{"id":615,"date":"2009-02-07T19:35:55","date_gmt":"2009-02-08T00:35:55","guid":{"rendered":"http:\/\/www.coresecuritypatterns.com\/blogs\/?p=615"},"modified":"2009-02-07T19:35:55","modified_gmt":"2009-02-08T00:35:55","slug":"i-am-a-cisa-now","status":"publish","type":"post","link":"https:\/\/websecuritypatterns.com\/blogs\/2009\/02\/07\/i-am-a-cisa-now\/","title":{"rendered":"I am a CISA now."},"content":{"rendered":"<p>IT Security, Compliance Auditing and Governance has been on my focal areas for many years now&#8230;but I did&#8217;nt have a chance to explore it more closely due to my hands-on technical focus on implementing security solutions. Ofcourse, you can&#8217;t practice IT security implementation and compliance auditing together as a job <a href=\"http:\/\/www.isaca.org\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft\" src=\"http:\/\/www.isaca.org\/Images\/CISA\/cisa_overview.jpg\" alt=\"\" width=\"90\" height=\"38\" \/><\/a>&#8211; that certainly defeats the fundamental principles of security.\u00a0 So at the least, I wanted to know the skills of an IT auditor who evaluates the appropriateness and effectiveness of security controls &#8212; from a security practitioner&#8217;s perspective before there&#8217;s a audit violation or serious security issue that threatens required compliance. Additionally, I\u00a0 wanted to have the confidence of highlighting my customers, which types of security technologies are relevant and appropriate to meet their security control objectives and IT audit criteria.\u00a0 So I ended up exploring a CISA certification &#8211; to understand common body language of IT audit and governance process particularly to know the several critical areas of IT auditing which is not in the scope of IT security. I was also intrigued by the fact,<span class=\"copy\"> many private and public organizations recognize ISACA&#8217;s CISA credential as the standard for information systems auditors.<\/span><\/p>\n<p>I received my CISA exam results last week &#8211; it is great to know that I passed the exam &#8211; with an excellent score that was beyond my expectations :-).\u00a0 From my experience, It was not a tough exam. I did prepare for this exam a bit seriously for atleast couple of weeks (mostly evenings).\u00a0 I am not good at cramming techniques, so I ended up reading the select domains (IS Audit process and IT Governance) of CISA Review Manual 2008 where I was weaker..and glimpsed through other domains where I was very comfortable right from the beginning.\u00a0 Anyway it is good to have this designation..when the state of IT industry is in a turmoil.\u00a0 One note from a Deputy State Auditor still ringing in my ears &#8211; &#8220;Ramesh, with all the current audit regulations and more in the making&#8230;. IT Security industry remains stronger with growing demands and having a CISSP and CISA designations makes it easier to furthering your IT security career&#8221;.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>IT Security, Compliance Auditing and Governance has been on my focal areas for many years now&#8230;but I did&#8217;nt have a chance to explore it more closely due to my hands-on technical focus on implementing security solutions. Ofcourse, you can&#8217;t practice IT security implementation and compliance auditing together as a job &#8211; that certainly defeats the fundamental principles of security.\u00a0 So&#8230; <a href=\"https:\/\/websecuritypatterns.com\/blogs\/2009\/02\/07\/i-am-a-cisa-now\/\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4,6,9],"tags":[28,62],"class_list":["post-615","post","type-post","status-publish","format-standard","hentry","category-compliance","category-main","category-security","tag-compliance-main","tag-security"],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/comments?post=615"}],"version-history":[{"count":0,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/posts\/615\/revisions"}],"wp:attachment":[{"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/media?parent=615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/categories?post=615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/websecuritypatterns.com\/blogs\/wp-json\/wp\/v2\/tags?post=615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}