The Certified Information Systems Auditor (CISA) credential, offered through ISACA, requires certified practitioners to attain continuing professional education (CPE). The CPE program is designed to ensure that CISAs maintain their current knowledge and proficiency in auditing, monitoring, assessing, and controlling information systems (IS).
CPE refers to professional development activities related to technical and managerial training for IS assessment and for improving audit, security, or control skills. Only training outside of regular on-the-job activities count as CPE.
ISACA requires a minimum of 20 CPE hours annually and a minimum of 120 hours over a three-year period. CISAs need to keep records of their CPE activities and report their CPE hours. ISACA may elect to audit a CISA’s CPE activities and request supporting documentation.
In addition to earning CPE credits, there are several other requirements for maintaining the certification. CISAs must:
- Adhere to ISACA’s Professional Code of Ethics
- Agree to abide by ISACA’s auditing standards for information technology
- Submit an annual fee to ISACA
ISACA has 11 categories that qualify as CPEs, and some of the categories have limits on how many hours you can earn.
ISACA professional education: This includes seminars, workshops, and conferences offered by ISACA, as well as chapter activities such as meetings and programs. CPE hours are based on active participation, and chapter meetings earn at least one hour regardless of duration.
Non-ISACA professional education: This is a broad category that includes professional meetings, university courses, corporate in-house training, seminars, conferences and so forth. Certification review courses also qualify if they advance IS audit, control or security skills or expertise related to audit-related management. CPE credit is earned based on active participation but successfully completed university courses count as 15 CPE hours per semester credit hour (semester is 15 weeks) and 10 CPE hours per quarter (10 weeks) (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Rodika Tollefson. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/WvEZTA0JE04/