Let us take a look at the core basis of the CISA certification examination, which is essentially an examination of recognition and qualification for the aspiring Information Technologies Auditor. The examination ensures that a candidate has an accurate working knowledge of the current positions of different aspects of the IT industry. For example, he or she must know the status of current laws as regards the IT industry, as well as the changing nature of those laws, and the impact any such changes would have on the industry

™

The requirements for the CISA are demanding, to say the least - for example, it is impossible to even take the exam unless you have some actual experience working at auditing or in some position in the Information Technology industry. The exam itself is grueling and not for the faint of heart, with a strenuous two hundred questions covering six core areas of interest.

These six areas are the central areas of the Information Technology industry, and include subjects like Information Security Processes, which examines the integrity of a company's data transfers over it's internal networks, and also assesses the sophistication and reliability of it's software.

And it also examines a crucial aspect of company survival, the security and backup capability that the company maintains for it's core records.

Yet all this is only a single aspect of the CISA certification examination. There are a lot more aspects to be covered for the dedicated auditor. How about Information Technology Governance, for example, which examines every aspect of survival and growth for a successful company. There are some who would argue that survival IS growth - and therefore an organization must identify new and necessary technologies to incorporate into it's systems if it is to ensure it's continued survival.

Helping to define this process is the task of the dedicated and competent IT auditor - he or she will examine and identify necessary new technology, and then manage and oversee it's installation and incorporation into the businesses' present systems. One has to emphasize here that the integration has to be flawless, in that the process of installation and assimilation must result in as little disruption of the business' current processes as possible.

Also, integration of new technology and systems must result in growth for the business, or in some reasonable advantage, else the purpose is defeated. All this amounts to correct and accurate assessments carried out in the very beginning - this is key, and if it is done right, everything that follows can then be implemented by the conscientious auditor. Remember, the purpose of this process is not theoretical, but practical - it is to aid the business in maintaining it's position, and in ensuring it's growth, and in a world where competition is so intense, growth equals survival, extending the company's life span.

To become an information security auditor, you might think of taking the industry-leading exam. CISA (Certified Information System Security Auditor) by Information Systems Audit and Control Association. This exam covers almost all the areas necessary for an IT auditor to conduct a successful and effective IT security audit. For becoming a certified auditor, one must take the cisa training london exam, conducted by ISACA, twice in a year (June &December). Before going for the details on how to pass this exam and about its training facilities, let me tell you what are the areas that will be covered in this exam. There are basically 6 subject matter in IT audit areas, where your strength will be tested and those are:

• IT audit process

• IT governance

• Software Life Cycle Management

• IT service delivery

• Information asset protection

• Disaster Recovery and Business Continuity

Exam Requirements: One having 3 years of IT security related experiences along with a bachelor degree is eligible to take the exam. In case you lack the bachelor degree requirement, then you need to have 5-year of IT security or relevant experiences. Your experience does not necessarily be from IT security arena, but must be related to IT fields to get the accreditation of auditing exam.

How much is the CISA Exam Fees? The exam fee is around $550. For registration, you can visit-isaca.org; they will give you all the necessary exam schedules and help you register for the exam. Most of the country has ISACA local chapter, where exams are conducted twice in a year (June and December)

Exam Marks Distribution: There will be 200 multiple choice questions in the real exam, which need to be completed within 4-hour.There is no negative marking for any wrong answer. Marks distribution as follows:

IS Audit - 10%

IT Governance - 15%

Systems & Infrastructure Life Cycle Management - 16%

ITS Service Delivery and Support - 14%

Protection of Information Assets - 31%

Business Continuity and Disaster Recovery areas - 14%

How to buy the Study Guides? From ISACA you can buy their approved study guide, also known as "Review Manual" at $135. They also give some useful sample questions and CD - it will cost $225.For passing the exam both the review guide and sample questions are enough. So, do not worry much about exam passing, unless you do not prepare well all the study materials. Remember over 90-percent questions seem to be new to you when you take the actual test, no need to panic, real exam questions will be very much relevant with the sample questions and might be a bit tougher than those. So, just prepare the sample questions and review manual recommended by experts who already passed the exam.-that will do the trick for you.