Which ISACA Certification is Right for You?
Average Typical Job Titles for
Key Areas
Comprised of stackable
certificates as below:
• Fundamentals of Computing
• Networks and Infrastructure
• Cybersecurity
• Software Development
• Data Science
Audit, control, monitor and
assess IT and business
systems using a risk-based
approach
Deployment and
management of
enterprise IT risk
and controls
Information security
governance, managing risk,
programs, incidents
Creating and implementing
technical privacy-by-design
solutions
Framework-agnostic
governance, risk/benefit
optimization
• Identify
• Protect
• Detect
• Respond
• Recover
Career Stage
• Early professional
• Recent graduate
• Student
• Switching careers
• Current IT professional
seeking to reskill or upskill
• Entry to mid-level IT pros
• IT and internal auditors
who audit for information
security compliance
• Any role that is engaged
in risk and compliance
Mid-level IT professionals
looking for career growth in
IT risk
• Technical experts
looking to strategic
management positions
• Not for entry-level
Technical IT professionals
with some experience
implementing privacy
controls
Highly experienced strategic
IT professionals who are in
the role of advisors to upper
management and the board
Technical cybersecurity
practitioners looking to build
upon or validate their skillset
Experience Exam Recommended Hands-on Labs Recommended for Career
CPE Credit Hours
Salary Data* Certification Holders Required? Required? Pre-requisites Included? Path Advancement
• Applications Developer
• Systems Engineer
Yes—1 exam
• Database Administrator
for each of 5 Yes—hybrid performance
Recently launched. • Software Developer • IT Risk Fundamentals certificate
None certificates None and knowledge-based
Stats available 2022. • Computer Operator • Attain CPEs to stay up to date
that make up exam
• Technical Support Specialist
the certification CPE (Continuing
• Pc Technician
• Help Desk Analyst Professional Education)
is a key part of
5-years of professional maintaining your
• IT Auditor information systems • COBIT Foundation and Design certification status.
North America:
• Compliance Analyst/Program Manager auditing, control or and Implementation certificates
US$128,086 Students or early CPE credit hours
• Risk Analyst/Program Manager security work. Waivers No—knowledge-based • CSX-P for hands-on skills in
Yes career candidates: are optional in Year 1
• Data Protectionwww Manager of up to 3 years can exam cybersecurity audit
Worldwide: ITCA following initial
• Security Officer/ Security Manager apply with appropriate • Certificate of Cloud Auditing
US$50k – US$73k+ certification.
• IT Consultant university experience Knowledge (CCAK)
and training.
To maintain a
• Risk and Security Manager certification, years 2
• Early career and thereafter require
North America: • IS or Business Analyst • CSX-P for hands-on skills in
candidates: IT Risk you to earn and report:
US$141,172 • IS Manager 1-3 years of experience cybersecurity
Fundamentals No—knowledge-based • A minimum of 20
• Operations Manager in IT risk and/or Yes • CISM and/or CGEIT to round
certificate exam CPEs each year
Worldwide: • Information Control Manager security and audit out the knowledge and develop
• CISA certification a • A minimum of 120
US$113,995 • Chief Information Security or a more strategic mindset
plus before starting CPEs over a 3-year
Compliance Officer
period
• Compliance with the
• IT Architect ISACA Code of
North America:
• Security Analyst Professional Ethics
US$142,585 5+ years of experience
• Data Security Manager • CISA No—knowledge-based CGEIT to get to an overarching
in technical IT security, Yes
• Security and Compliance Director • CRISC exam governance role Full CPE policies are
Worldwide: cybersecurity
• VP/AVP Information Security available at isaca.org
US$107,708
• CIO/CISO/CTO
• Data Analyst 3-5 years of experience
Recently launched. • Privacy Engineer in 2+ domains: • ITCA
No—knowledge-based Hands-on privacy labs, data
Stats available • Privacy Solutions Architect • Privacy Governance Yes • CISA
exam science certificates
late 2021 • Lead Privacy Manager • Privacy Architecture • CRISC
• IT Consultant • Data Lifecycle
• CIO, CTO, CISO
• Senior IT Internal Auditor, 5+ years of experience
North America:
• Cybersecurity and Compliance in CGEIT domains : • CISA
US$90k – US$200k+ Training and CPE resources offered
• Lead Analyst — IT Governance, Risk • IT Governance • CRISC No—knowledge-based
Yes by ISACA or other organizations to
and Compliance • IT Resources • CISM exam
Worldwide: keep up knowledge and skills
• Security Risk and Compliance Specialist • Benefits Realization
US$113,738
• Information Security Compliance Manager • Risk Optimization
• Governance Risk Consultant
• Cybersecurity Analyst
• DevOps • Cybersecurity
• CSX Cybersecurity Practitioner
• Cybersecurity Engineer Fundamentals
(CSX-P) Certification Course
• SOC Analyst Foundational to Certificate
Yes—performance-based • Cybersecurity Fundamentals
US$128,726 • Cybersecurity Compliance Manager intermediate IT and Yes • CSX Cybersecurity
exam Certificate
• Cybersecurity and IT Advisor networking knowledge Technical
• CSX Cybersecurity Technical
• Cybersecurity Investigator Foundations
Foundations Certificate
• Network Engineer/Architect Certificate
• Vulnerability Analyst/Pen Tester
www.isaca.org/credentialing
*Per Global Knowledge IT Skills and Salary Report 2020. 040221