I’ve been searching for «something new» in my professional life, just a step ahead of (some may say) routine work as a Spanish Data Protection (LOPD) Auditor. And I found it!

I found ISACA web page and I immediately jumped in. That’s what I was looking for: a CISA career!

«Yeah, cool, but what the hell is a CISA?«

CISA means Certified Information Systems Auditor, a professional able to audit IS (Information Systems) all around the world. Well, maybe last sentence can be too idealistic, but I think it’s true: if you are a CISA, «you showcase your experience, skills and knowledge, and demonstrate you are capable to manage vulnerabilities, ensure compliance and institute controls within the enterprise.»

So, here I am, with my recently delivered «CISA Review Manual 2013» (please, note that, if you live in Spain and want to buy one, you have to pay customs tax, something more that 20€ (#*%*!!!).

I’ve already read the Overview of Chapter 1 «The process of Auditing Information Systems» and that’s what I learnt:

  • Auditing a IS is based on five tasks (I don’t know if I can tell you which they are, you know, copyright…);
  • There are ten Knowledge Statements, that, at the end, will be the basis for the CISA exam.

In the «Self-assessment questions» part, I correctly answered 7 of 1o questions and, yes, I’m very proud of it.


P.D. As you already noted, English is not my mother-tongue, so, please, forgive me for my pour grammar and vocabulary capabilities.