The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

ISACA and SFIA Foundation Partner to Map CISA and CISM Certifications to Skills Framework for the Information Age

Rolling Meadows, IL, USA (8 March 2012)—The Skills Framework for the Information Age (SFIA), a model for matching the skills of the IT workforce to the needs of the business, has recognized two ISACA certifications: Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).

CISA, established in 1978, has been earned by more than 90,000 professionals since inception. CISM, introduced in 2002, has been earned by more than 18,000 professionals since inception.

“The Skills Framework for the Information Age was designed to be used wherever there is a need for definitions of professional skills in IT,” said Ron McLaren, operations manager of the SFIA Foundation. “ISACA’s internationally recognized qualifications underpin IT professionalism, and we are very pleased to include them in our skills mapping.”

SFIA is a model for describing and managing competencies for IT professionals. It maps out the range of skills as a two-dimensional table by tagging each skill with a category and responsibility level. These categories are divided into six main areas: strategy and planning, business change, solutions development and implementation, service management, procurement and management support, and client interface. SFIA is owned and managed by the SFIA Foundation, a consortium formed in July 2003 by the Institution of Engineering and Technology (IET), Institute for the Management of Information Systems (IMIS), e-skills UK, and the Chartered Institute for IT.

ISACA, a nonprofit, independent association of more than 95,000 IT professionals worldwide, administers four certifications: CISA, CISM, Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC).

“Employers worldwide look for ISACA certifications when hiring assurance, security, governance and risk professionals,” said Allan Boardman, CISA, CISM, CGEIT, CRISC, ACA, CA (SA), CISSP, chair of ISACA’s Credentialing Board and risk manager at a global investment bank. “We are pleased that SFIA, which organizations use to help ensure that they have the right skills in the right positions, has recognized CISA and CISM in its mapping.”

The Skills Framework for the Information Age is available at Additional information on ISACA’s four certifications is available at


With 95,000 constituents in 160 countries, ISACA ( is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) designations.

ISACA continually updates COBIT, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.

Follow ISACA on Twitter:

Join ISACA on LinkedIn:
ISACA (Official),   

Like ISACA on Facebook:

Participate in the ISACA Knowledge Center:

About the SFIA Foundation

The SFIA Foundation is a non-profit organization that exists to own and maintain the Skills Framework for the Information Age, the world’s leading definition of professional skills in information technology. This open source management resource is used by organizations in over 100 countries. SFIA defines 100 professional IT skills across seven levels of attainment. Separate licenses are available for internal use as a skills-management resource, and for commercial exploitation.


SFIA is supported by Accredited Partners and Accredited Consultants whose details can be found on the SFIA web site:


Join SFIA on LinkedIn: