What Is the Average CISA Salary?

Key takeaways

The salary you can expect to earn as a CISA professional will vary based on factors like your job title, experience in the field, and where you live.

• A Certified Information Systems Auditor (CISA) professional earns an average base pay of $93,000 per year in the US, according to Glassdoor [1].

• The company you work for can also influence how much you earn as a CISA professional.

• You can pursue various positions with a CISA certification, including internal auditor, information systems (IS) analyst, IT audit manager, and IT security officer.

Explore the CISA certification, including the eligibility requirements, exam format, and the content you can expect to see on the exam, as well as what kind of CISA salary you can expect to earn. If you’re ready to start building your IT knowledge, consider enrolling in the IBM Information Technology (IT) and Cloud Fundamentals Specialization. In as little as two months, you’ll have the opportunity to learn foundational IT concepts like cloud computing, cybersecurity, database administration, and more. Upon completion, you'll have earned a career certificate for your resume.

What is the CISA certification?

The CISA credential is a globally recognized certification that demonstrates expertise in IT and business systems auditing. It is ranked among the top 15 IT certifications available in North America, according to a recent Skillsoft report based on average salary [2]. Holding this credential will designate you as someone who understands the IT auditing process, IT governance and management, and the operations, development, and implementation of IT systems. 

With a CISA certification, you may hold various job titles, including internal auditor, information systems (IS) analyst, IT audit manager, IT security officer, IT consultant, IT risk and assurance manager, or privacy officer. 

Eligibility criteria for CISA certification

You will need to have advanced knowledge of the topics on the CISA exam before you take the test. You don’t need to have verified work experience prior to taking the exam. This means you can prepare for the CISA exam in the time it takes you to learn the material. In order to get officially CISA certified, you will need to have five or more years of experience in IT systems auditing. 

You will have five years from passing your exam to earn this work experience, but you can also count relevant work experience from the last 10 years. You may also choose to gain five years of experience in the field before taking the certification exam. You may be able to waive some of the experience requirements if you’ve worked in a related field or have a traditional degree, such as an associate’s degree or bachelor’s degree [3]. 

Read more: Information Systems vs. Information Technology (IS vs. IT)

CISA exam format and content

Once you register for the CISA exam, you will have six months to take the test. You will have four hours to complete the exam, which includes 150 multiple-choice questions. Your score will be calculated from the lowest score of 200 to the highest score of 800. You must receive a score of at least 450 to pass [4].

The content of the CISA exam has five main parts: the information systems auditing process; governance and management of IT; information systems acquisition, development, and implementation; information systems operations and business resilience; and protection of information assets. 

• Information systems auditing process: In the first part of the CISA exam, you will cover both the planning and execution of IT auditing, including standards, guidelines, and code of ethics, as well as how to conduct auditing project management, testing, evidence collection, and data analytics. 

• Governance and management of IT: In the second part of the exam, you’ll demonstrate your knowledge of IT governance, such as the laws, regulations, and industry standards that guide your work, as well as managing enterprise risk and setting IT policies. You’ll also demonstrate your knowledge of managing IT resources, vendors, and quality assurance. 

• Information systems acquisition, development, and implementation: In the third section, you’ll demonstrate your knowledge of conducting feasibility analysis, methods for developing systems, control identification and design, and implementation of information systems, such as system readiness and testing, implementation configuration, and post-implementation review. 

• Information systems operations and business resilience: In the fourth section, you’ll test your knowledge of IS operations, including IT components, IT asset management, system interfaces, operational log management, and database management. You’ll also demonstrate your knowledge of business resilience, including business impact analysis, business continuity plans, and disaster recovery plans.

• Protection of information assets: In the last section of the exam, you’ll demonstrate your knowledge of information asset security and control, such as managing access, network and endpoint security, data loss prevention, data encryption, security testing, monitoring logs, tools, techniques, and incident response management. 

Average CISA certification salary

The average salary for a CISA professional in the United States ranges from $93,000 to $123,000, according to three salary aggregate websites. Explore how the data breaks down across Glassdoor, Payscale, and ZipRecruiter [1, 5, 6]:

Another way to compare the salary of a CISA professional is to look at what the average salary is for an IT auditor in the United States without specifying which certifications they might hold. 

According to most of these websites, CISA pays more than the average salary for an IT auditor:

The exact amount you can expect to earn will vary based on factors like your job title, your experience in the field, and where you live.

*All salary data is current as of May 2026 and does not include additional pay like bonuses or commissions. 

Factors that impact CISA jobs’ salary

You will find that certain factors make a difference in how much you can expect to earn as a CISA professional. For example, the experience you have in the field, where you live and work, and the company you work for can all impact your salary. 

Experience

You can find insight into how much experience will impact your salary by looking at Glassdoor’s estimates. They report that the average CISA salary will vary as follows [1]: 

• 0–1 years: $69,000

• 1–3 years: $72,000

• 4–6 years: $85,000 

• 7–9 years: $90,000

• 10–14 years: $97,000

• 15+ years: $103,000

Location

Another factor that can change your average salary is where you live and work. So far, you’ve explored the average salaries across the United States, but consider how salaries break down across some of the highest-paying cities for CISA professionals [6]: 

• Berkeley, CA: $134,337

• Foster City, CA: $127,873

• Livermore, CA: $128,692

• Nome, AK: $136,099

• Palo Alto, CA: $128,970

• San Francisco, CA: $129,261

• San Jose, CA: $128,583

• Santa Clara, CA: $128,851

• Sitka, AK: $132,169

• Sunnyvale, CA: $128,765

Job title

You may hold a CISA certification and work in a job title or role that differs from IT auditor. Your job title can be a factor that affects how much you can expect in average salary. For example, Payscale lists several jobs you might hold as a CISA and what you can expect in your average salary [5]: 

• Senior IT auditor: $96,903

• Internal auditing manager: $115,345

• Information security analyst: $101,429

• IT director: $148,833

• Chief information security officer: $199,330

• IT manager: $132,243

• IT auditor: $93,794

Company

Payscale also offers insight into how different companies pay CISA professionals. Explore a few examples [5]:

• Booz, Allen, and Hamilton: $135,985

• Deloitte: $105,500

• EY (Ernst & Young): $121,481

• Grant Thornton Llp: $88,500

• JP Morgan Chase: $174,086

• Citigroup, Inc.: $166,500

• Procter & Gamble Co.: $135,000

• Amerigold Logistics LLC: $185,000

• Stryker Corp.: $93,250

• True Manufacturing: $133,172

Grow your capabilities with focused learning tools

Explore career paths, assess your skills, and connect with resume guidance while browsing our Career Resources Hub. Or if you want to learn more about IT, check out these free resources:

• Get expert insights: 7 IT Certifications to Know + Career Benefits

• Understand key terms: Information Technology (IT) Terms: A to Z Glossary

• Watch on YouTube: IS vs IT: Which Tech Career Path Fits You?

With Coursera Plus, you can learn and earn credentials at your own pace from over 170 leading companies and universities. With a monthly or annual subscription, you’ll gain access to over 10,000 programs. Just check the course page to confirm your selection is included. 

Build job-ready skills with Coursera Plus

Start 7-day free trial

• 
• 
• 
• 

Start 7-day free trial