What jobs can I get as a CISA holder?
In 2015, I was required to travel 6 hours to a testing site and complete a bubble-type answer page with a #2 pencil. There were 200 other test takers — all for this exam. It was like sitting for the SATs. It was strange, as I was used to taking online certification exams at testing centers where I was the only one taking them.
The number of accountants sitting for the exam was one of the most surprising things about the experience. I asked one of them about why they were taking an IT-related exam. He explained that accountants audit businesses every day in the financial industry. With the CISA program training, they could also audit for information security compliance. This was very interesting to me, as I hadn’t thought of anyone outside of IT performing IT audits.
Who Should Take the CISA Exam?
You may now be wondering who else, besides auditors, might be interested in CISA certification. You can find the answer by looking at the core content of the certification curriculum, which deals with compliance and risk. CISA certification is good for anyone who is skilled in managing compliance and risk.
These jobs go beyond IT auditors.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start trainingCompliance Analyst/Program manager: These positions are responsible for compliance programs and ensuring that organizations comply with programs such as PCI–DSS (Payment Card Industry Data Security Standard), HIPAA [Health Insurance Portability and Accountability Act] and GDPR (General Data Protection Regulation). Compliance involves many aspects. It is important to pay attention to detail because there is a lot of paperwork that must be generated and reviewed in order to ensure compliance policies and procedures are in place.
Risk Analyst/Program manager: Any position that is risk-based works to reduce and identify risk. These positions are responsible to observe business processes to identify potential risks and then offer solutions to reduce the impact of the risk on the organization.
Data Protection Manager: This role focuses on protecting sensitive data and identifying the controls that are in place to protect it. This involves working with data owners to identify sensitive data and then verifying that controls are functional. Data protection personnel are responsible for ensuring that data is handled and protected in accordance with applicable data protection laws.
Security Officer / Security manager (CISO/ISSO/ISSM: The security officer or manager oversees security at a certain level and provides guidance. These roles are more general, as they oversee all security practices. This generalization is why the CISA certification would prove useful to those in these roles. CISA certification provides a wealth of knowledge in auditing risk and compliance, which helps to ensure that processes and practices are being followed by those who work for them.
CISA certification would also benefit another group of people. This is anyone who performs information assurance functions and has access to US Department of Defense (DoD), information systems. This includes DoD employees, contractors, and military personnel. This is because the DoD requires information tech personnel to meet certain requirements as outlined in DoD 8570, DoD 8140, and CISA certification.
The CISA is a Must-Take
CISA certification is a great option if you fall within any of these job categories.