Information Systems Audit and Control Association

1) Information Systems Audit and Control Association (ISACA)

a. Membership information

There are three kinds of memberships in the ISACA: professional, student, and academic. The professional membership costs between $67.50 and $135, not including the chapter dues. This membership offers discounts on certifications, as well as free continuing professional education. The other benefits of this membership are free online courses, free access to the Career Centre, and discounts on conferences, training, bookstore, and COBIT online. Discounts and free download information are also available. Networking, leadership and chapter benefits are also part of this membership. The student membership costs about $51, but the member must be either considered a full-time student by the college/university, be enrolled in at least twelve credit hours as an undergraduate, or nine hours as a graduate student. The student membership benefits are the networking opportunities. Students have the ability to meet with professionals and mentors in their fields to get an idea of what actually happens in the real world. They also have access to chapter meetings and on-campus meetings. Students also receive similar benefits as the professional membership, including access to certifications, education beyond the classroom, and the Career Centre. The last membership offered by the ISACA is the academic membership. This is a complimentary membership to teachers teaching courses in accounting, auditing, enterprise government (including IT/MS), executive masters programs in business, and specialist finance degree programs. As a member, the teachers will have access to the eLibrary, ISACA journal, the use of COBIT, Val IT, and support as well as learning tools. Teachers would also have access to the local chapter meetings.

b. Certifications and requirements

i. Certified Information Systems Auditor (CISA)-

To be certified as a Certified Information Systems Auditor or CISA, there are a few requirements. The first thing that needs to happen is that a person looking to become a CISA needs to pass the CISA exam. Next, the person has to also meet the work experience requirements. The work requirements are that the person needs to have a minimum of five years of experience in the professional information systems auditing or control security work experience. Waivers for this experience can be obtained. Some of the exceptions are if one has a master's degree in information technology, it can be substituted for one year of experience. Another substitution would be if the person had a bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. Work experience for certification must be achieved in the ten years before the application date or in the five years from the date in which the exam was passed.

ii. Certified Information Systems Manager (CISM)-

To be certified as a Certified Information Systems Manager or CISM, there are also requirements that must be achieved. Much like being certified as a CISA, one needs to pass the CISM exam. The work requirements for becoming certified are that the person needs a minimum of five years of information security with at least three of those years being in information security management in three or more of the job practice analysis areas. Substitutions can be made for these requirements. One of the substitutions that can be made is that if the person is a CISA in good standing would cover two years of experience. Another substitution that could be used is if the person was a Microsoft Certified Systems Engineer (MCSE). This would count as one year of experience. None of these substitutions could be used to substitute for the three years of being in information security management in three or more of the job practice analysis areas. Work experience could be achieved in a ten year period before submission of the application or in five years after passing the CISM exam.

c. Local chapters and officers/points of contact

The local chapter for the ISACA is the New England chapter. This chapter covers Maine, New Hampshire, Massachusetts, and Vermont. The point of contact for the chapter is Brian Castagna. Brian Castagna is also the president of the chapter. The other officers are Victoria Graves, who serves as the EVP and Mark Dudas, who serves as the AVP. Rachel Hu is the secretary and audit director, and Justin Theriault who is the chapter treasurer.

d. Research job opening

i. Auditor- IT

The job description for the job of IT auditor at Experis is that they want someone to preform audit tests on the enterprise-wide systems and controls. The person would also review the general controls for the system, data base management, network administration and overall information security, and then test those controls, while determining the control's effectiveness. They would also determine that information within the system was only being accessed by those who had authorization. The education and work requirements for this position are that the applicant has a minimum of five years of experience in IT auditing, a four year degree in accounting or information systems, and an active CISM, CISA, and/or CPA. The salary for this position is unlisted.

ii. Information Systems Auditor

The job description for the job of Information Systems Auditor at Entegee Engineering Technical Group is that they have to create and develop internal IT general control and SOX audits, as well as see them through. They will also have to work with corporate analyst and control managers in creating the risk assessment for the project, as well as document project scope and draft applicable audit procedures and approach. They will also be expected to perform audit procedures to assess the internal and IT controls within the compliance of policies and procedures of SOX. A bachelor's degree in information systems or accounting is needed as well as having active certification as a CISA. The salary for this position is unlisted.

2) Institute of Internal Auditors (IIA)

a. Membership Information

The Institute of Internal Auditors or IIA has three memberships available: individual, group, and government memberships. Individual memberships have different costs pending on what one is looking for or what one does for a living. A professional membership costs $230. A membership for a government employee is $125, a membership for an educator is $120, and for a student is $70. These

...