Free Tool

Which Certification is Right for You?

Compare CISA, CISM, CRISC, and CIA side by side. Find the perfect certification for your career goals.

Feature	CISA	CISM
Full Name	Certified Information Systems Auditor	Certified Information Security Manager
Issuing Org	ISACA	ISACA
Focus Area	IT Audit & Assurance	Security Management & Strategy
Exam Questions	150	150
Exam Duration	4 hours	4 hours
Exam Fee	$575 (members) / $760 (non-members)	$575 (members) / $760 (non-members)
Pass Rate	~50%	~50%
Experience Req.	5 years of IS audit, control, assurance, or security work experience	5 years in information security management (3 in management role)
Avg. Salary (US)	$110,000 - $150,000 USD	$120,000 - $165,000 USD
CPE Renewal	20 hours/year, 120 over 3 years	20 hours/year, 120 over 3 years
Best For	IT auditors, compliance professionals, and those who want to evaluate and assess IT systems and controls	Security managers, CISOs, and professionals who manage security programs and teams
Key Skills	IS Audit ProcessIT GovernanceSDLC & Change ManagementBCP/DRInformation SecurityRisk Management	Security GovernanceRisk ManagementSecurity Program DevelopmentIncident ManagementSecurity StrategyCompliance
Career Paths	IT AuditorIS Audit ManagerCompliance OfficerIT Risk AnalystInternal Auditor	CISOSecurity ManagerSecurity DirectorIT Risk ManagerSecurity Consultant

Quick Decision Guide