YOU


ISACA Mumbai chapter conducts Review batches for CISA, CISM, CGEIT and CGEIT. We invite industry experts to help you prepare for certifications. We have our own premise with all facilities to study and prepare.
  • Experienced Faculty
  • Study Environment
  • Coached on Regularized Pattern of study
  • Formation of Study Groups
  • Opportunity to clarify doubts in the class
  • Gain Conceptual clarity
  • Exam Simulation – Two Mock Test

Useful information

The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. For a more detailed description of the exam see CISA Certification Job Practice. Also, CISA Exam Preparation resources are available through the association and many chapters host CISA Exam Review Courses (contact your local chapter).

Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience, to a maximum of 3 years, may be obtained as follows:

  • A maximum of 1 year of information systems experience OR 1 year of non-IS auditing experience can be substituted for 1 year of experience.
  • 60 to 120 completed university semester credit hours (the equivalent of an 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years, respectively, of experience.
  • A bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.
  • A master's degree in information security or information technology from an accredited university can be substituted for 1 year of experience.

Exception: 2 years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for 1 year of experience.

As an example, at a minimum (assuming a 2-year waiver of experience by substituting 120 university credits), an applicant must have 3 years of actual work experience. This experience can be completed by:

  • 3 years of IS audit, control, assurance or security experience

OR

  • 2 years of IS audit, control assurance or security experience and 1 full year non-IS audit or IS experience or 2 years as a full-time university instructor.

It is important to note that many individuals choose to take the CISA exam prior to meeting the experience requirements.

This practice is acceptable and encouraged although the CISA designation will not be awarded until all requirements are met.

The work experience for CISA certification must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. The CISA Application for Certification is available at www.isaca.org/cisaapp. Note that candidates have 5 years from the passing date to apply for certification.

Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.

The objectives of the continuing education program are to:

  • Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of information systems auditing, control or security.
  • Provide a means to differentiate between qualified CISAs and those who have not met the requirements for continuation of their certification
  • Provide a mechanism for monitoring information systems audit, control and security professionals' maintenance of their competency
  • Aid top management in developing sound information systems audit, control and security functions by providing criteria for personnel selection and development

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

View the complete Continuing Professional Education Policy.

Individuals holding the CISA designation agree to adhere to the Information Systems Auditing Standards as adopted by ISACA.

Please note that decisions on applications are not final as there is an appeal process for certification application denials. Inquiries regarding denials of certification can be sent to certification@isaca.org.

To know more visit www.isaca.org

SECURE YOUR ENTERPRISE AND YOUR CAREER—OBTAIN A CISM

In a world where enterprise success is increasingly dependent on information systems and information technology, the trust customers, clients, employees and other stakeholders have for an enterprise can quickly dissipate in the face of a data security breach. To ensure greater alignment between organizations’ information security programs and their broader goals and objectives, more and more enterprises and government agencies expect, and even require, their information security professionals to hold the CISM® certification.

Key Exam Registration Dates:

Testing Window

1 May - 30 June 2017

15 November 2016
Registration Opens
15 February 2017
Scheduling Opens
28 February 2017
Early Registration Deadline
23 June 2017
Final Registration Deadline

Testing Window

1 August - 30 September 2017

1 May 2017
Registration & Scheduling Opens
31 May 2017
Promotion Registration Deadline
22 September 2017
Final Registration Deadline

WHY CISM?

PREPARE FOR SUCCESS IN AN INCREASINGLY IMPORTANT AND IN-DEMAND FIELD

Around the world, demand for skilled information security management professionals is on the rise, and the CISM certification is the globally accepted standard of achievement in this area. The uniquely management-focused CISM certification ensures holders understand business, and know how to manage and adapt technology to their enterprise and industry. Since its inception in 2002, thousands of professionals worldwide have earned the industry- leading CISM to affirm both their high level of technical competence and qualifications for top-caliber leadership and management roles.

  • In addition to technical competence, CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives..
  • The credibility CISM offers is strengthened by its real-world experience requirement. Unlike some security certifications, CISM verifies that holders have a minimum of five years of information security work experience, in addition to having passed an exam..
  • Earning a CISM is considered a great way to pave the path from security technologist to security manager, and helps you rise to the top of hiring managers’ resume/CV stacks.
  • CISM holders are consistently recognized among the most-qualified professionals in the information security and risk management fields.
  • CISM promotes international security practices and CISM-certified employees provide enterprises with an information security management certification recognized by organizations and clients around the globe. So having a CISM certification adds directly to the value you offer the enterprise you serve.

WHO SHOULD OBTAIN A CISM?

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include:

  • Information Security Managers
  • Aspiring Information Security Managers
  • IS/IT Consultants
  • Chief Information Officers

HOW ISACA MUMBAI HELPS YOU


ISACA Mumbai chapter conducts Review batches for CISA, CISM, CGEIT and CGEIT. We invite industry experts to help you prepare for certifications. We have our own premise with all facilities to study and prepare.
  • Experienced Faculty
  • Study Environment
  • Coached on Regularized Pattern of study
  • Formation of Study Groups
  • Opportunity to clarify doubts in the class
  • Gain Conceptual clarity
  • Exam Simulation – Two Mock Test

Useful information

Score a passing grade on the CISM exam. A passing score on the CISM examination, without completing the required work experience as outlined below, will only be valid for 5 years. If the applicant does not meet the CISM certification requirements within the five year period, the passing score will be voided.
Members of ISACA and/or holders of the CISM designation agree to a Code of Professional Ethics to guide professional and personal conduct.

The objectives of the continuing education program are to:

  • Maintain an individual's competency to ensure that all CISMs maintain an adequate level of current knowledge and proficiency. CISMs who successfully comply with the CISM CPE policy will be better equipped to manage, design, oversee and assess an enterprise's information security.

  • Provide a means to differentiate between qualified CISMs and those who have not met the requirements for continuation of their certification.

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

View the complete CISM Continuing Education Policy, available in English, Spanish, Japanese and Korean

Submit verified evidence of a minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas. The work experience must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam.

Experience Substitutions The following security-related certifications and information systems management experience can be used to satisfy the indicated amount of information security work experience.

Two Years:

  • Certified Information Systems Auditor (CISA) in good standing
  • Certified Information Systems Security Professional (CISSP) in good standing
  • Post-graduate degree in information security or a related field (e.g., business administration, information systems, information assurance)

One Year:

  • One full year of information systems management experience
  • One full year of general security management experience
  • Skill-based security certifications (e.g., SANS Global Information Assurance Certification (GIAC), Microsoft Certified Systems Engineer (MCSE), CompTIA Security +, Disaster Recovery Institute Certified Business Continuity Professional (CBCP), ESL IT Security Manager)
  • Completion of an information security management program at an institution aligned with the Model Curriculum

The experience substitutions will not satisfy any portion of the 3-year information security management work experience requirement.

Exception: Two years as a full-time university instructor teaching the management of information security can be substituted for every 1 year of information security experience.

Once a CISM candidate has passed the CISM certification exam and has met the work experience requirements, the final step is to complete the CISM Application for Certification. There are three ways to obtain the CISM application:

  1. Complete and print an online application;
  2. Download application in PDF format (150K); or
  3. Request an application (sent in postal mail).

To know more visit www.isaca.org

SHOW THEM YOU UNDERSTAND RISK AND CONTROL FROM A BUSINESS PERSPECTIVE—OBTAIN A CRISC

In today’s business environment, enterprises need to innovate in order to survive and flourish. Innovation, however, almost always involves risk. To maintain or attain their competitiveness, future-thinking enterprise leaders are increasingly recognizing the need for professionals who understand technology, and specifically how to implement and align effective risk management and control frameworks with their enterprise’s business goals. ISACA® brought together its industry experts from around the globe to develop what is fast becoming the gold standard designation for risk management CRISC™ certification.

Key Exam Registration Dates:

Testing Window

1 May - 30 June 2017

15 November 2016
Registration Opens
15 February 2017
Scheduling Opens
28 February 2017
Early Registration Deadline
23 June 2017
Final Registration Deadline

Testing Window

1 August - 30 September 2017

1 May 2017
Registration & Scheduling Opens
31 May 2017
Promotion Registration Deadline
22 September 2017
Final Registration Deadline

WHY CRISC?

FUTURE PROOF YOUR CAREER SUCCESS

Types of risk may vary, but with its key role as an agent of innovation, technology has become the most critical risk factor for today’s enterprises. Since, conducting a risk assessment is not something a typical information technology education includes, many IT professionals are lacking in knowledge that businesses increasingly deem imperative to determining their future success. The CRISC designation demonstrates to employers that the holder is able to identify and evaluate IT risk, and help their enterprise accomplish its business objectives. Since its inception in 2010, thousands of professionals worldwide have earned the CRISC to affirm their business and IT risk management competence, and their ability to design, implement, monitor and maintain effective, risk-based information systems controls.

The CRISC certification ensures you are recognized as a professional with the skills and experience to provide value and insight from an overall organizational perspective on both IT risk and control
  • CRISC certification requirements are more than just passing an exam. They demand work experience across at least two CRISC job practice domains.
  • The first job practice domains that CRISC focuses on provide the organizational framework for managing and mitigating risk across business processes and technology.
  • As a CRISC holder, you will be able to establish a common language to communicate within IT and to stakeholders throughout the enterprise about risk.
Once you gain a CRISC certification, your enterprise can rely on your input to make effective risk-based decisions and prioritize resources to areas that are most at risk.
  • CRISC’s remaining job practice domains focus on information systems control design and implementation, and control monitoring and maintenance.
  • Strong general computer controls constitute a prerequisite for the establishment of a reliable information systems environment that effectively supports the enterprise’s business objectives and reduces risk.
  • A CRISC certification affirms your ability to plan and implement appropriate control measures and frameworks that further mitigate enterprise risk without stifling innovation.

WHO SHOULD CHOOSE A CRISC?

The CISM certification was developed specifically for experienced information security managers and those with information security management responsibilities who include:

  • IT Professionals
  • Risk Professionals
  • Control Professionals
  • Business Analysts
  • Project Managers
  • Compliance Professionals

HOW ISACA MUMBAI HELPS YOU


ISACA Mumbai chapter conducts Review batches for CISA, CISM, CGEIT and CGEIT. We invite industry experts to help you prepare for certifications. We have our own premise with all facilities to study and prepare.
  • Experienced Faculty
  • Study Environment
  • Coached on Regularized Pattern of study
  • Formation of Study Groups
  • Opportunity to clarify doubts in the class
  • Gain Conceptual clarity
  • Exam Simulation – Two Mock Test

Useful information

The examination is open to all individuals who have an interest in business and technology risk management as well as the development and implementation of IS controls. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. For a more detailed description of the exam see the CRISC certification job practice. CRISC exam candidates should be familiar with the terminology and concepts described in ISACA’s intellectual property and other credible sources. For how best to prepare for the exam, see the CRISC Frequently Asked Questions.
Certification is granted initially to individuals who have successfully completed the CRISC exam and meet the following work experience requirements in the fields of IT risk management and IS control. A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) of the four (4) CRISC domains is required for certification. Of these two (2) required domains, one (1) must be in either Domain 1 or 2. There are no substitutions or experience waivers.

Once a CRISC candidate has passed the CRISC certification exam and has met the work experience requirements, the final step is to complete and submit the CRISC Application for Certification. Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination. Retaking and passing the examination will be required if the application for certification is not submitted within five years from the passing date of the examination. All experience must be verified independently with employers.
Members of ISACA and/or holders of the CRISC designation agree to a Code of Professional Ethics to guide professional and personal conduct.

The objectives of the continuing education program are to:

  • Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of risk and information systems control.
  • Provide a means to differentiate between qualified CRISCs and those who have not met the requirements for continuation of their certification
  • Provide a mechanism for monitoring risk and information systems control professionals' maintenance of their competency
  • Aid top management in developing sound risk and information systems control functions by providing criteria for personnel selection and development

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

View the complete Continuing Professional Education Policy.

To know more visit www.isaca.org

SHOWCASE YOUR EXPERTISE IN AN AREA OF CRITICAL IMPORTANCE TO ENTERPRISES EVERYWHERE

As technology has become more and more vital to the achievement of business goals and value delivery, enterprise leaders have realized that enterprise governance must be extended to information technology and information systems. Successful enterprises now accept that it is critical to align IT projects, assets and processes with their business strategies and business goals. In order to support the growing demand from business and to promote good IT governance practices, ISACA® created the first and only designation to recognize skilled IT governance professionals—the CGEIT® certification.

Key Exam Registration Dates:

Testing Window

1 May - 30 June 2017

15 November 2016
Registration Opens
15 February 2017
Scheduling Opens
28 February 2017
Early Registration Deadline
23 June 2017
Final Registration Deadline

Testing Window

1 August - 30 September 2017

1 May 2017
Registration & Scheduling Opens
31 May 2017
Promotion Registration Deadline
22 September 2017
Final Registration Deadline

WHY CGEIT?

AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS

Good IT governance is a key element of a well-performing enterprise. Enterprises need qualified information systems professionals with knowledge and expertise that can help them identify critical issues and customize company-specific practices to support the governance of information and related technologies. The uniquely governance-focused CGEIT certification ensures holders are capable of bringing IT governance into an organization, can grasp the complex subject holistically, and enhance the value that the enterprise obtains from its IT. Since its inception in 2007, thousands of professionals around the world have earned the industry-leading* CGEIT designation as a means to affirm that they have the broad knowledge and wide-ranging experience necessary to support and advance the IT governance of an enterprise and ensure its IT and business systems align with optimum effectiveness and efficiency.

  • Developed with the input of subject matter experts from around the world, the CGEIT designation is designed for professionals who have significant management, advisory or assurance roles relating to the governance of IT.
  • CGEIT enhances your credibility, influence and recognition and demonstrates that you have proven experience and knowledge in the governance of enterprise IT.
  • CGEIT helps enterprises identify and hire professionals who have IT governance knowledge and experience and is considered by many companies and governmental agencies as a prerequisite for employees involved with enterprise IT governance.
  • CGEIT provides holders with greater recognition in the marketplace and influence at the executive level—and many holders consider it very valuable to their career progression and ability to deliver value to their enterprises.
  • CGEIT combines the achievement of passing a comprehensive exam with recognition of a minimum of five years proven work experience managing, advising on and supporting the governance of enterprise IT—including one year’s experience relating to the establishment and management of an IT governance framework.
  • CGEIT holders know more than limited areas of IT governance—they are able to grasp the complex subject as a whole and enhance the value businesses get from their IT.

WHO SHOULD OBTAIN A CGEIT?

The CGEIT certification was specifically developed for IT and business professionals who have significant management, advisory, or assurance roles relating to the governance of enterprise IT, including:

  • IS/IT Directors
  • IS/IT Managers
  • IS/IT Consultants
  • IT Governance Professionals
  • IS/IT Executives

HOW ISACA MUMBAI HELPS YOU


ISACA Mumbai chapter conducts Review batches for CISA, CISM, CGEIT and CGEIT. We invite industry experts to help you prepare for certifications. We have our own premise with all facilities to study and prepare.
  • Experienced Faculty
  • Study Environment
  • Coached on Regularized Pattern of study
  • Formation of Study Groups
  • Opportunity to clarify doubts in the class
  • Gain Conceptual clarity
  • Exam Simulation – Two Mock Test

Useful information

Members of ISACA and/or holders of the CGEIT designation agree to a Code of Professional Ethics to guide professional and personal conduct.

The objectives of the continuing education program are to:

  • Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of risk and information systems control.
  • Provide a means to differentiate between qualified CGEITs and those who have not met the requirements for continuation of their certification
  • Provide a mechanism for monitoring risk and information systems control professionals' maintenance of their competency
  • Aid top management in developing sound risk and information systems control functions by providing criteria for personnel selection and development

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

View the complete Continuing Professional Education Policy.

To know more visit www.isaca.org

GAINED NOT GIVEN

Experience and judgment. Strength and momentum. Confidence and trust. They’re all gained by the things we accomplish. And like anything truly valuable, they’re never just given. Cybersecurity Nexus™ (CSX) is a new program designed for the most ambitious cyber security professionals, empowering them to elevate their work, take control of their career paths and earn their place amongst the best.

Our on-site training programs bring expert cyber security instructors into the workplace to teach real-world courses, creating the opportunity to train your entire team in one or more sessions at one fixed price, with minimal downtime

WHY CSX?

TOWERING OVER THE COMPETITION

CSX is founded by ISACA, the most respected and trusted source for information and technology knowledge, community, standards and certifications in the world. With this as our foundation, we’ve continued to push the frontiers of the industry by designing a new program that will help shape the future of cyber security by training the professionals who will lead it. The range and quality of the certifications, education, and tools we offer is unmatched.

  • Our training, exams, and certifications focus on developing and affirming skills as well as knowledge. The rigorous testing pits your abilities to perform tasks and duties against scenarios you would encounter in the field and validates your skills for the real world.
  • No matter where you are in your career—university student to industry veteran—our career management insights, educational opportunities, and thought leadership provide you all of the resources and guidance you need to stay on top of cyber and become the very best in the industry.
  • Our certifications not only act as career benchmarks, but can also increase your professional credibility and earning potential.

The entry point into our cyber security program, Cybersecurity Fundamentals offers a certificate in the introductory concepts that frame and define the standards, guidelines and practices of the industry. The certificate and related training are an ideal way to get started on a career in cyber security. These skills are in high demand, as threats continue to plague enterprises around the world. This knowledge-based certificate can enable you to:

  • Demonstrate your understanding of the principles that frame and define cyber security and the integral role of cyber security professionals in protecting enterprise data
  • Add a credential to your resume/CV that will distinguish you from other candidates for advancement or a new job
  • Stay ahead of the curve on your current career path or start your new cyber security career strong

Download CSX Fundamentals Brochure

Validate your technical cyber security skills and ability to serve as a cyber security first responder. The performance-based CSX Practitioner Certification affirms your abilities to perform in this globally in-demand role from day one as a cyber professional who is:

  • Capable of following established procedures
  • Proficient in using defined processes
  • Able to work with known problems on a single system
  • Proficient with anti-virus, and has firewall and patching experience
  • Qualified to implement common security controls, and perform vulnerability scans and some analysis

This designation affirms that you have firewall, patching and anti-virus experience and can implement common security controls, perform vulnerability scans and some analysis.

Useful information

Members of ISACA and/or holders of the CGEIT designation agree to a Code of Professional Ethics to guide professional and personal conduct.

The objectives of the continuing education program are to:

  • Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of risk and information systems control.
  • Provide a means to differentiate between qualified CGEITs and those who have not met the requirements for continuation of their certification
  • Provide a mechanism for monitoring risk and information systems control professionals' maintenance of their competency
  • Aid top management in developing sound risk and information systems control functions by providing criteria for personnel selection and development

Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours is required during a fixed 3-year period.

View the complete Continuing Professional Education Policy.

To know more visit www.isaca.org