Certified Information Systems Auditor (CSA) Discussions
Certification

I work in government internal auditing and I'm not really liking it right now. I'm micromanaged to all hell and there's crap training. I've considered opportunities at some firms that specialize in IT assurance since I have a CISA. I always hear about how much more chill it is in government, but I'm not loving it, tbh. Should I just stick it out here or consider leaving?

Hello! Currently studying for the CISA and have it scheduled in 3 weeks. Am mainly using the QAE and a bit of the CRM/Doshi videos. How reflective are the QAE questions compared to the actual exam? Is the exam much trickier in terms of answer choices or super technical questions? Any advice much appreciated 😊

What positions at a Big 4 don’t require any sort of certification whatsoever or an MBA at maximum. I currently work in Corporate Finance and don’t know if I have translatable skills. I have no interest in CPA/CISA. Thanks

How much does a CISA part time instructor earn? Looking for a part time job along with main job.

Anyone here take the CISA? How long did you study for? Did you struggle with it?

Which AWS certificate is best for IT audit background? Already have CISA and looking to get AWS certificate under my resume.

Which AWS certificate is best for federal IT audit background? Already have CISA and looking to get AWS certificate under my resume.

Where could I go next? Currently making 100k as an A3 at PwC under cyber. Have around 5 years of experience between IT audit, financial audit, and IAM implementations. Hold a CISSP and CISA.

Can someone PLEASE tell me how much the QAE aligns with the real exam for the CISA? Is the actual exam more difficult/trickier? Currently doing a combo or CRM, QAE, and Doshi videos and just want to make sure I’m covering all my bases. I have about 2 years of IT Audit experience as well.

Will my work experience in public auditing be valid work experience to be certified for the CISA?

CISA exp question - do I need to be working on systems audit full time to count towards the experience? I currently do a mix of systems and business process audits.

Which was easier CISA OR PMP? Debating on which I want to pursue first.

What’s a good CISA program?

Am I underpaid?
BS in business, MS in public policy from top 10 public schools. 2 yoe working in a security operations center & 2 yoe as big 4 consultant (mostly in GRC and SecOps strategy). I have my security + and CISA. 80k base in a MCOL.

Changing career paths. Have a degree in finance which I’ve been doing since 2013. But between 2010 and 2013 I’ve had IT system/risk analyst roles at a startup and then at a small company. I programmed and launched a small social network on the App Store last year while overseeing 10 workers, so that was a huge personal accomplishment for me. Any advice on how I can pivot into a GRC role? Should I get the GRCP and/or CISA certifications? Any advice would be appreciated!!

I am a government contractor and my contract just ended on Friday. I am trying to decide on my next move but so far I have an offer supporting CISA (contract is 2.5 Years less technical) and one supporting DoS (1 Year then re-compete but a more technical role). I have an interview with BAH for a Business Analyst role supporting DoD next Tuesday. I am trying to decide which agency and role would be the best.

Can someone tell me what it is like working for CISA? I am wondering if I should accept my offer with them or move on?

Can someone tell me what it is like working for CISA? I am wondering if I should accept my offer with them or move on?

I’m looking to switch my career from IT audit (Fiscam, Fisma, Soc 1 and 2) to more of a technical cyber compliance work. Can you guys advise me what kind of jobs is out there? The reason I’m considering switching to compliance work is bc I dont have any technical background.. I researched that security control assessor is somewhat relevant to work I did but any recommendation? I have sec+ and cisa!

Current SC in Risk Advisory seeing what steps are required/possibilities to switch to strategy consulting (Montior)

Background
- currently doing mainly IT Audit, alongside IA and disaster recovery/business resiliency exposure
- CPA and CISA designations
- 2 yoe
- BComm

Motivation
- want work where clients actually want my help
- want to see more impact of work to clients and their strategic decisions
- wanting more complexity and business strategy oriented problems

Thoughts? TIA

10 years experience in IT service delivery, currently managing Service desk, ITIL functions and a service now team..Planning to study CISA and move to IT auditing. Anyone here transitioned to IT auditing role ???

Any referrals for financial analyst positions or similar roles within Google?

2 YOE at PwC with Masters Degree, CISA and CSM certifications.

What are some exit ops for a big 4 tech risk consultant into more cyber/cloud focused roles? Has Cyber experience from tech risk projects, CISA and cloud certs

Hi Amazonians.... I have been reached out to by the recruitment for the role on an Industry Specialist. How much would this role pay for 10Yoe with a cisa, cism?

Can someone help me with CISA dumps ?

Background: 5+ years of work experience in worked on IT Audits (SOX). CISA certified.
Looking for a certification that can help me transition into more technical areas such as Data Privacy/Cyber (not Pentesting)/ Cloud security.
Completely baffled by the variety of certifications
(CCSK, SSCP, PMP, CIPT, CIPP/E, CAP, CISM, etc) out there and not sure which one to pick given my experience and the areas I want to transition into.

Any suggestions on which certification would be best?

I once was a CISA… I have no IT background, no IT degrees (2 ACCT degrees tho); never did/saw a shred of an IT audit/assurance work/client/OTJ training of any kind. Forced by employer to choose CISA vs CPA, CISA was way more feasible at the time. I passed 1st try. My firm had zero IT work. So all my CPE reqs lapsed, and my cert expired w/ zero resume material to show for it. I see IT Auditors paid WAY more. I’d love that! I’d re-sit. But idk my head from my ass about practical application.

My InfoSec peeps... Does having ISACA or ISC2 certifications such as cisa, cism cissp n stuff have any advantage? Does it add value to your career from a pay or knowledge perspective?

What are some resources to create cyber table top exercises/scenarios, besides CISA?

Hey Fishes, I would be claiming a reimbursement of CIA/ CISA exam cost from DUSI. Is there any clawback clause if I resign during the next month of claiming?
Service Line: BPC Advisory

IA comp? Im wondering what averages look like for MCOL. I’m at a large IA shop as a Consultant in Operational audits. 6 YOE with CIA/CISA. I’ve received small denomination recognition awards for my performance, but am thinking that needs to be reflected in my salary too.

S3 currently studying for CISA as I want to transition from internal audit to IT. Reason is, am bored! Reviewing business processes has become boring, am unhappy with the work I do, I don’t feel compensated fairly although I work my ass off.
My dilemma is, am not sure if IT will be a right fit for me, I simply just want to move. I’ve thought of cyber security too. Should I stay on a little while longer to figure out what I really want to do? I feel stuck and demotivated!

Im struggling to get thru studying for cpa exams. Any motivation ideas? Or should i quit? I do have cisa and cia for that matter 😑

Hey all, looking for advice. I received two great offers- one for Department of State and one for CISA. Both have similar pay and they are similar roles. Has anyone worked for either agency and have any insight on either that would be good to know before making a decision?

The position is related to cyber engagement and working with various agencies to further cyber goals.