Showing posts with label cisa. Show all posts
Showing posts with label cisa. Show all posts

Wednesday, 15 October 2014

ISACA CISM and CISA FAQ: You have less than 9 days to register!


By 


The deadline to register for your December CISA and CISM exam looms ever closer. You now only have less than 2 weeks to apply before registration closes on the 24th October.

So whether you’ve already registered or are just about to – now is certainly the time to refresh your knowledge about the upcoming 13th December CISM or CISA exams.


Q. When is the next CISM and CISA exam?

The next CISM and CISA exam is on the 13th December 2014.


Q. When can I register for the December exam?

Right now! You don’t have long until registration closes on the 24th October!

Miss this and your next chance to take the CISA and CISM exams will be in June 2015 (the date is currently unannounced). 


Q. I’m not sure if I’m ready for the exam, how can I tell?

ISACA provide a handy Self Assessment Test for both the CISA and CISM exams.

These self-assessments will help candidates assess their knowledge of both the CISM and CISA practice areas respectively. The assessments contain 50 sample items covering the appropriate subject matter to match the exam blueprint.

Plus, these items are representative of the types of questions you could get on your CISM / CISA exam.

You’ll be in a great position to determine your strengths and weaknesses after taking these tests. If you can locate any gaps in your knowledge you’ll be able to better focus you’re studying.


Q. I want to speak to other people who are also revising for their CISM and CISA exams - are there any forums I can use?

ISACA have developed a community exclusively for CISA and CISM exam registrations.
These forums allow you to share ideas, experiences, questions and study resources with other like-minded professionals.

Both the CISA and CISM communities are intended to help you prepare for your exams. Chapter certification coordinators (part of the ISACA Chapter group who help promote IS audit and security professions) have also been invited to reply to questions and share their study methods.

The CISM community forum


These forums are moderated by past top exam scorers who facilitate and drive discussion. You can find the forums here:

Q. I can’t make the exam I registered for, can I defer?

If you can’t make the exam, you’re able to request a deferral of registration fees to the next exam date.

Defer the December exam and you’ll have to wait until the next one runs in June 2015. If you want to defer your December 2014 exam to June 2015 and you apply on or before 24th October 2014, you’ll be charged a US $50 processing fee.

Defer later than 25th October 2014 and you’ll be charged a $100 processing fee.

Keep in mind, December 2014 deferral requests will not be accepted after 28th November 2014.

If you need to defer your December exam, you can do so either online or by fax. You can submit your deferral on ISACA’s website.


Q. How are the CISM and CISA exams scored?

ISACA uses a 200-800 point scale with 450 being the passing mark for both the CISA and CISM exams. It is worth noting that the exam score is not based on arithmetic or percent average.

For example, a scaled score of 800 represents a perfect score with all 200 questions correct; whilst a scaled score of 200 is the absolute lowest score attainable and signifies that only a small number of questions were correct.

A score of 450 represents a minimum consistent standard of knowledge required by the ISACA Certification Committee. 


Q. If I want to comment on the testing conditions – how will I do so?

If you want to comment about the testing conditions you’ll have a chance to do so at the end of your testing session by completing ISACA’s, ‘Test Administration Questionnaire,’ located at the back of your exam booklet. 


Q. Why do I have to wait 5 weeks for ISACA to process my exam results?

ISACA take the processing of exam results seriously. Each item of performance is carefully reviewed to ensure that they performed in a fair and consistent way.

A review of the preliminary statistical analysis begins a week or two after the exams finish. This analysis is conducted in up to 10 languages, across all 4 ISACA exams.

These guys sacrificed both legs to pass their CISM.
 Now that's dedication.

Image courtesy of hywards/morguefile
ISACA state this is an essential step because it identifies items that performed poorly. These items with poor performance are then reviewed by members of their respective certification committee. If an error, inconsistency or anomaly is discovered the answer’s weighting can be adjusted to ensure candidates are not penalised for ISACA’s error.


Q. Why don’t ISACA offer their exams electronically? This is 2014 after all…

Since most ISACA certified professionals are typically IT professionals, you might expect them to conduct their examinations with the use of computers.

ISACA re-evaluates their transition to a computer based testing environment every year. However, they have not as yet been able to achieve an online exam environment that would be more efficient, more secure and more affordable.

Their research has indicated that suitable CBT sites are not available in many of their 250 locations. Plus, they cite that, when seeing competitors move to CBT, their exam fees have increased massively (often by 100%) to compensate.


About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 11 August 2014

What your cert’s worth: security salaries under scrutiny


By 
Security roles have always been in the top half of the “IT salary hierarchy” and it seems unlikely to change anytime soon. According to a recent article on Tripwire business are investing more than ever, in order to protect themselves from security threats. Of course these investments include the recruitment and/or training of capable IT security staff.

Infographic created by the University of Alabama

With IT security becoming a top priority for businesses, certifications like the CISSP, CISA or CISM are gaining even more recognition. So if you’ve got one of these acronyms next to year name, you’re off to a great start in earning a high salary. Here are some of the average salaries in the UK for jobs requiring the following IT security certs, according to ITJobswatch.com
  1. ISACA CGEIT - £45,000
  2. EC-Council CEH - £49,000
  3. EC-Council CHFI - £51,500
  4. ISACA CISM - £55,000
  5. ISACA CRISC - £55,000
  6. (ISC)2 CISSP - £55,000
  7. ISACA CISA - £55,750
  8. ISACA COBIT - £57,500
ISACA Certified in the Governance of Enterprise IT (CGEIT) - £45,000

Certified in the Governance of Enterprise IT (CGEIT) is a program designed for professionals directing, managing and supporting enterprise IT governance. Holders of CGEIT are experts in risk management, performance measurement, value delivery and the governance and management of IT. As a CGEIT, you’ll earn an average salary of £45,000.

EC-Council Certified Ethical Hacker (CEH) - £49,000

Beat a hacker, by thinking like one. With EC-Council’s Certified Ethical Hacker certification you’ll know how to defend against the latest techniques used to exploit your organisation’s vulnerabilities. The CEH stretches far beyond the field of penetration testing and into everyday application and network security. Certified Ethical Hackers on average earn around £49,000.


Image courtesy of hyena reality/freedigitalphotos.net

EC-Council Computer Hacking Forensics Investigator (CHFI) - £51,500

EC-Council’s CHFI certification teaches you the use of forensics tools, analytical techniques, and procedures involved in obtaining, maintaining, and presenting computer forensic evidence and data in a court of law. Computer Forensics experts with a CHFI can earn £51,500 on average.

ISACA Certified Information Security Manager (CISM) - £55,000

CISM by ISACA is a widely recognised credential for IT security professionals specialising in managing, developing and overseeing information security systems and for developing best security practices. CISM certified professionals have proven skills in risk management, governance and incident management as well as program development and management. Similarly to CRISC, CISM holders have good prospects of earning an average salary of £55,000 a year.

ISACA Certified in Risk and Information Systems Control (CRISC) - £55,000


ISACA’s CRISC is for experienced IT professionals working in the fields of technology risk management and Information Systems Control. CRISC-holders can manage risk design and oversee response measures, scan and monitor systems for risk, and meet their organisation's risk management strategies. The average salary offer for CRISC certified professionals is around £55,000.



Image courtesy of njaj/freedigitalphotos.net

(ISC)2 Certified Information Systems Security Professional (CISSP) - £55,000

(ISC)2’s CISSP demonstrates your expert skills in developing, guiding, and managing security standards, policies, and procedures within your organisation. The certification is considered to be one of the most prominent and prestigious security credentials out there, which is due to its rather demanding prerequisites. As a Certified Information Systems Security Professional you can be earning an average salary of £55,000.

ISACA Certified Information Systems Auditor (CISA) - £55,750

CISA is a globally renowned credential for Information Systems audit and security experts. CISA certified professionals possess the necessary skills, knowledge and expertise to identify and manage vulnerabilities and risks within their organisations, while implementing solutions to deal with them. The average salary for CISA holders is around £55,750 per annum.

ISACA Control Objectives for Information and Related Technology (COBIT) - £57,500

ISACA’s COBIT framework helps you to maximise the value of Information Technology within your organisation. With this certification under your belt, you’ll know how to achieve strategic goals and minimise risks, whilst optimising the cost of IT services. COBIT certified professionals earn an average salary of £57,500.

There you have it, the worth of some of the top security certs expressed in monetary terms. And don’t forget, the more experience you have, the closer you get to making these numbers even bigger.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Tuesday, 15 April 2014

Top tips for passing your CISM or CISA exam


By 

ISACA extended its exam registration deadline until 22 April, which means one thing: it’s time to start preparing.

CISA and CISM are top credentials for IT security professionals specialising in managing, auditing, developing and reviewing information security systems and for developing best organisational security practices. Because of their high prestige, CISA and CISM are not easy to get, but if you follow these tips, you’ll be on the right track:

  • First thing’s first, read ISACA’s CISA or CISM review manual, as it provides you with the content, structure and main topics of the exam. Make sure you understand the key areas, but don’t just focus on the main bits, read everything at least once. It's better to not leave things to chance, right?
  • Take notes. It may be old school, but it works. Writing things down helps you remember and familiarise yourself with the concepts.
  • Once you're confident in your knowledge of most, if not all of the basic concepts of CISA or CISM, you can start testing yourself. Read the review questions, answers and explanations.
  • Remember, you’re not a student. You're an IT professional, and you have to manage IT systems efficiently, whilst making good, informed decisions.
  • Last minute revision: some say it’s good, some say it’s bad. Your call. Because you can’t take the CISA or CISM review manuals into the exam, it may be worthwhile to skim through the key areas 30 min before the exam.

Some people tend to get more nervous than others when it comes to taking an exam, so here are some general tips for keeping your cool before and during your exam:

  • Take a break every now and then. Doing long sessions of study or revision without a break won’t get you far, because you’ll lose focus. Take at least a 5-10 minute break for every 50 minutes of work.
  • Read it out. Verbal memorisation is often a better way to learn than just reading in silence.
  • Drink plenty of water to stay focused and hydrated.
  • Try to avoid caffeine. Whether it’s a cup of coffee or a can of Red Bull, caffeine will make you feel more anxious, so try to avoid it before going to your exam.
  • Do a bit of exercise. It gets your blood flowing and you’ll feel fresh. It also increases your focus.

Good luck. 

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 24 March 2014

Digital Badges for ISACA Credential Verification


By 

ISACA has decided to take countermeasures against fraudulent security credentialing with the use of Open Badges. Open Badges by Mozilla are digitally displayed badges and in this case, they will be awarded to those who have completed training and acquired an ISACA certification.

How does it work?

Open Badges are secure digital representations of ISACA credentials, such as CISA, CISM, CGEIT or CRISC. They can be embedded into emails, personal websites, a résumé, as well as social and professional networking websites, such as Facebook and LinkedIn. Displaying your open badge across social platforms offers potential employers an easy way to verify and evaluate your competencies and achievement.
Once someone clicks on the badge, it calls up a set of metadata, verifying the certification and sums up the qualifications and the process, which were required to earn it.


“ISACA credentials are in demand by employers worldwide, and we are glad to offer our certification holders the opportunity to utilize open badges to demonstrate their accomplishments… Open Badges offer an efficient method for current and potential employers to validate a certification, and also give certification holders a simple and effective opportunity to tell their professional story and enhance their recognition.” said Allan Boardman, International Vice President of ISACA and Chair of ISACA’s Credentialing and Career Management Board, in a recent statement.

Which is your ISACA course?

CISA, CISM, CGEIT, CRISC. We run them all, just pick the one that suits you best. Visit our course page and view more details about accelerated ISACA training courses.

ISACA’s exam registration deadline is near

ISACA only runs its exams three times a year, with the next one coming up on 14th June. If you want to take your exam as early as possible, you have to register by 11th April, which is the final registration deadline for the June exam.

Have you already completed your course and registered for the exam? Well done, here are some revision tips for passing your exam! 

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Monday, 6 January 2014

Tech Resolutions for 2014 by ISACA


By 


The New Year is here and we must be prepared for everything it may bring. According to global non-profit IT association ISACA, IT and cyber-security professionals will have to switch gears if they want to successfully deal with the challenges of 2014, especially in cyber-security, data privacy and big data.

“The pace of change expected in 2014 will put incredible pressure on technology professionals in the workplace with a focus on keeping IT risk in check while at the same time delivering value to the business. But this is also a chance for the IT department to be a strategic partner with the business on navigating these issues and opportunities,” said Bhavesh Bhagat, CISM, CGEIT, CEO of EnCrisp, co-founder of Confident Governance and member of ISACA’s new Emerging Business and Technology Committee.

ISACA’s Top 5 Tech Resolutions for 2014
  • Prepare for Privacy 2.0 - Attitudes toward data privacy are unlikely to reach a consensus in 2014. Instead, be prepared to accommodate both those with little expectation of privacy and those who view their personal data as currency and want to control how that currency is spent.
  • Slim down big data - Explosive data volumes were the #1 issue posed by big data in ISACA’s 2013 IT Risk/Reward Barometer. Unmanageable data creates redundancies and is difficult to keep safe. In 2014, eliminate the excess and consolidate what remains, to promote sharing and protect using better controls.
  • Plan to compete for cyber-security and data analytics experts - Demand for smart analytics people and cyber-security defenders with the right certifications is only going to increase in 2014—the year of the data professional. If you plan to recruit , make sure your salary package and job descriptions are competitive.
  • Rethink how your organisation is using your information security experts - With some elements of IT security operational responsibility (including malware detection, event analysis and control operation) increasingly being outsourced to cloud providers, smart leaders are enabling their internal security experts to become hunters instead of just defenders. This allows them to proactively deal with the most hard-to-detect threats, build internal intelligence capabilities, construct better metrics and invest in operational risk analysis.
  • Ramp up for the Internet of even more Things - With 50 billion devices expected to be connected to the Internet by 2020, start working now on a policy for governing connected devices—many invisible to the end user—if your enterprise doesn’t have one already.
Learn more about information security management, risk management or governance of IT on our ISACA courses.

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 6 June 2013

Last minute tips for passing your ISACA CISA or CISM exam


By 


Updated on 16/07/2015
CISM ISACA logo
ISACA's CISA and CISM are must-have certifications for any IT security professional working with information security systems. 

These high prestige certifications are difficult to attain, but if you follow these tips, you'll be better prepared to achieve them:

  • Read through the ISACA Exam Candidate Information Guide 2015, which you can find here.
  • By now you've probably read or re-read ISACA’s CISA or CISM review manual which provides you with the content, structure and other topics of the exam. Highlight key areas and devote extra attention and time to them. Don't leave anything to chance.
  • Join the discussions in ISACA’s Study Communities – click here for the CISA group and here for the CISM group. 
  • In case you haven’t got the CISA/CISM Practice Questions Database v15 resource, ISACA also offers free CISA and CISM Self-Assessment tests which will help identify gaps in your knowledge that are in need of further study. Here are the links - CISM Self-Assessment and CISA Self-Assessment.
  • Stay old school. Take notes and read things out loud. Both will help you memorise concepts more easily.
  • Once you're confident, and can explain most if not all the basic concepts of CISA or CISM, then read review questions, answers and explanations.
  • This is not a university or high school exam. Think like an IT Auditor and not like a student. You have to manage tasks the best way by making the best decisions.
  • Many students find that the hardest part is visualizing the concepts, which you’ll need to do in the exam. So try to prepare some of your own before hand.
  • As you’re probably aware, you can’t take the CISA or CISM review manuals into the exam, so try to skim through the key areas 30 min before the exam.

CISA ISACA logoOne thing to note is that the markers don’t want to know if you are the strongest in IT related systems, they just want to be sure you’re competent enough and can make the best decisions, evaluate and review IT security and audit related issues.

Here are some more general revision tips to ensure your exam success:
  • Frequent breaks are essential. Don’t expect your brain to focus for hours, if you don’t give it some rest. Take a 5-10 minute break for every hour spent with studying
  • Drink plenty of water as it helps you to think and most importantly it hydrates you.
  • Avoid caffeine. Coffee, Coke or Red Bull, they will only make you feel more anxious, so cut them out of your “exam diet”.
  • Before the test, do some exercise. It gets your blood flowing and relaxes you. It also increases your alertness.
And one last thing, try to relax! Visualise your goal: your name on this certification (or your slightly different CISM certification).

CISA certification template

Do you need more information/inspiration? Check out these great CISM & CISA resources:
Or watch these two videos of CISA and CISM certified professionals.


Good luck.


About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Friday, 8 March 2013

ISACA’s CISM and CRISC among highest-paying IT certs



By 



ISACA logoISACA’s Certified Information Security Manager (CISM) and Certified in Risk and Information Systems Control (CRISC) certifications are two of the highest-paying IT certifications, according to the Foote Partners’ IT Skills and Certifications Pay IndexTM (ITSCPI).

“ISACA’s rigorous certification programs are designed to help IT professionals demonstrate to their employers their abilities to help the enterprise improve trust in, and value from, information systems,” said Allan Boardman, CISA, CISM, CGEIT, CRISC, CA (SA), ACA, CISSP, chair of ISACA’s Credentialing Board and risk manager at a global investment bank. “As the Foote Partners’ report indicates, professionals who hold the CISM or CRISC certifications are earning especially high premiums for their efforts and are strongly valued for their contributions to the overall enterprise.”

Since its inception 10 years ago, nearly 20,000 professionals have trained in CISM. The CISM certification is for individuals who manage, design, and oversee/assess a businesses’ information security (IS). The CISM certification is a globally recognised cert and provides executive management with assurance that those earning the designation have the required experience and skills to provide effective security management and consulting services.

The ITSCPI was launched in 1999 and tracks market values for individual IT skills and certifications at 2,350 employers.

For more information on ISACA certifications, visit: www.firebrandtraining.co.uk/courses/isaca

About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Friday, 8 February 2013

CISA, CISM and CRISC awarded Best Professional Certification Program




By 


ISACA’s CISA, CISM and CRISC certification programs are finalists for the “Best Professional Certification Program” in SC Magazine’s 2013 Awards.


In a recent study by Foote Partners, it was found that CISA, CISM and CRISC certification holders earn pay premiums that place the certifications in the top 7 percent of all 268 IT industry certifications reported by Foote Partners.

According to the IT Skills and Certifications Pay Index, those who obtain the CISA, CISM or CRISC certifications are ranked among the highest paid professionals.

SC Magazine Awards 2013 FinalistsTo make this list, a certification program must average a pay premium in excess of the equivalent of 10% of base salary.

CISM was already voted among our top four security certifications. CISM is also highly sought after for IT positions. It is also widely recognised in organisations and government agencies.

It provides a body of knowledge for information security management, focusing mainly on information risk management. It also demonstrates to employers that the professional has a strong understanding of security governance, risk management and compliance, security program development and management, and security incident management.

According to itjobswatch.co.uk, the average salary for a CISM professional is £52,500.


About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, IT training, IT certification trends, project management, certification, careers advice and the IT industry itself. Sarah has 11 years of experience in the IT industry.

Tuesday, 17 April 2012

CISA and CISM Deadlines Extended


There are only two chances to sit ISACA's Certified Information Systems Auditor (CISA) and Manager (CISM) exams each year.

ISACA has extended their deadline to register for CISA and CISM exams. The final date to register is the 20th of April. The exams take place on 9th June.

Our next 3-day accelerated CISA Course starts on the 21st May, while the 4-day accelerated CISM Course starts on the 14th May.

Call your Account Manager on 080 80 800 888 for best pricing, to help you certify in CISA and CISM.

Since it was established in 1978, the CISA certification has been the globally accepted standard of competency among IS audit, and control and security professionals.
According to Information Career Trends Survey, CISA is one of the top 3 sought-after certifications of 2012.

The CISM certification validates that professionals have the knowledge and expertise to provide effective consulting services and security management.

Monday, 2 April 2012

ISACA Partners With the Skills Framework


ISACA entered into a partnership with the Skills Framework for the Information Age Foundation(SFIA), which recognises Certified Information SystemsAuditor (CISA) and Certified Information Security Manager (CISM) certifications in the Skills Framework. This framework provides a standard of IT-related work areas and levels of responsibility that employers can use to identify skill gaps in companies. IT workers can also use it to benchmark their skills and plan for career development.
The Skills Framework is the preferred model used by governments and more than 15,000 businesses, in 100-plus countries, to manage skill needs and to set national education and training requirements. 

Monday, 19 March 2012

CISA and CISM Deadlines

There are only two chances to sit ISACA's Certified Information Systems Auditor (CISA) and Manager (CISM) exams each year.

Here are the relevant dates for the exam in June 2012:

10th February - Early registration deadline for the CISM/CISA exam.

4th April - Final registration deadline

9th June - CISM/CISA Exam

Our next 3-day accelerated CISA Course starts on the 21st May.

Our next 4-day accelerated CISM Course starts on the 14th May.

Call your Account Manager on 
080 80 800 888 for best pricing, to help you certify in CISA and CISM.

Since it was established in 1978, the CISA certification has been the globally accepted standard of competency among IS audit, and control and security professionals.

The CISM certification proves that the certified professionals have the required knowledge, experience and skills to provide effective consulting services and security management.

Thursday, 15 March 2012

CISA crosses 90,000


ISACA has awarded the 90,000th Certified Information Systems Auditor(CISA) certification since it first started back in 1978.

CISA has become a preferred certification for individuals wanting to gain knowledge of information systems (IS) audit, control and security skills. It is recognised internationally as a global standard for professionals and organizations.

Tuesday, 7 February 2012

How much is your security worth?

Computerworld reports that companies are willing to pay more for certified information security professionals.

A report by New Canaan reveals that certified professionals earn 10 to 15% higher salaries than non-certified individuals. Certifications worth the most in the field of information are CISSP, CISA and CISM.

“The demand for certified security professionals has been on the rise for some time now. Some high profile breaches like Sony, Nintendo and even the CIA have made companies nervous about their own customer data being compromised” says Robert Chapman, CEO of Firebrand Training.

This trend in IT security certs shows that it’s not just the government regulation that makes the businesses invest more in security. It is to ensure that the company and their customers don’t lose valuable data and personal information.

Tuesday, 6 April 2010

UPDATE - CISA and CISM exam deadline extended

The deadline for registering for CISA and CISM exams has been extended to Friday 9th April 2010. Visit the ISACA website to register for the respective exams. Use the following links - CISA and CISM.

Tuesday, 30 March 2010

Where can you register for CISM and CISA exams?

If you are looking to register for CISA and CISM exams, then you need to do it quickly.   The deadline for both these exams is fast approaching (7th April 2010).  Visit the ISACA website to register for the respective exams.   More information of can be found here and here.

Tuesday, 22 September 2009

ISACA CISA and CISM Exam Registration Extended

There's only two chances each year to sit ISACA's Certified Information Systems Auditor and Manager exams.

But due to increased demand the final registration for the CISA and CISM courses has been extended to Wednesday, 7th October 2009.  This will allow you to sit exams on 12th December 2009.

If you are looking to get CISM (4 day course) and CISA certified (3 day course) this year, then call us as on 0844-888-1600 to discuss the best pricing.