CISA Certificate
In fact, the biggest function of this certificate is the benefit during seeking jobs.
The function of this certificate is certainly not as useful as practice. It is mainly to build an impression and concept of the specific framework of the information system audit process. After reviewing, my biggest feeling is that there are so many matters and details to pay attention to in the original audit of an information system, but these contents should be very basic for professionals with audit experience. In specific practice, it may be able to correspond one by one, but it is not so written.
The specific work include three aspects:
From the aspect of audit, do all kinds of relevant information system audit in certified public accounting firms;
In terms of software development, CISA has many content related to control, so if you work in a company related to software development and have an understanding of audit and control, it will be very beneficial to the smooth progress of software development, or to the transition from software development to management.
In terms of control, (I guess) large companies and enterprises need various departments such as internal control and internal audit? If you have CISA related knowledge, you may have a partial understanding of the internal control process, so working in the departments of these companies is helpful.
In addition, if, I mean if, you have sufficient practical experience and know a lot about written knowledge, you may be able to tutor others.
The above answers are my personal understanding and are not used as a reference for real application. I hope someone who is specialized in this field will explain it. I also want to continue to learn. Many teachers who teach this course in school go back to participate in various audit (including but not limited to information system) projects, which is very cool. According to the teacher, he also participated in the audit project of the United Nations and went to very dangerous places a few years ago.
What are the fields or companies of employment?
As far as I am concerned, if you really want to apply the knowledge learned, it is mainly accounting firms, companies developing and designing information systems, internal control of companies, internal audit and so on. Mainly refer to the answer to the first question. I don’t know much about it.
By definition, does the work of general software testers also belong to the scope of information system audit?
Personally, I think it is part of the information system audit process.
According to my experience of reading books, information system audit is the audit of the whole information system development life cycle – during the development of information system, it will be necessary to test and control the software functions and so on; If the information system is purchased, it also needs to be tested before it is put into use; When auditing an information system, we usually need professionals related to software development for reference, or design some programs to test the system.