Cisa Exam Cram 2
- Exam Cram 2: CISA
- Table of Contents
- Copyright
- The CISA Cram Sheet
- IS Audit Process
- Management, Planning, and Organization of IS
- Technical Infrastructure and Operational Practices
- Protection of Information Assets
- Disaster Recovery and Business Continuity
- Business Application System Development, Acquisition, Implementation, and Maintenance
- Business Process Evaluation and Risk Management
- A Note from Series Editor Ed Tittel
- Acknowledgements
- About the Authors
- About the Technical Editor
- We Want to Hear from You
- Introduction
- About the CISA Exam and Content Areas
- How to Prepare for the Exam
- Additional Exam-Preparation Resources
- What This Book Will Do
- What This Book Will Not Do
- Self-Assessment
- Certified Information Systems Auditors in the Real World
- Chapter 1. The Information Systems (IS) Audit Process
- Conducting IS Audits in Accordance with Generally Accepted IS Audit Standards and Guidelines
- ISACA IS Auditing Standards and Guidelines and Code of Professional Ethics
- Ensuring That the Organization s Information Technology and Business Systems Are Adequately Controlled, Monitored, and Assessed
- Risk-Based IS Audit Strategy and Objectives
- Aligning Controls with the Organization s Business Objectives
- Segregation of Duties
- IS Auditing Practices and Techniques
- Audit Planning and Management Techniques
- Information Systems Audits
- Audit Conclusions
- Control Objectives and Controls Related to IS (Such as Preventative and Detective)
- Reviewing the Audit
- Communicating Audit Results
- Facilitating Risk Management and Control Practices
- Risk-Analysis Methods, Principles, and Criteria
- Communication Techniques
- Personnel-Management Techniques
- Practice Questions
- Chapter 2. Management, Planning, and Organization of IS
- Strategy, Policies, Standards, and Procedures
- The Components of IS Strategies, Policies, Standards, and Procedures
- Evaluating IS Management Practices to Ensure Compliance with IS Policies, Standards, and Procedures
- Evaluating the Process for Strategy Development, Deployment, and Maintenance
- Principles of IS Organizational Structure and Design
- Examining IS Management and Practices
- IT Governance, Risk Management, and Control Frameworks
- IS Problem- and Change-Management Strategies and Policies
- IS Quality-Management Strategies and Policies
- IS Information Security Management Strategies and Policies
- IS Business Continuity Management Strategies and Policies
- Contracting Strategies, Processes, and Contract-Management Practices
- Roles and Responsibilities of IS Functions (Including Segregation of Duties)
- Practices Related to the Management of Technical and Operational Infrastructure
- Exam Prep Questions
- Chapter 3. Technical Infrastructure and Operational Practices and Infrastructure
- IT Organizational Structure
- Evaluating Hardware Acquisition, Installation, and Maintenance
- Evaluating Systems Software Development, Acquisition, Implementation, and Maintenance
- Evaluating Network Infrastructure Acquisition, Installation, and Maintenance
- The TCPIP Protocol Suite
- Routers
- Internet, Intranet, and Extranet
- Evaluating IS Operational Practices
- Evaluating the Use of System Performance and Monitoring Processes, Tools, and Techniques
- Exam Prep Questions
- Chapter 4. Protection of Information Assets
- Understanding and Evaluating Controls Design, Implementation, and Monitoring
- Logical Access Controls
- Network Infrastructure Security
- Environmental Protection Practices and Devices
- Physical Access
- Intrusion Methods and Techniques
- Security Testing and Assessment Tools
- Sources of Information on Information Security
- Security Monitoring, Detection, and Escalation Processes and Techniques
- The Processes of Design, Implementation, and Monitoring of Security
- Exam Prep Questions
- Chapter 5. Disaster Recovery and Business Continuity
- Understanding and Evaluating Process Development
- Crisis Management and Business Impact Analysis Techniques
- Disaster Recovery and Business Continuity Planning and Processes
- Backup and Storage Methods and Practices
- Disaster Recovery and Business Continuity Testing Approaches and Methods
- Understanding and Evaluating Business Continuity Planning, Documentation, Processes, and Maintenance
- Insurance in Relation to Business Continuity and Disaster Recovery
- Human Resource Issues (Evacuation Planning, Response Teams)
- Exam Prep Questions
- Chapter 6. Business Application System Development, Acquisition, Implementation, and Maintenance
- Evaluating Application Systems Development and Implementation
- System-Development Methodologies and Tools
- Project-Management Principles, Methods, and Practices
- Application-Maintenance Principles
- Evaluating Application Systems Acquisition and Implementation
- Evaluating Application Systems
- Exam Prep Questions
- Chapter 7. Business Process Evaluation and Risk Management
- Evaluating IS Efficiency and Effectiveness of Information Systems in Supporting Business Processes
- Evaluating the Design and Implementation of Programmed and Manual Controls
- Evaluating Business Process Change Projects
- Evaluating the Implementation of Risk Management and Governance
- Exam Prep Questions
- Chapter 8. Practice Exam 1
- Chapter 9. Answer Key 1
- Chapter 10. Practice Exam 2
- Chapter 11. Answer Key 2
- A CD Contents and Installation Instructions
- Multiple Test Modes
- Question Types
- Random Questions and Order of Answers
- Detailed Explanations of Correct and Incorrect Answers
- Attention to Exam Objectives
- Installing the CD
- Technical Support
- CISA Glossary
- Index
- SYMBOL
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X