The Complete Guide for CISA Examination Preparation
- Length: 272 pages
- Edition: 1
- Language: English
- Publisher: Auerbach Publications
- Publication Date: 2020-10-06
- ISBN-10: 1138308765
- ISBN-13: 9781138308763
- Sales Rank: #6057993 (See Top 100 Books)
The Complete Guide for CISA Examination Preparation delivers complete coverage of every topic on the latest release of the Certified Information Systems Auditor (CISA) exam. The author is an IT security and auditing expert and the book covers all five exam domains. This effective self-study system features chapter learning objectives, in-depth explanations of each topic, and accurate practice questions. Each chapter includes exam tips that highlight key exam information, hands-on exercises, a summary that serves as a quick review, and end-of-chapter questions that simulate those on the actual exam. Designed to help candidates pass the CISA exam easily, it also serves as an ideal on-the-job reference.
Richard E. Cascarino, MBA, CIA, CISM, CFE, CRMA, is well known in international auditing. Richard is a principal of Richard Cascarino & Associates. He has over 31 years’ experience in audit training and consulting. He is a regular speaker at national and international conferences and has presented courses throughout Africa, Europe, the Middle East and the USA. Richard is a Past President of the Institute of Internal Auditors in South Africa, was the founding Regional Director of the Southern African Region of the IIA-Inc. and is a member of ISACA, and the Association of Certified Fraud Examiners, where he is a member of the Board of Regents for Higher Education. Richard was Chairman of the Audit Committee of Gauteng cluster 2 (Premier’s office, Shared Services and Health) in Johannesburg and is currently the Chairman of the Audit and Risk Committee of the Department of Public Enterprises in South Africa.
Richard is also a visiting Lecturer at the University of the Witwatersrand, author of the book Internal Auditing: An Integrated Approach, now in its third edition. This book is extensively used as a university textbook worldwide. In addition, he is the author of the Auditor’s Guide to IT Auditing, Second Edition and the book Corporate Fraud and Internal Control: A Framework for Prevention. He is also a contributor to all four editions of QFINANCE, the Ultimate Resource.
Cover Half Title Series Page Title Page Copyright Page Table of Contents The Complete Guide for CISA Examination Preparation Chapter 1 Introduction to the CISA Examination The Examination Itself Becoming Certified Experience Requirements Educational Waivers Passing the Examination CISA Job Practice Domains and Task and Knowledge Statements ISACA’s Code of Professional Ethics The ISACA Standards Continuous Professional Education (CPE) Chapter 2 Domain 1 – The Process of Auditing Information Systems The First Task The Second Task The Third Task The Fourth Task The Final Stage Knowledge Statements Knowledge of ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques, Code of Professional Ethics, and Other Applicable Standards Understanding the Fundamental Business Processes Control Principles Related to Controls in Information Systems Reliability and Integrity of Information Compliance with Policies, Plans, Procedures, Laws, and Regulations Safeguarding of Assets Effectiveness and Efficiency of Operations Risk-Based Audit Planning and Audit Project Management Techniques Inherent Risk Control Risk Audit Risk Planning the Audit Project Quality of the Internal Control Framework Competence of Management Complexity of Transactions Liquidity of Assets Ethical Climate and Employee Morale Auditor Understanding of the Applicable Laws and Regulations That Affect the Scope, Evidence Collection and Preservation, and Frequency of Audits Evidence Collection Techniques Audit Techniques Automated Audit Tools Domain 1 – Examination Tips Domain 1 – Practice Questions Domain One – Review Questions and Hands-On Exercise Domain 1 – Answers to Practice Questions Exercise 1 Sample Answer Chapter 3 Domain 2 – Governance and Management of IT Governance in General IT Architecture IT Policies and Standards Project Management Role of the Project Management Office (PMO) Resource Management Project Planning Function Point Analysis Project Tracking and Oversight Project Management Tools GANTT or Bar Charts Program Evaluation Review Techniques (Also Known as a Network Diagram) Critical Path Method Timebox Management Management of Resource Usage Auditor’s Role in the Project Management Process Audit Risk Assessment Audit Planning Domain 2 – Practice Questions Domain 2 – Review Questions and Hands-on Exercise Exercise 2 – Audit of Customer Receivables You are required to: Exercise 2 Sample Answer Domain 2 – Answers to Practice Questions Chapter 4 Domain 3 – Information Systems Acquisition, Development, and Implementation Systems Acquisition Cloud-Based Systems Acquisition Systems Development The SDLC The Iterative Model Prototyping and Rapid Application Development (RAD) Agile Methodologies Lean Methodology Systems Implementation Systems Maintenance Review Domain 3 – Practice Questions Domain 3 – Review Questions and Hands-On Exercise Exercise Required Exercise 3 Sample Answer Domain 3 – Answers to Practice Questions Chapter 5 Domain 4 – Information Systems Operations, Maintenance, and Service Management Hardware CPU Peripherals Memory Computer Types Networks Storage Communications Input Output Control Systems Software Auditing Operating Systems People Job Scheduling System Interfaces Frameworks ITIL Change Management Change Management in the Use of Cloud-Based Applications Problem Management Auditing Change Control Service Management Disaster Recovery Planning Auditing Service Delivery Domain 4 – Practice Questions Domain 4 – Review Questions and Hands-On Exercise Exercise Exercise 4 Sample Answer Domain 4 – Answers to Practice Questions Chapter 6 Domain 5 – Protection of Information Assets Protection of Information Assets Privacy Principles Design, Implementation, Maintenance, Monitoring, and Reporting of Security Controls Physical and Environmental Controls and Supporting Practices for the Protection of Information Assets Physical Access Controls for the Identification, Authentication, and Restriction of Users Environmental Controls Logical Access Controls for the Identification, Authentication, and Restriction of Users Risk and Controls Associated with Virtualization of Systems Risks and Controls Associated with the Use of Mobile and Wireless Devices Voice Communications Security Network and Internet Security Devices, Protocols, and Techniques Configuration, Implementation, Operation, and Maintenance of Network Security Controls Encryption-Related Techniques and Their Uses Public Key Infrastructure (PKI) Components and Digital Signature Techniques Peer-to-Peer Computing, Instant Messaging, and Web-Based Technologies Data Classification Standards Related to the Protection of Information Assets Storage, Retrieval, Transportation, and Disposal of Confidential Information Assets Data Leakage Risks in End-User Computing Implementing a Security Awareness Program Information System Attack Methods and Techniques Prevention and Detection Tools and Control Techniques Malware Phishing Pharming Password Attacks Denial of Service (DoS) Attacks ‘Man in the Middle’ (MITM) attacks Drive-By Downloads Rogue Software Ransomware Spyware and Adware Social Engineering Security Testing Techniques Penetration Testing and Vulnerability Scanning Monitoring and Responding to Security Incidents Forensic Investigation and Procedures in Collection and Preservation of the Data and Evidence Domain 5 – Practice Questions Domain 5 – Review Questions and Hands-On Exercise Exercise Exercise 5 Sample Answer Domain 5 – Answers to Practice Questions Chapter 7 Preparing for the Examination Appendix A: Glossary of Terms Appendix B: CISA Sample Examination – Choose Any 150 Questions Appendix C: Sample Examination Answers Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.