Certified Information System Auditor (CISA)

(CISA-2016)/ISBN:978-1-11905-624-9

This course includes
Lessons
TestPrep

Gain hands-on experience to pass the ISACA CISA exam with the Certified Information System Auditor (CISA) Study Guide. The CISA training course and labs provide skills for exam topics and expertise in areas such as the information system auditing process, governance and management of IT; information systems acquisition, development, and implementation; and protection of information assets.

Here's what you will get

The ISACA CISA certification is for those who assess an organization's information technology and business systems and provide assurance on their availability and sustainability. The CISA exam validates your expertise in auditing and controlling information security. CISA certified candidates can assess vulnerabilities, report on compliance, and validate and enhance controls in an enterprise. CISA demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise.

Lessons

9+ Lessons | 345+ Exercises | 91+ Quizzes | 321+ Flashcards | 512+ Glossary of terms

TestPrep

75+ Pre Assessment Questions | 2+ Full Length Tests | 85+ Post Assessment Questions | 170+ Practice Test Questions

Here's what you will learn

Download Course Outline

Lessons 1: Secrets of a Successful Auditor

  • Understanding the Demand for IS Audits
  • Understanding Policies, Standards, Guidelines, and Procedures
  • Understanding Professional Ethics
  • Understanding the Purpose of an Audit
  • Business Processes
  • Differentiating between Auditor and Auditee Roles
  • Implementing Audit Standards
  • Auditor Is an Executive Position
  • Understanding the Corporate Organizational Structure
  • Summary
  • Exam Essentials

Lessons 2: Governance and Management of IT

  • Strategy Planning for Organizational Control
  • Overview of Tactical Management
  • Planning and Performance
  • Overview of Business Process Reengineering
  • Operations Management
  • Summary
  • Exam Essentials

Lessons 3: Audit Process

  • Understanding the Audit Project Management
  • Establishing and Approving an Audit Charter
  • Preplanning Specific Audits
  • Performing an Audit Risk Assessment
  • Determining Whether an Audit Is Possible
  • Performing the Audit
  • Gathering Audit Evidence
  • Conducting Audit Evidence Testing
  • Generating Audit Findings
  • Report Findings
  • Conducting Follow-up (Closing Meeting)
  • Summary
  • Exam Essentials

Lessons 4: Networking Technology Basics

  • Understanding the Differences in Computer Architecture
  • Selecting the Best System
  • Introducing the Open Systems Interconnection Model
  • Understanding Physical Network Design
  • Understanding Network Cable Topologies
  • Differentiating Network Cable Types
  • Connecting Network Devices
  • Using Network Services
  • Expanding the Network
  • Using Software as a Service (SaaS)
  • The Basics of Managing the Network
  • Summary
  • Exam Essentials

Lessons 5: Information Systems Life Cycle

  • Governance in Software Development
  • Management of Software Quality
  • Overview of the Executive Steering Committee
  • Change and Configuration Management
  • Management of the Software Project
  • Overview of the System Development Life Cycle
  • Overview of Data Architecture
  • Decision Support Systems
  • Program Architecture
  • Centralization vs. Decentralization
  • Electronic Commerce
  • Summary
  • Exam Essentials

Lessons 6: System Implementation and Operations

  • Understanding the Nature of IT Services
  • Performing IT Operations Management
  • Performing Service-Level Management
  • Performing Capacity Management
  • Using Administrative Protection
  • Performing Problem Management
  • Monitoring the Status of Controls
  • Implementing Physical Protection
  • Summary
  • Exam Essentials

Lessons 7: Protecting Information Assets

  • Understanding the Threat
  • Physical Access and Environmental Controls
  • Using Technical Protection
  • Incident Response Management
  • Evidence Collection and Forensics
  • Summary
  • Exam Essentials

Lessons 8: Business Continuity Planning (BCP)

  • Debunking the Myths
  • Defining Disaster Recovery
  • Defining the Purpose of Business Continuity
  • Understanding the Five Conflicting Disciplines Called Business Continuity
  • Uniting Other Plans with Business Continuity
  • Understanding the Five Phases of a Business Continuity Program
  • Understanding the Auditor Interests in BC/DR Plans

Appendix A

Exam FAQs

To apply for the CISA exam, you’ll need at least five years of professional information systems auditing, control or security work experience within the past 10 years. You can receive a waiver for up to three years of experience if you have the following:

  • Maximum of one year of IS experience or one year of non-IS auditing experience
  • The equivalent of a two- or four-year degree, which can be substituted for one to two years of experience
  • A bachelor’s degree or master’s degree from a university that teaches the ISACA-sponsored curriculum, which can be substituted for one year of experience
  • A master’s degree in IS or IT from any accredited university, which is equivalent to one year of experience

  • ISACA Member: USD 465
  • ISACA Non-Member: USD 590

You can search for the computer based testing centres at ISACA.

Multiple choice questions

The exam contains 150 questions.

240 minutes

450

(on a scale of 200-800)

Here are the retake policies:

If you do not pass the exam, you can retake the exam a maximum of three (3) times in a twelve-month period. To protect the integrity of ISACA s certificate exams, ISACA has implemented the following retake policy: Individuals have 4 attempts within a rolling twelve-month period to pass the exam. Those that do not pass on their first attempt are allowed to retake the exam a total of 3 more times within 12 months from the date of the first attempt.

  • Retake 1 (attempt 2): Customers must wait 30 days from the date of the first attempt
  • Retake 2 (attempt 3): Customers must wait 90 days after the date of the second attempt
  • Retake 3 (attempt 4): Customers must wait 90 days after the date of the third attempt

CISA certification expires after three years from date of issue, after which the certification holder will need to renew their certification. Click here for more information.