Taking the Exam 


Useful information on exam administration and results, including what to bring to the exam, receiving your score report, reporting of your test results and retaking the exam.

1. Exam Day Experience

The CISA, CRISC, CISM and CGEIT exams will be administered at PSI testing sites and kiosks. To become familiar with what to expect on the day of the exam candidates are encouraged to view a brief video of the exam day experience for the PSI test centers and the PSI kiosks.

2. Misconduct

Candidates who are discovered engaging in any kind of misconduct, such as giving or receiving help; using notes, papers, note pads or other aids; attempting to take the exam for someone else; using any type of communication device including cell phones during the exam administration; or removing notes from the testing room will be disqualified. Candidates who leave the testing area without authorization will not be allowed to return to the testing room and will be subject to disqualification. The testing agency will report such irregularities to ISACA to determine misconduct and possible dismissal/disqualification of exam scores.

Observe the Test Center’s Rules

  • Candidates are not allowed to bring reference materials, blank paper, notes or note pads or language dictionaries into the test center.
  • Candidates are not allowed to bring or use a calculator in the test center.
  • Candidates are not allowed to bring any type of communication devices (i.e. cell phones, tablets, smart watches, mobile devices, etc.) into the test center.
  • Visitors are not permitted in the test center.
  • No food or drinks are allowed in the test center (without advanced authorization from ISACA).
  • Candidates are not allowed to leave the testing area without approval by a test proctor. Exam candidates that do not adhere to this rule will not be allowed to return to the testing room and will be subject to disqualification.

Reasons for Dismissal or Disqualification

  • Unauthorized admission to the test center.
  • Candidate creates a disturbance, or gives or receives help.
  • Candidate attempts to remove notes from the test center.
  • Candidate impersonates another candidate.
  • Candidate brings items into the test center that are not permitted.
  • Candidate possession of any communication device (i.e. cell phones, tablets, smart watches, mobile devices, etc.) during the exam administration. If a candidate is observed with any communication device during the exam administration, their exam will be voided and they will be asked to immediately leave the test site.
  • Candidate leaves the test center without authorization by the proctor.

3. Exam Day Comments/Issues

Candidates wishing to address any comments or concerns about the examination administration, including candidate exam day issues, site conditions or the content of the exam, should contact ISACA international headquarters by email (exam@isaca.org) within 48 hours of the conclusion of the test. ISACA will review comments regarding exam day issues and site concerns prior to the release of the official score report. ISACA and the Certification Working Group are interested in your comments regarding the exam questions. Your feedback regarding exam questions will be used to improve future examinations.

Please include the following information in your comments: exam ID number, testing site, date tested and any relevant details on the specific issue. Appeals undertaken by a certification exam taker, are undertaken at the discretion and cost of the exam taker. For more information on the Appeals Policy visit www.isaca.org/appeals.

4. Personal Belongings and Security

Candidates are not allowed to bring any type of communication devices into the test center. If an exam candidate is observed with any communication device (i.e. cell phones, tablets, smart watches, mobile devices, etc.) during the exam administration, their exam will be voided and they will be asked to immediately leave the test site. ISACA will not assume responsibility for stolen, lost or damaged personal property of candidates.

Personal items brought to the test center must be stored in lockers and may not be accessed until the exam candidate has completed his/her exam.

The following guidelines have been established for the security of the exam, as well as the safety of your personal belongings. These guidelines will be enforced at each testing center.

The following items are permitted in the testing room but must remain in your pockets or in the designated area of the testing room when not in use:

  • Wallet (money purse)
  • Tissues and other approved personal items

The following items are not permitted in the testing room. If it is necessary to bring any of these items with you, they will be stored in a locker area of the testing room. However, please note that these items will not be guarded:

  • Cell phones, lap tops, tablets, smart watches, cameras, or any other mobile communication or photographic devices
  • Wristwatches with engaged audible alarms/timers or any type of desk clock/time
  • Headsets
  • Food or drinks, unless special accommodations have been arranged and approved in advance by ISACA
  • Baggage of any kind including transparent bags, backpacks, handbags/purses, tote bags, briefcases, luggage, carrying cases, or pencil cases
  • Study materials including notes, papers, textbooks, or study guides
  • Scratch paper

Please comply with all of these requests. ISACA will not assume responsibility or liability for stolen, lost, or damaged personal property. Neither ISACA or its testing vendor takes responsibility for personal belongings of candidates.

Additional information can be found in the ISACA Exam Candidate Information Guide.

5. Receiving Your Score Report

Candidates will receive a preliminary pass/fail score report at the testing center at the conclusion of their exam. Official scores will be sent within 10 working days of the exam date via the email address within your ISACA profile.  Please notify ISACA immediately if your contact information within your ISACA profile changes. This email notification will only be sent to the email address listed in the candidate’s profile at the time of the initial release of the results. To ensure the confidentiality of scores, exam results will not be reported by telephone or fax. To prevent email notification from being sent to spam folders, candidates should add exam@isaca.org to their address book, whitelist or safe-senders list.

6. Reporting of Your Test Results

Candidate scores are reported as a scaled scored. A scaled score is a conversion of a candidate’s raw score on an exam to a common scale. ISACA uses and reports scores on a common scale from 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. A candidate must receive a score of 450 or higher to pass the exam. A score of 450 represents a minimum consistent standard of knowledge as established by the respective ISACA Certification Committee. A candidate receiving a passing score may then apply for certification if all other requirements are met.

The exams contain some questions which are included for research and analysis purposes only. These questions are not separately identified and not used to calculate your final score.

Passing the exam does not grant the CISA, CRISC, CISM or CGEIT designation. To become a certiifed, you must earn the required job experience and submit an application for certification. The application is available at www.isaca.org/cisaapp, www.isaca.org/criscapp, www.isaca.org/cismapp, or www.isaca.org/cgeitapp. Until your application is received and approved, you are not certified and cannot use the designation.

7. Retaking the Exam

A candidate receiving a score of less than 450 has not passed and can retake the exam by registering and paying the appropriate exam fee for any future testing window. To assist with future study, the results letter each candidate receives will include a score analysis by content area. Candidates are only permitted to take the exam one time per testing window, and if unsuccessful can register for and take the exam in the following window.