Certification Magazine - November 2007 - (Page 24)

INSIDE CERTIFICATION Spotlight on ISACA’s Certiﬁcations: CISA, CISM and the New CGEIT HOWARD NICHOLSON ISACA, a nonprofit IT governance association with more than 65,000 members in 140 countries, developed its first certification almost 30 years ago. Today, it offers two credentials and a new IT governance designation based on the body of knowledge of the IT Governance Institute (ITGI). With their global focus, as well as rigorous testing, professional experience and mandated continuing- education requirements, ISACA certifications are recognized as credentials that add value to organizations. “The need for certification as a way to identify highly qualified professionals is more critical than ever,” said Lynn Lawton, ISACA international president. “High-profile scandals, large financial settlements and damaging shareholder lawsuits have gained the attention of directors and senior management, who increasingly realize that their information technology deserves a high level of governance to minimize risks and support growth.” ISACA has a long history of certification programs. In 1978, ISACA established the Certified Information Systems Auditor (CISA) designation, which more than 50,000 professionals have earned. In 2002, the Certified Information Security Manager (CISM) certification was introduced, and more than 6,500 professionals have earned it. Both designations are accredited by the American National Standards Institute (ANSI). ISACA’s most recent credential, introduced in August, is the Certified in the Governance of Enterprise IT (CGEIT) certification. CGEIT IT has become vital to the achievement of enterprise goals and delivery of benefits, and executives are realizing enterprise governance must be extended to IT, as well. After surveying stakeholders from a cross-section of industries (including chief information officers and senior IT professionals), ISACA determined there is a business need for a certification that recognizes expertise in IT governance and helps enterprises identify and hire professionals who have IT governance knowledge and experience. To meet this growing business demand, ISACA has introduced CGEIT. Supported by ITGI, as well as built on the institute’s intellectual property and input from subject-matter experts worldwide, CGEIT focuses on the five areas of IT governance: strategic alignment, resource management, risk management, performance measurement and value delivery. It also focuses on frameworks that provide support for IT governance (e.g., CobiT and ITIL). It is designed for professionals who have a management, an advisory or an assurance role relating to the governance of IT and who wish to be recognized for their IT governance-related experience and knowledge. To earn the CGEIT, applicants must prove at least five years of experience supporting the governance of an enterprise’s IT (or two years of IT governance experience and three years of management experience) and pass the CGEIT exam. The first CGEIT exam will be administered in December 2008. A grandfathering program, through which highly experienced IT governance professionals can apply for certification without taking the exam, is also available for a short time (see www.isaca.org/cgeit for details). CISA ISACA’s first credential, CISA, is recognized as a standard for information systems auditors. Its demand continues to grow — nearly 14,400 candidates registered for the June 2007 CISA exam, a 19 percent increase from the June 2006 exam. More than 25,000 candidates are expected to take the CISA exam this year. It is offered twice each year in 11 languages and at more than 230 locations worldwide. “Succeeding the CISA exam in 1985 changed my perspective from ‘efficiency at all costs’ to understanding the necessity for controlling technology, its costs and its strategy,” said Georges Ataya, Solvay Business School (Belgium) executive professor and managing partner of ICT Control SA-NV. “My involvement in developing the Val IT framework is a direct result of that changed perspective.” To earn the certification, a minimum of five years of information systems auditing, control or security work experience is required. Educational experience, such as a bachelor’s or master’s degree in the field, can be substituted for up to two years of work experience. Those holding the CISA designation use the credential in a variety of capacities: 24 CERTIFICATION MAGAZINE November 2007 http://www.isaca.org/cgeit

Table of Contents Feed for the Digital Edition of Certification Magazine - November 2007

Certification Magazine - November 2007 Contents Editor's Letter Data Stream Tech Careers Academic Connection Dear Techie Virtual Village Certification Outside Technology Inside Certification The Webmaster: Online Everyman Interface Time Tips: How to Fit Certification into Your Schedule Ad Index Endtag

Certification Magazine - November 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.