Dilemma as to whether to take CISA exam or not

[TigerDivision]

Hi everyone!

Thought of posting this here in order to get some feedback on my current dilemma. Here goes

I am currently working as an IT Systems Administrator with a private company. I'm 43 yrs old and have been in this job for these past 12 years now and I need to get out of this current job and company. Don't get me wrong, I love my work but I need to leave this company and also wish to specialise in a particular area/skill. I was thinking of moving into IT auditing and studying for the CISA June '08 exam. I've heard that it is a tough exam to pass since it is a very broad exam and they recommend IT auditing experience. Therefore I am doubtful as to whether I'd be able to pass this exam since I do not have an IT auditing background.
Studying for this exam would mean temporarily stopping for a year with my part-time BSc degree studies (still another 4-5 years to go).
What do you all think? Would it be wise to study for this exam? Wise to temporarily stop studying for my part-time Bsc degree whilst studying for the CISA exam?
Thanks to everyone for your time!

 

[sunnysysadm]

Hi,
I am in a similar circumstance. I am 40 years old and have been a Systems Administrator for the last 8 years with my company. I too was ready for a change and decided to take the CISSP exam which I passed on the first attempt nearly two years ago.
Having a CISA or CISSP can definitely open doors for you with the many companies out there that are actively looking for individuals with these certifications. If you haven't already, I would suggest checking the job boards like Monster.com and doing a search on CISA to see how many hits you get and what qualifications they are expecting.
Although I passed my CISSP and was able to claim the certificate based on my experience in part as a Sys Admin, I am still trying to get into a full-time Security position with my company which seems to get harder and harder as many companies seem to be turning to contracting out these types of positions which for me isn't something I am willing to consider. I am old school and like the perks of being a full time employee.
Finally, just so you are aware, it can be somewhat of a hassle to always have to be looking for educational opportunities so that you can maintain your CPE hours to keep the certifications like the CISA and CISSP.
As for a degree, if you don't have any sort of Bachelor's degree, then that may be a better option for you and depending on what you study, it might even help in your studies towards the CISA certificate. My personal opinion is that online degrees are not worth the paper the degree is printed on.
Best of luck to you in whatever you decide !

 

[LadySlinger]

If you can get a copy of the CobIT 4.0 I.S. Audit Controls (?actual name escapes me at the moment) document, study that as that document is the basis for the CISA. The same concepts of that document is applied with HIPAA and SOX.

You may also want to check out the CISM: Certified Information Security Manager. It's also offered by ISACA...incase auditing doesn't fit you.