Cybersecurity

ISACA CISA

ISACA's audit cert. The credential of choice for internal/external IT audit and audit-adjacent GRC.

DifficultyAdvanced

StudyVaries

ExamVaries

Valid—

Reality check

ISACA's audit cert. The credential of choice for internal/external IT audit and audit-adjacent GRC. Pursue if: You're in audit or compliance and want senior credibility. Avoid if: You're targeting engineering work.

In context

This cert in isolation tells you very little. Here is where it actually sits. The pathways that use it, and the roles it realistically supports.

Pathways that include it

GRC (Audit, Risk, Compliance)
Core cert for this laneFirst role: GRC Analyst

Recommended prior knowledge

Audit or IT experience

Common misconceptions

It helps with it audit roles. It does not unlock engineering or pentest roles.
ISACA CISA alone clears HR filters; it doesn't replace shipped, documented work.

What this cert does NOT guarantee

Engineering or pentest roles

Practical skills that matter

IT audit roles
GRC / compliance roles in regulated industries