To support the growing business demands related to IT governance, promote good IT governance practices and recognize skilled IT governance professionals, ISACA has developed a new certification: Certified in the Governance of Enterprise IT (CGEIT). The international nonprofit association serves more than 65,000 IT governance, assurance and security professionals, and established the designation after realizing the need for a credential in the IT governance profession.

CGEIT Grandfathering Program

A grandfathering provision is in place for a limited time, allowing highly experienced IT governance professionals to apply for certification without taking the CGEIT exam. Hundreds of applications have already been submitted, and will continue to be considered through October 2008. The application fee (in US dollars) for those applying through the grandfathering process is $595 for ISACA members, $660 for CISA- and/or CISM-certified professionals who are not ISACA members and $725 for all others. Details about the grandfathering provision and application information can be found at www.isaca.org/cgeitgfapp.

The First Administration of the CGEIT Exam

The first CGEIT exam will be available in English on Saturday, 13 December 2008 in more than 230 sites internationally. To meet the needs of large enterprises, ISACA is also able to establish new exam centers virtually anywhere in the world where there is an interest.

Early Registration:
On or before 20 August 2008
ISACA Member: US $375.00   Non-Member: US $505.00

Final Registration:
After 20 August 2008, but on or before 24 September 2008
ISACA Member: US $425.00   Non-Member: US $555.00

CISA, the Certified Information Systems Auditor is ISACA's cornerstone certification. Since 1978, the CISA exam has measured excellence in the area of IS auditing, control and security. CISA has grown to be globally recognized and adopted worldwide as a symbol of achievement. There are more than 55,000 CISAs worldwide, and more than 11,000 individuals registered for the CISA exam in 2003 alone.

Are you prepared for the CISA Examination? To help demonstrate an excellent level of professionalism and competency, ISACA International offers the Certified Information Systems Auditor (CISA) Exam and Certificate. Once certified you need to secure 20 hours of continuing education (CE) each year, with a total of 120 hours at the end of a three-year cycle, to retain your certification.  View additional CISA information from the ISACA website here.

The Certified Information Systems Auditor (CISA) Exam is offered twice a year. Join more than 55,000 CISAs and discover the world of opportunities open to you.

CISA Exam 2008:

December Exam
Early registration deadline:  20 August 2008
Final registration deadline:  24 September 2008
Exam date:  13 December 2008

CISM, the Certified Information Security Manager is ISACA’s groundbreaking credential earned by over 7,000 professionals. It is for the individual who must maintain a view of the "big picture" by managing, designing, overseeing and assessing an enterprise's information security.

CISM, the Certified Information Security Manager is ISACA's next generation credential and is specifically geared toward experienced information security managers and those who have information security management responsibilities. CISM is designed to provide executive management with assurance that those earning the designation have the required knowledge and ability to provide effective security management and consulting. It is business-oriented and focuses on information risk management while addressing management, design and technical security issues at a conceptual level. While its central focus is security management, all those in the IS profession with security experience will certainly find value in CISM.  View additional CISM information from the ISACA website here.

The Certified Information Security Manager (CISM) Exam is offered twice a year. Join more than 7,000 CISMs and discover the world of opportunities open to you.

CISM Exam 2008:

December Exam
Early registration deadline:  20 August 2008
Final registration deadline:  24 September 2008
Exam date:  13 December 2008

Computer Security Auditor

The Attorney General has established the Electronic Recording Delivery System (ERDS) Program within the Department of Justice (DOJ), which is responsible for implementing the requirements of the Electronic Recording Delivery Act of 2004. This act authorizes a County Recorder, upon approval by resolution of the Board of Supervisors and system certification by the ERDS Program, to establish an ERDS for the delivery, and, when applicable, recording of specified digitized electronic records or digital electronic records that are an instrument of real estate transactions, subject to specified conditions, including system certification, regulation, and oversight by the ERDS Program. However, a county's ERDS can not become operational until the system has been audited by a Computer Security Auditor who has received prior approval from the ERDS Program to perform independent security audit services on an ERDS. In addition, a county's application for system certification by the ERDS Program must include the security testing results performed by the Computer Security Auditor.

The Computer Security Auditor approval is granted based on an individual's experience and having no disqualifying offense(s) based on a state and federal criminal record background check from a fingerprint submission. An approval by the ERDS Program does not guarantee employment, nor does the ERDS Program approval authorize a Computer Security Auditor to perform any auditing services other than those relating to a county's ERDS. Upon receipt of an ERDS Certificate of Approval, the Computer Security Auditor shall be authorized to contract with a County Recorder(s) to perform security testing of an ERDS. The Computer Security Auditor's contact information and geographical interest shall be posted on the ERDS web page.

An ERDS Certificate of Approval shall remain in effect for a period of 3 years from the date of issuance unless a letter of suspension is issued to the individual, or, the individual withdraws their approval status as a Computer Security Auditor. It shall be the responsibility of the Computer Security Auditor to renew their ERDS Certificate of Approval prior to the expiration date in order for it to remain valid.

An individual wanting to apply for approval as a Computer Security Auditor from the ERDS Program, may obtain the Electronic Recording Delivery System Application For DOJ Computer Security Auditor Approval, form # ERDS 0002, by downloading it from the ERDS web page at CA Department of Justice.