CISA - Certified Information Systems Auditor Study Guide

This CISA study guide is for those interested in achieving CISA certification and provides complete coverage of ISACA's latest CISA Review Manual (2019) with practical examples and over 850 exam-oriented practice questions

▶Book Description
Are you looking to prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor?

The CISA - Certified Information Systems Auditor Study Guide is here to help you get started with CISA exam prep.

This book covers all the five CISA domains in detail to help you pass the exam. You'll start by getting up and running with the practical aspects of an information systems audit. The book then shows you how to govern and manage IT, before getting you up to speed with acquiring information systems. As you progress, you'll gain knowledge of information systems operations and understand how to maintain business resilience, which will help you tackle various real-world business problems. Finally, you'll be able to assist your organization in effectively protecting and controlling information systems with IT audit standards.

By the end of this CISA book, you'll not only have covered the essential concepts and techniques you need to know to pass the CISA certification exam but also have the ability to apply them in the real world.

▶What You Will Learn
⦁Understand the information systems auditing process
⦁Get to grips with IT governance and management
⦁Gain knowledge of information systems acquisition
⦁Assist your organization in protecting and controlling information systems with IT audit standards
⦁Understand information systems operations and how to ensure business resilience
⦁Evaluate your organization's security policies, standards, and procedures to meet its objectives

▶Key Features
⦁Gain tactical skills in auditing, control, and security to pass the CISA examination
⦁Get up to speed with auditing business IT systems
⦁Increase your value to organizations and be at the forefront of an evolving business landscape by achieving CISA certification

▶Who This Book Is For
This CISA exam study guide is designed for those with a non-technical background who are interested in achieving CISA certification and are currently employed or looking to gain employment in IT audit and security management positions.

▶What this book covers
⦁ Chapter 1, Audit Planning, deals with the audit processes, standards, guidelines, practices, and techniques that an IS auditor is expected to use during audit assignments. An IS auditor must have a detailed knowledge of IS processes, business processes, and risk management processes in order to protect an organization's assets.

⦁ Chapter 2, Audit Execution, covers project management techniques, sampling methodology, and audit evidence collection techniques. It provides details regarding data analysis techniques, reporting and communication techniques, and quality assurance processes.

⦁ Chapter 3, IT Governance, provides an introduction to IT governance and aspects related to IT enterprise governance. Enterprise governance includes the active involvement of management in IT management. Effective IT governance and management involves an organization's structure as well as IT standards, policies, and procedures.

⦁ Chapter 4, IT Management, walks you through various aspects of designing and approving IT management policy and effective information security governance. It will also teach you to audit and evaluate IT resource management, along with services provided by third-party service providers, while also covering IT performance monitoring and reporting.

⦁ Chapter 5, Information Systems Acquisition and Development, provides information about project governance and management techniques. This chapter discusses how an organization evaluates, develops, implements, maintains, and disposes of its information systems and related components.

⦁ Chapter 6, Information Systems Implementation, covers various aspects of information systems implementation. The implementation process comprises a variety of stages, including system migration, infrastructure deployment, data conversion or migration, user training, post-implementation review, and user acceptance testing.

⦁ Chapter 7, Information Systems Operations, explains how to identify risk related to technology components and how to audit and evaluate IT service management practices, systems performance management, problem and incident management policies and practices, change, configuration, release and patch management processes, and database management processes.

⦁ Chapter 8, Business Resilience, covers all aspects of the business impact analysis, system resiliency, data backup, storage and restoration, the business continuity plan, and disaster recovery plans.

⦁ Chapter 9, Information Asset Security and Control, provides information about the information security management framework, privacy principles, physical access and environmental controls, and identity and access management.

⦁ Chapter 10, Network Security and Control, provides an introduction to various components of networks, network-related risks and controls, types of firewalls, and wireless security.

⦁ Chapter 11, Public Key Cryptography and Other Emerging Technologies, details various aspects of public key cryptography, cloud computing, virtualization, mobile computing, and the Internet of Things.

⦁ Chapter 12, Security Event Management, looks in depth at how to evaluate an organization's information security and privacy policies and practices. It also discusses various types of information system attack methods and techniques, and covers different security monitoring tools and techniques as well as evidence collection and forensics methodology.