Book description
This CISA study guide is for those interested in achieving CISA certification and provides complete coverage of ISACA's latest CISA Review Manual (2019) with practical examples and over 850 exam-oriented practice questions
Key Features
Book Description
Are you looking to prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor?
The CISA - Certified Information Systems Auditor Study Guide is here to help you get started with CISA exam prep.
This book covers all the five CISA domains in detail to help you pass the exam. You’ll start by getting up and running with the practical aspects of an information systems audit. The book then shows you how to govern and manage IT, before getting you up to speed with acquiring information systems. As you progress, you’ll gain knowledge of information systems operations and understand how to maintain business resilience, which will help you tackle various real-world business problems. Finally, you’ll be able to assist your organization in effectively protecting and controlling information systems with IT audit standards.
By the end of this CISA book, you'll not only have covered the essential concepts and techniques you need to know to pass the CISA certification exam but also have the ability to apply them in the real world.
What you will learn
- Understand the information systems auditing process
- Get to grips with IT governance and management
- Gain knowledge of information systems acquisition
- Assist your organization in protecting and controlling information systems with IT audit standards
- Understand information systems operations and how to ensure business resilience
- Evaluate your organization’s security policies, standards, and procedures to meet its objectives
Who this book is for
This CISA exam study guide is designed for those with a non-technical background who are interested in achieving CISA certification and are currently employed or looking to gain employment in IT audit and security management positions.
Table of contents
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
- Section 1: Information System Auditing Process
-
Audit Planning
- The content of an audit charter
- Audit planning
- Business process applications and controls
- Types of controls
-
Risk-based audit planning
- What is risk?
- Understanding vulnerability and threat
- Understanding inherent risk and residual risk
- Advantages of risk-based audit planning
- Audit risk
- Risk-based auditing approach
- Risk assessments
- Risk response methodology
- Top-down and bottom-up approaches to policy development
- Key aspects from CISA exam perspective
- Self-evaluation questions
- Types of audit and assessment
- Summary
- Assessments
-
Audit Execution
- Audit project management
- Sampling methodology
- Audit evidence collection techniques
- Data analytics
- Reporting and communication techniques
- Control self-assessment
- Summary
- Assessments
- Section 2: Governance and Management of IT
- IT Governance
-
IT Management
- IT resource management
-
IT service provider acquisition and management
- Evaluation criteria for outsourcing
- Steps for outsourcing
- Outsourcing – risk reduction options
- Provisions for outsourcing contracts
- Role of IS auditors in monitoring outsourced activities
- Globalization of IT functions
- Outsourcing and third-party audit reports
- Monitoring and review of third-party services
- Key aspects from CISA exam perspective
- Self-evaluation questions
- IT performance monitoring and reporting
- Quality assurance and quality management in IT
- Summary
- Assessment answers
- Section 3: Information Systems Acquisition, Development, and Implementation
-
Information Systems Acquisition and Development
-
Project management structure
- Project roles and responsibilities
- Project objectives, OBS, and WBS
- Key aspects from the CISA exam perspective
- Self-assessments questions
- Business cases and feasibility analysis
- System development methodologies
- Control identification and design
- Summary
- Assessments
-
Project management structure
- Information Systems Implementation
- Section 4: Information System Operations and Business Resilience
-
Information System Operations
- Understanding common technology components
- IT asset management
- Job scheduling
- End user computing
- System performance management
- Problem and incident management
- Change management, configuration management, and patch management
- IT service level management
- Evaluating the database management process
- Summary
- Assessment
-
Business Resilience
- Business impact analysis
- Data backup and restoration
- System resiliency
- Business continuity plan
- Disaster recovery plan
- DRP – test methods
- Recovery Time Objective (RTO) and Recovery Point Objective (RPO)
- Alternate recovery site
- Summary
- Assessment
- Section 5: Protection of Information Assets
-
Information Asset Security and Control
- Information asset security frameworks, standards, and guidelines
- Privacy principles
- Physical access and environmental controls
- Identity and access management
- Biometrics
- Summary
- Assessments
-
Network Security and Control
- Network and endpoint devices
- Firewall types and implementation
- VPN
- Voice over Internet Protocol (VoIP)
- Wireless networks
- Email security
- Summary
- Assessments
- Public Key Cryptography and Other Emerging Technologies
-
Security Event Management
- Security awareness training and programs
- Information system attack methods and techniques
- Security testing tools and techniques
- Security monitoring tools and techniques
- Incident response management
- Evidence collection and forensics
- Summary
- Assessments
- Other Books You May Enjoy
Product information
- Title: CISA – Certified Information Systems Auditor Study Guide
- Author(s):
- Release date: August 2020
- Publisher(s): Packt Publishing
- ISBN: 9781838989583
You might also like
book
CISA – Certified Information Systems Auditor Study Guide - Second Edition
Master the practical aspects of information systems auditing to pass the CISA exam and accelerate your …
video
CISA (Certified Information Systems Auditor)
Overview The CISA (Certified Information Systems Auditor) Complete Video Course is an engaging self-paced video training …
book
CISA Certified Information Systems Auditor Practice Exams
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …
book
CISA Certified Information Systems Auditor All-in-One Exam Guide, Fourth Edition, 4th Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …