Secure Your Business

CIS Series of Courses IS Auditor



Examination IS Auditor


Contents of the examination:

The contents of the examination refer to the two CIS Course Modules

  • Audit techniques
  • Psychological bases for auditors


Admission to examination
The admission conditions for each examination are stated in the CIS - course content. Registration to an examination will have to be done in writing with CIS, compliance with the admission conditions having to be demonstrated by the person applying for the Certificate. If the person applying for the Certificate has attended the trainings within the qualification programmes of CIS, the trainings will be recognized automatically if the applicant was present at least 80% of the period covered by the event. If a person applying for the Certificate wants to have other trainings credited, it is necessary to have the equivalence of these trainings with the certification programme stated.

For stating this equivalence, a separate written application will have to be filed. A presentation of the trainings completed and a comparison with the requirements placed by the certification programme will have to be enclosed to this application. The respective requirements can be requested from the Certification Body.

For reviewing conformity to the certification programme and topicality of the references provided by the person applying for the Certificate, a qualification check will be made. This check is made up of oral technical discussions lasting 30 to 60 minutes and will be carried.

Further admission to examination

  • technical entrance examination
  • valid CIS Certificate “IS Manager”
  • evidencing 4 years’ job experience, with 2 years in the field of information security
  • 4 IS Audits that have been conducted/accompanied

Auditor Candidate:
Even if no practical experience can be evidenced, participation in the examination is possible. In this case, you will get the status Auditor Candidate until adequate evidence is furnished within 3 years.


Conduct of the examination:
The written examination (multiple choice) will take 1 hour.


Upon positive completion of the examination, the Certificate “IS Auditor acc. to ISO/IEC 27001” will be issued. If no practical experience is evidenced, “Candidate” will be added.

Period of validity of the Certificate:
3 years


Prolongation criteria:

  • evidencing 3 years’ job experience in information security management
  • evidencing 4 IS Audits with at least 20 audit days have been conducted
  • one CIS Further Training Event (Refresher) within 3 years


<<< Audit techniques




CIS - Macedonia Certification & Information Security Services, d.o.o. T + 389 2 3225-102 office.mk@cis-cert.com Imprint