First step in auditing and becoming certified are to find an accredited institute that offers the CISA certification. To obtain the certification, you will need at least five years in computer security, control or auditing work experience in the past ten years, preferably on information assurance or network management. If you have the required minimum: Two years at the minimum of Bachelor’s level of study at an accredited university or college that offers computer security certification, or two years at a minimum of a Master’s level of study at an accredited university or college that offers information assurance certification. You will need to submit your transcripts from your Bachelor’s degree or Master’s degree programs. For those who have taken courses in subjects such as IT Management, or IT Security, but not studied computer security directly, you will have to submit the appropriate documentation from the subject’s course.
Once you have found a school that offers CISA certification, you will have to complete the university exam. This exam is offered in two parts, and the first part consists of forty questions and the second part has a time limit of about six months to complete. After you are approved for a time limit for your completion, you will have to pass the entire exam in order to be certified.
After the certification, you can start your career with the National Security Agency (NSA). This is not the only possible career that you can pursue, however. There are other agencies such as the Federal Bureau of Investigation (FBI), and Department of Defense (DoD) who would hire you. In fact, some government agencies are willing to work with private companies for information assurance, which means that you can work for a company and for the government at the same time. For example, in the Department of Defense, the FBI works with commercial auditors, while private firms work with government auditors.
If you are interested in auditing at the DoD, the FBI offers auditing jobs at the Federal Trade Commission, Office of Technology Assessment and Research, and the United States Patent and Trademark Office. The Federal Trade Commission also offers a number of positions for CISA auditors.
To become a certified CISA auditor, the Department of Defense offers two types of employment positions; the civilian and the active duty. With the civilian, you are not required to have specialized training, while the active duty position requires you to have both a bachelor’s degree and an active duty certificate or a graduate degree. For the active duty positions, the most common qualifications include being a U.S. Coast Guard, Army, Air Force or Marine Corps officer, or retired from one of these branches of the military. The requirements are usually the same as the civilian ones, although they tend to pay a lower salary and you do not get the same benefits.
To become certified with the National Security Agency (NSA), the requirements for this position include a bachelor’s degree and two years of successful work experience in information assurance in the field of computer security or an equivalent. The qualifications for this position include knowledge in the fields of computer forensics and cryptography. As an employee in the national security field, the agency also needs you to have an understanding of network security, data integrity, and security assessment.
For the Department of Defense (DoD), military auditors must be certified by the Department of Homeland Security (DHS), with at least two years and four semesters of training in information assurance as well as an associate degree in any other related science and mathematics course. The training program may consist of either classroom study or an approved course at a technical institute.