The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, and Microsoft training courses free for a week.
Learn More ❯

Certification Proves Its Worth to IT Security Professionals and Employers

Holding the right certification is especially important now, allergy | thanks to Sarbanes-Oxley in the U.S. and increased scrutiny on security worldwide.

According to Certification Magazine's 2007 Salary Survey, two of the five top paying certifications are ISACA's Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM). The CISM came in second with an annual average salary of $115,720, while the CISA scored fifth place with an average salary of $98,740. Clearly, as employers continue to realize the importance of information security and governance, they are relying on certifications to identify prospective employees with experience and expertise.

Holding the right certification is especially important now that Sarbanes-Oxley in the U.S. and increased scrutiny worldwide have focused attention not only on enterprise finances, but on the IT processes that support financial system control and reporting at nearly all organizations. The IT Governance Global Status Report-2008 from the IT Governance Institute (ITGI) found that more than 93 percent of global CEOs, CIOs and other senior executives surveyed recognize that information technology is vital for delivering the organization's strategy. IT has become so critical to the business, according to the report, that 70 percent of the survey's respondents regularly or always have IT on their organization's board agenda.

"Certifications fill a critical need of employers, as they offer a way to identify highly qualified, experienced professionals," said Lynn Lawton, CISA, FCA, FIIA, PIIA, FBCS CITP, international president of ISACA. "Boards and executives are increasingly realizing that their information technology deserves a high level of governance to minimize risks and add value, and they are looking for prospective employees with the experience and credentials to help them attain strong governance."

ISACA-a nonprofit association of more than 65,000 IT governance professionals worldwide-has a long history in the IT certification space. In 1978, ISACA established the CISA designation, which has been earned by more than 55,000 professionals since inception. ISACA's CISM certification was introduced in 2002, and it has since been earned by more than 7,000 professionals. Both designations are accredited by the American National Standards Institute (ANSI). The association's most recent certification, introduced in August 2007, is the Certified in the Governance of Enterprise IT (CGEIT) credential.

Many enterprises recognize ISACA's CISA credential as the standard for information systems auditors. Its demand continues to grow as organizations increasingly expect their IS auditors to hold the certification: nearly 14,400 candidates registered for the June 2007 CISA exam, a 19 percent increase from the June 2006 exam. Overall, more than 25,000 candidates took the CISA exam in 2007. One employer that recognizes CISA is the US Department of Defense, which named CISA an approved credential for DoD level 3 information assurance professionals.