CISA Certified Information Systems Auditor All-in-One Exam Guide, 4th Edition
- Length: 816 pages
- Edition: 4
- Language: English
- Publisher: McGraw Hill
- Publication Date: 2019-11-14
- ISBN-10: 1260458806
- ISBN-13: 9781260458800
- Sales Rank: #212958 (See Top 100 Books)
This up-to-date self-study system delivers complete coverage of every topic on the 2019 version of the CISA exam
The latest edition of this trusted resource offers complete,up-to-date coverage of all the material included on the latest release of the Certified Information Systems Auditor exam. Written by an IT security and audit expert, CISA Certified Information Systems Auditor All-in-One Exam Guide, Fourth Edition covers all five exam domains developed by ISACA®. You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CISA exam with ease, this comprehensive guide also serves as an essential on-the-job reference for new and established IS auditors.
COVERS ALL EXAM TOPICS, INCLUDING:
- IT governance and management
- Information systems audit process
- IT service delivery and infrastructure
- Information asset protection
Online content includes:
- 300 practice exam questions
- Test engine that provides full-length practice exams and customizable quizzes by exam topic
Cover About the Author Title Page Copyright Page Dedication Contents at a Glance Contents Acknowledgments Introduction Chapter 1 Becoming a CISA Benefits of CISA Certification The CISA Certification Process Experience Requirements ISACA Code of Professional Ethics ISACA IS Standards The Certification Exam Exam Preparation Before the Exam Day of the Exam After the Exam Applying for CISA Certification Retaining Your CISA Certification Continuing Education CPE Maintenance Fees Revocation of Certification CISA Exam Preparation Pointers Summary Chapter 2 IT Governance and Management IT Governance Practices for Executives and Boards of Directors IT Governance IT Governance Frameworks IT Strategy Committee The Balanced Scorecard Information Security Governance IT Strategic Planning The IT Steering Committee Policies, Processes, Procedures, and Standards Information Security Policy Privacy Policy Data Classification Policy System Classification Policy Site Classification Policy Access Control Policy Mobile Device Policy Social Media Policy Other Policies Processes and Procedures Standards Enterprise Architecture Applicable Laws, Regulations, and Standards Risk Management The Risk Management Program The Risk Management Process Risk Treatment IT Management Practices Personnel Management Sourcing Change Management Financial Management Quality Management Portfolio Management Controls Management Security Management Performance and Capacity Management Organization Structure and Responsibilities Roles and Responsibilities Segregation of Duties Auditing IT Governance Auditing Documentation and Records Auditing Contracts Auditing Outsourcing Chapter Review Quick Review Questions Answers Chapter 3 The Audit Process Audit Management The Audit Charter The Audit Program Strategic Audit Planning Audit and Technology Audit Laws and Regulations ISACA Auditing Standards ISACA Code of Professional Ethics ISACA Audit and Assurance Standards ISACA Audit and Assurance Guidelines Risk Analysis Auditors’ Risk Analysis and the Corporate Risk Management Program Evaluating Business Processes Identifying Business Risks Risk Mitigation Countermeasures Assessment Monitoring Controls Control Classification Internal Control Objectives IS Control Objectives General Computing Controls IS Controls Performing an Audit Audit Objectives Types of Audits Compliance vs. Substantive Testing Audit Methodology and Project Management Audit Evidence Reliance on the Work of Other Auditors Audit Data Analytics Reporting Audit Results Other Audit Topics Control Self-Assessment CSA Advantages and Disadvantages The CSA Life Cycle Self-Assessment Objectives Auditors and Self-Assessment Implementation of Audit Recommendations Chapter Review Quick Review Questions Answers Chapter 4 IT Life Cycle Management Benefits Realization Portfolio and Program Management Business Case Development Measuring Business Benefits Project Management Organizing Projects Developing Project Objectives Managing Projects Project Roles and Responsibilities Project Planning Project Management Methodologies The Systems Development Life Cycle (SDLC) SDLC Phases Software Development Risks Alternative Software Development Approaches and Techniques System Development Tools Acquiring Cloud-Based Infrastructure and Applications Infrastructure Development and Implementation Review of Existing Architecture Requirements Design Procurement Testing Implementation Maintenance Maintaining Information Systems Change Management Configuration Management Business Processes The Business Process Life Cycle and Business Process Reengineering Capability Maturity Models Managing Third Parties Risk Factors Onboarding and Due Diligence Classification Assessment Remediation Risk Reporting Application Controls Input Controls Processing Controls Output Controls Auditing the Systems Development Life Cycle Auditing Program and Project Management Auditing the Feasibility Study Auditing Requirements Auditing Design Auditing Software Acquisition Auditing Development Auditing Testing Auditing Implementation Auditing Post-Implementation Auditing Change Management Auditing Configuration Management Auditing Business Controls Auditing Application Controls Transaction Flow Observations Data Integrity Testing Testing Online Processing Systems Auditing Applications Continuous Auditing Auditing Third-Party Risk Management Chapter Review Quick Review Questions Answers Chapter 5 IT Service Management and Continuity Information Systems Operations Management and Control of Operations IT Service Management IT Operations and Exception Handling End-User Computing Software Program Library Management Quality Assurance Security Management Media Control Data Management Information Systems Hardware Computer Usage Computer Hardware Architecture Hardware Maintenance Hardware Monitoring Information Systems Architecture and Software Computer Operating Systems Data Communications Software File Systems Database Management Systems Media Management Systems Utility Software Software Licensing Digital Rights Management Network Infrastructure Enterprise Architecture Network Architecture Network-Based Services Network Models Network Technologies Business Resilience Business Continuity Planning Disaster Recovery Planning Auditing IT Infrastructure and Operations Auditing Information Systems Hardware Auditing Operating Systems Auditing File Systems Auditing Database Management Systems Auditing Network Infrastructure Auditing Network Operating Controls Auditing IT Operations Auditing Lights-Out Operations Auditing Problem Management Operations Auditing Monitoring Operations Auditing Procurement Auditing Business Continuity Planning Auditing Disaster Recovery Planning Chapter Review Quick Review Questions Answers Chapter 6 Information Asset Protection Information Security Management Aspects of Information Security Management Roles and Responsibilities Business Alignment Asset Inventory and Classification Access Controls Privacy Third-Party Management Human Resources Security Computer Crime Security Incident Management Forensic Investigations Logical Access Controls Access Control Concepts Access Control Models Access Control Threats Access Control Vulnerabilities Access Points and Methods of Entry Identification, Authentication, and Authorization Protecting Stored Information Managing User Access Protecting Mobile Computing Network Security Controls Network Security IoT Security Securing Client-Server Applications Securing Wireless Networks Protecting Internet Communications Encryption Voice over IP Private Branch Exchange Malware Information Leakage Environmental Controls Environmental Threats and Vulnerabilities Environmental Controls and Countermeasures Physical Security Controls Physical Access Threats and Vulnerabilities Physical Access Controls and Countermeasures Auditing Asset Protection Auditing Security Management Auditing Logical Access Controls Auditing Network Security Controls Auditing Environmental Controls Auditing Physical Security Controls Chapter Review Quick Review Questions Answers Appendix A Conducting a Professional Audit Understanding the Audit Cycle How the IS Audit Cycle Is Discussed “Client” and Other Terms in This Appendix Overview of the IS Audit Cycle Project Origination Engagement Letters and Audit Charters Ethics and Independence Launching a New Project: Planning an Audit Developing the Audit Plan Developing a Test Plan Performing a Pre-Audit (or Readiness Assessment) Organizing a Testing Plan Resource Planning for the Audit Team Performing Control Testing Developing Audit Opinions Developing Audit Recommendations Managing Supporting Documentation Delivering Audit Results Management Response Audit Closing Procedures Audit Follow-up Summary Appendix B Popular Methodologies, Frameworks, and Guidance Common Terms and Concepts Governance Goals, Objectives, and Strategies Processes Capability Maturity Models Controls The Deming Cycle Projects Frameworks, Methodologies, and Guidance Business Model for Information Security (BMIS) COSO Internal Control – Integrated Framework COBIT GTAG GAIT ISF Standard of Good Practice for Information Security ISO/IEC 27001 and 27002 NIST SP 800-53 and NIST SP 800-53A NIST Cybersecurity Framework Payment Card Industry Data Security Standard CIS Controls IT Assurance Framework ITIL PMBOK Guide PRINCE2 Risk IT Val IT Summary of Frameworks Pointers for Successful Use of Frameworks Notes References Appendix C About the Online Content System Requirements Your Total Seminars Training Hub Account Privacy Notice Single User License Terms and Conditions TotalTester Online Technical Support Glossary Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.