This book is designed to be read as a pointer to the areas of knowledge you will be tested on. In other words, you might want to read the book one time just to get insight into how comprehensive your knowledge of this topic is. The book is also designed to be read shortly before you go for the actual test and to give you a distillation of the field of systems auditing in as few pages as possible. We think you can use this book to get a sense of the underlying context of any topic in the chaptersor to skim-read for Exam Alerts, bulleted points, summaries, and topic headings. We have drawn on material from ISACA's own listing of knowledge requirements, from other preparation guides, and from the exams themselves. We have also drawn from a battery of third-party test-preparation tools and technical websites, as well as from our own experience with application development and the exam. Our aim is to walk you through the knowledge you will needlooking over your shoulder, so to speakand point out those things that are important for the exam (Exam Alerts, practice questions, and so on). Much of the explanation of concepts has been derived from Certified Tech Trainer's professional instructor-led training for IT Auditing and Assurance, Information Security Essentials and Best Practices, Business Continuity and Disaster Recovery Management, and Business Continuity: Incident Response. By reading this book, you will not only gain from the experience of real-world professional information systems auditors, but you will also enjoy the benefit of costly professional content development. The CISA exam makes a basic assumption that you already have a strong background in information systems auditing and controls. On the other hand, because the systems auditing requirements and practices constantly evolve, no one can be a complete expert. We have tried to demystify the jargon, acronyms, terms, and concepts. In addition, wherever we think you are likely to blur past an important concept, we have defined the assumptions and premises behind that concept. Contacting the AuthorsWe have tried to create a real-world tool that you can use to prepare for and pass the CISA certification exam. We are interested in any feedback you would care to share about the book, especially if you have ideas about how we can improve it for future test-takers. We will consider everything you say carefully and will respond to all reasonable suggestions and comments. You can reach Allen Keele via email at allenk@certifiedtechtrainers.com, and you can reach Keith Mortier via email at kmortier@lmisol.com. Let us know if you found this book to be helpful in your preparation efforts. We would also like to know how you felt about your chances of passing the exam before you read the book and then after you read the book. Of course, we would love to hear that you passed the examand even if you just want to share your triumph, we would be happy to hear from you. Thanks for choosing us as your personal trainers, and enjoy the book. We would wish you luck on the exam, but we know that if you read through all the chapters and have some real-world information systems and controls auditing experience, you will not need luckyou will pass the test on the strength of real knowledge! |