Richard E Cascarino
The Complete Guide for CISA Examination Preparation
Richard E Cascarino
The Complete Guide for CISA Examination Preparation
- Gebundenes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
The Complete Guide for CISA Examination Preparation delivers complete coverage of every topic on the latest release of the Certified Information Systems Auditor (CISA) exam. Designed to help candidates pass the CISA exam easily, it also serves as an ideal on-the-job reference.
Andere Kunden interessierten sich auch für
- Angel R OteroInformation Technology Control and Audit, Fifth Edition103,99 €
- Dan ShoemakerA Guide to the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (2.0)132,99 €
- Paul LambertThe Data Protection Officer182,99 €
- Exploring Blockchain Applications174,99 €
- Timothy P LaytonInformation Security169,99 €
- Damilare D FagbemiThe IoT Architect's Guide to Attainable Security and Privacy87,99 €
- Sigurjon Thor ArnasonHow to Achieve 27001 Certification136,99 €
-
-
-
The Complete Guide for CISA Examination Preparation delivers complete coverage of every topic on the latest release of the Certified Information Systems Auditor (CISA) exam. Designed to help candidates pass the CISA exam easily, it also serves as an ideal on-the-job reference.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Produktdetails
- Produktdetails
- Verlag: CRC Press
- Seitenzahl: 256
- Erscheinungstermin: 6. Oktober 2020
- Englisch
- Abmessung: 234mm x 156mm x 16mm
- Gewicht: 558g
- ISBN-13: 9781138308763
- ISBN-10: 1138308765
- Artikelnr.: 60006216
- Verlag: CRC Press
- Seitenzahl: 256
- Erscheinungstermin: 6. Oktober 2020
- Englisch
- Abmessung: 234mm x 156mm x 16mm
- Gewicht: 558g
- ISBN-13: 9781138308763
- ISBN-10: 1138308765
- Artikelnr.: 60006216
Richard E. Cascarino, MBA, CIA, CISM, CFE, CRMA, is well-known in international auditing. Richard is a principal of Richard Cascarino & Associates. He has more than 31 years' experience in audit training and consulting. He is a regular speaker to National and International conferences and has presented courses throughout Africa, Europe, the Middle East and the USA. Richard is a Past President of the Institute of Internal Auditors in South Africa, was the founding Regional Director of the Southern African Region of the IIA-Inc. and is a member of ISACA, and the Association of Certified Fraud Examiners, where he is a member of the Board of Regents for Higher Education. Richard was Chairman of the Audit Committee of Gauteng cluster 2 (Premier's office, Shared Services and Health) in Johannesburg and is currently the Chairman of the Audit and Risk Committee of the Department of Public Enterprises in South Africa. He is also a visiting Lecturer at the University of the Witwatersrand, author of the book Internal Auditing: An Integrated Approach, now in its third edition. This book is extensively used as a university textbook worldwide. In addition, he is the author of the Auditor's Guide to IT Auditing, Second Edition and the book Corporate Fraud and Internal Control: A Framework for Prevention. He is also a contributor to all four editions of QFINANCE, the Ultimate Resource.
Contents
· Introduction
Chapter 1 Introduction to the CISA examination
· The structure of the CISA exam
· Becoming Certified
· Experience requirements
· Passing the Exam
· CISA Job Practice Domains and task and knowledge statements
· ISACA's Code of Professional Ethics
· The ISACA Standards
· Continuous Professional Education
Chapter 2: Domain 1-The Process of Auditing Information Systems
· Knowledge Statements
· Understanding the Fundamental Business Processes
· Control principles related to controls in information systems
· Risk-based audit planning and audit project management techniques
· Quality of the internal control framework
· Auditor understanding of the applicable laws
· Evidence collection techniques
· Domain One - exam tips
· Domain One - Practice questions
· Domain One - Review Questions and Hands on Exercise
· Domain One - Answers to practice questions
· Exercise 1 sample answer
Chapter 3: Domain 2-Governance and Management of IT
· Governance in General
· Resource Management
· Project Management Tools
· Auditor's Role in the Project Management Process
· Audit Risk Assessment
· Audit Planning
· Domain Two - practice questions
Domain Two - Review Questions and Hands on Exercise
· Exercise 2 sample answer
· Domain 2 Answers to practice questions
Chapter 4: Domain 3- Information Systems Acquisition, Development and
Implementation
· Systems Acquisition
· Systems Development
· Systems Implementation
· Systems Maintenance Review
· Domain Three - practice questions
Domain Three - Review Questions and Hands on Exercise
· Exercise 3 sample answer
· Domain 3 Answers to practice questions
Chapter 5: Domain 4- Information Systems Operations, Maintenance and
Service Management
· Hardware
· Auditing Operating Systems
· People
· System interfaces
· Change Management
· Auditing Change Control
· Disaster Recovery Planning
· Auditing Service Delivery
· Domain Four - practice questions
· Domain Four - Review Questions and Hands on Exercise
· Exercise 4 sample answer
· Domain 4 Answers to practice questions
Chapter 6: Domain 5- Protection of Information Assets
· Protection of information assets
· Privacy principles
· Design, implementation, maintenance, monitoring and reporting of security
controls
· Physical access controls for the identification, authentication and
restriction of users
· Logical access controls for the identification, authentication and
restriction of users
· Risk and controls associated with virtualization of systems
· Risks and controls associated with the use of mobile and wireless devices
· Encryption-related techniques and their uses
· Public key infrastructure (PKI) components and digital signature
techniques
· Peer-to-peer computing, instant messaging, and web-based technologies
· Data classification standards related to the protection of information
assets
· Risks in end-user computing
· Implementing a security awareness program
· Information system attack methods and techniques
· Prevention and detection tools and control techniques
· Security testing techniques
· Penetration testing and Vulnerability scanning
· Forensic investigation and procedures in collection and preservation of
the data and evidence
· Domain Five - practice questions
· Domain Five - Review Questions and Hands on Exercise
· Exercise 5 sample answer
· Domain 5 Answers to practice questions
Chapter 7- Preparing for the Exam
Appendices
Appendix A: Glossary of Terms
Appendix B: CISA Sample Exam - Choose any 150 questions
Appendix C: Sample Exam Answers
· Introduction
Chapter 1 Introduction to the CISA examination
· The structure of the CISA exam
· Becoming Certified
· Experience requirements
· Passing the Exam
· CISA Job Practice Domains and task and knowledge statements
· ISACA's Code of Professional Ethics
· The ISACA Standards
· Continuous Professional Education
Chapter 2: Domain 1-The Process of Auditing Information Systems
· Knowledge Statements
· Understanding the Fundamental Business Processes
· Control principles related to controls in information systems
· Risk-based audit planning and audit project management techniques
· Quality of the internal control framework
· Auditor understanding of the applicable laws
· Evidence collection techniques
· Domain One - exam tips
· Domain One - Practice questions
· Domain One - Review Questions and Hands on Exercise
· Domain One - Answers to practice questions
· Exercise 1 sample answer
Chapter 3: Domain 2-Governance and Management of IT
· Governance in General
· Resource Management
· Project Management Tools
· Auditor's Role in the Project Management Process
· Audit Risk Assessment
· Audit Planning
· Domain Two - practice questions
Domain Two - Review Questions and Hands on Exercise
· Exercise 2 sample answer
· Domain 2 Answers to practice questions
Chapter 4: Domain 3- Information Systems Acquisition, Development and
Implementation
· Systems Acquisition
· Systems Development
· Systems Implementation
· Systems Maintenance Review
· Domain Three - practice questions
Domain Three - Review Questions and Hands on Exercise
· Exercise 3 sample answer
· Domain 3 Answers to practice questions
Chapter 5: Domain 4- Information Systems Operations, Maintenance and
Service Management
· Hardware
· Auditing Operating Systems
· People
· System interfaces
· Change Management
· Auditing Change Control
· Disaster Recovery Planning
· Auditing Service Delivery
· Domain Four - practice questions
· Domain Four - Review Questions and Hands on Exercise
· Exercise 4 sample answer
· Domain 4 Answers to practice questions
Chapter 6: Domain 5- Protection of Information Assets
· Protection of information assets
· Privacy principles
· Design, implementation, maintenance, monitoring and reporting of security
controls
· Physical access controls for the identification, authentication and
restriction of users
· Logical access controls for the identification, authentication and
restriction of users
· Risk and controls associated with virtualization of systems
· Risks and controls associated with the use of mobile and wireless devices
· Encryption-related techniques and their uses
· Public key infrastructure (PKI) components and digital signature
techniques
· Peer-to-peer computing, instant messaging, and web-based technologies
· Data classification standards related to the protection of information
assets
· Risks in end-user computing
· Implementing a security awareness program
· Information system attack methods and techniques
· Prevention and detection tools and control techniques
· Security testing techniques
· Penetration testing and Vulnerability scanning
· Forensic investigation and procedures in collection and preservation of
the data and evidence
· Domain Five - practice questions
· Domain Five - Review Questions and Hands on Exercise
· Exercise 5 sample answer
· Domain 5 Answers to practice questions
Chapter 7- Preparing for the Exam
Appendices
Appendix A: Glossary of Terms
Appendix B: CISA Sample Exam - Choose any 150 questions
Appendix C: Sample Exam Answers
Contents
· Introduction
Chapter 1 Introduction to the CISA examination
· The structure of the CISA exam
· Becoming Certified
· Experience requirements
· Passing the Exam
· CISA Job Practice Domains and task and knowledge statements
· ISACA's Code of Professional Ethics
· The ISACA Standards
· Continuous Professional Education
Chapter 2: Domain 1-The Process of Auditing Information Systems
· Knowledge Statements
· Understanding the Fundamental Business Processes
· Control principles related to controls in information systems
· Risk-based audit planning and audit project management techniques
· Quality of the internal control framework
· Auditor understanding of the applicable laws
· Evidence collection techniques
· Domain One - exam tips
· Domain One - Practice questions
· Domain One - Review Questions and Hands on Exercise
· Domain One - Answers to practice questions
· Exercise 1 sample answer
Chapter 3: Domain 2-Governance and Management of IT
· Governance in General
· Resource Management
· Project Management Tools
· Auditor's Role in the Project Management Process
· Audit Risk Assessment
· Audit Planning
· Domain Two - practice questions
Domain Two - Review Questions and Hands on Exercise
· Exercise 2 sample answer
· Domain 2 Answers to practice questions
Chapter 4: Domain 3- Information Systems Acquisition, Development and
Implementation
· Systems Acquisition
· Systems Development
· Systems Implementation
· Systems Maintenance Review
· Domain Three - practice questions
Domain Three - Review Questions and Hands on Exercise
· Exercise 3 sample answer
· Domain 3 Answers to practice questions
Chapter 5: Domain 4- Information Systems Operations, Maintenance and
Service Management
· Hardware
· Auditing Operating Systems
· People
· System interfaces
· Change Management
· Auditing Change Control
· Disaster Recovery Planning
· Auditing Service Delivery
· Domain Four - practice questions
· Domain Four - Review Questions and Hands on Exercise
· Exercise 4 sample answer
· Domain 4 Answers to practice questions
Chapter 6: Domain 5- Protection of Information Assets
· Protection of information assets
· Privacy principles
· Design, implementation, maintenance, monitoring and reporting of security
controls
· Physical access controls for the identification, authentication and
restriction of users
· Logical access controls for the identification, authentication and
restriction of users
· Risk and controls associated with virtualization of systems
· Risks and controls associated with the use of mobile and wireless devices
· Encryption-related techniques and their uses
· Public key infrastructure (PKI) components and digital signature
techniques
· Peer-to-peer computing, instant messaging, and web-based technologies
· Data classification standards related to the protection of information
assets
· Risks in end-user computing
· Implementing a security awareness program
· Information system attack methods and techniques
· Prevention and detection tools and control techniques
· Security testing techniques
· Penetration testing and Vulnerability scanning
· Forensic investigation and procedures in collection and preservation of
the data and evidence
· Domain Five - practice questions
· Domain Five - Review Questions and Hands on Exercise
· Exercise 5 sample answer
· Domain 5 Answers to practice questions
Chapter 7- Preparing for the Exam
Appendices
Appendix A: Glossary of Terms
Appendix B: CISA Sample Exam - Choose any 150 questions
Appendix C: Sample Exam Answers
· Introduction
Chapter 1 Introduction to the CISA examination
· The structure of the CISA exam
· Becoming Certified
· Experience requirements
· Passing the Exam
· CISA Job Practice Domains and task and knowledge statements
· ISACA's Code of Professional Ethics
· The ISACA Standards
· Continuous Professional Education
Chapter 2: Domain 1-The Process of Auditing Information Systems
· Knowledge Statements
· Understanding the Fundamental Business Processes
· Control principles related to controls in information systems
· Risk-based audit planning and audit project management techniques
· Quality of the internal control framework
· Auditor understanding of the applicable laws
· Evidence collection techniques
· Domain One - exam tips
· Domain One - Practice questions
· Domain One - Review Questions and Hands on Exercise
· Domain One - Answers to practice questions
· Exercise 1 sample answer
Chapter 3: Domain 2-Governance and Management of IT
· Governance in General
· Resource Management
· Project Management Tools
· Auditor's Role in the Project Management Process
· Audit Risk Assessment
· Audit Planning
· Domain Two - practice questions
Domain Two - Review Questions and Hands on Exercise
· Exercise 2 sample answer
· Domain 2 Answers to practice questions
Chapter 4: Domain 3- Information Systems Acquisition, Development and
Implementation
· Systems Acquisition
· Systems Development
· Systems Implementation
· Systems Maintenance Review
· Domain Three - practice questions
Domain Three - Review Questions and Hands on Exercise
· Exercise 3 sample answer
· Domain 3 Answers to practice questions
Chapter 5: Domain 4- Information Systems Operations, Maintenance and
Service Management
· Hardware
· Auditing Operating Systems
· People
· System interfaces
· Change Management
· Auditing Change Control
· Disaster Recovery Planning
· Auditing Service Delivery
· Domain Four - practice questions
· Domain Four - Review Questions and Hands on Exercise
· Exercise 4 sample answer
· Domain 4 Answers to practice questions
Chapter 6: Domain 5- Protection of Information Assets
· Protection of information assets
· Privacy principles
· Design, implementation, maintenance, monitoring and reporting of security
controls
· Physical access controls for the identification, authentication and
restriction of users
· Logical access controls for the identification, authentication and
restriction of users
· Risk and controls associated with virtualization of systems
· Risks and controls associated with the use of mobile and wireless devices
· Encryption-related techniques and their uses
· Public key infrastructure (PKI) components and digital signature
techniques
· Peer-to-peer computing, instant messaging, and web-based technologies
· Data classification standards related to the protection of information
assets
· Risks in end-user computing
· Implementing a security awareness program
· Information system attack methods and techniques
· Prevention and detection tools and control techniques
· Security testing techniques
· Penetration testing and Vulnerability scanning
· Forensic investigation and procedures in collection and preservation of
the data and evidence
· Domain Five - practice questions
· Domain Five - Review Questions and Hands on Exercise
· Exercise 5 sample answer
· Domain 5 Answers to practice questions
Chapter 7- Preparing for the Exam
Appendices
Appendix A: Glossary of Terms
Appendix B: CISA Sample Exam - Choose any 150 questions
Appendix C: Sample Exam Answers