CISAs must complete 120 CPE hours every three years to maintain their certification.
No, there is no specific ethics requirement for CISAs.
CISAs must complete at least 20 hours of CPE annually as part of the three-year 120-hour requirement.
Here is the link for accepted fields of study, detailed on ISACA’s website.
Yes, 100% of the required CPE hours can be earned through self-study each year.
Eligible activities include ISACA and non-ISACA professional education, self-study courses, teaching, lecturing, publishing articles, developing exam questions, marketing presentations (max 10 CPE), mentoring (max 10 CPE), and more.
CPE credits must be completed annually by December 31.
Fast Track CISA CE packages are curated bundles designed to meet all CISA CPE requirements, making it easier to complete CPE hours through comprehensive course selections.
The annual reporting period runs from January 1 to December 31 each year. The annual invoice and compliance letter indicate each three-year certification period.
CISA certifications must be renewed annually by January 1. The certification may be revoked if not renewed, and a $50 reinstatement fee is required to reactivate it. Click here for more details.
No, carry forward of excess CPE credits is not permitted.
CISAs should retain records of completed CPE credits for 12 months after each three-year reporting cycle ends.
The annual renewal fee is $45 for ISACA members and $85 for non-members. For more details, click here.
Visit ISACA’s website for a complete list of FAQs and CPE requirement details for CISA professionals.
Retired CISA Status
CISAs who are over 55 years of age and permanently retired from the CISA profession or unable to perform the duties of an IS audit, control, or security professional because of permanent disability are entitled to apply for retired CISA status. CISAs granted this status are no longer required to obtain CPE hours.
Non-practicing CISA Status
CISAs no longer working in the IS audit, control, or security profession can apply for non-practicing CISA status. Requests for the non-practicing status must be received by ISACA no later than 15 January and accompanied by your annual invoice. CISAs granted this status are not required to obtain CPE hours but are required to pay the yearly maintenance fee. Once the individual has returned to the profession, they are required to return to active status.
Yes, myCPE courses are compliant for CISA professionals. Since my CPE is a NASBA-approved provider (Sponsor ID 143597), many of our courses qualify for CISA Professionals. For your convenience, we’ve added the “QUALIFIES FOR” section on each course page to provide specific details about the approval and qualifications of CPE credits. Please refer to these details when selecting courses.
