Book description
Want an affordable yet innovative approach to studying for the Certified Information Systems Auditor (CISA) 2005 exam? CISA 2005 Exam Cram 2 is your solution. You will have the essential material for passing the CISA 2005 exam right at your fingertips. All exam objectives are covered and you'll find practice exams, exam alerts, notes, tips and cautions to help guide you through your exam preparation. A CD also provides you with a video introduction to the exam and complete explanations of answers to the practice questions from Certified Tech Trainers (CTT). As a special bonus, you will receive $75 in discounts on CTT products and services. For your smartest, most efficient way to get certified, choose CISA 2005 Exam Cram 2.
Table of contents
- Copyright
-
The CISA Cram Sheet
- IS Audit Process
- Management, Planning, and Organization of IS
- Technical Infrastructure and Operational Practices
- Protection of Information Assets
- Disaster Recovery and Business Continuity
- Business Application System Development, Acquisition, Implementation, and Maintenance
- Business Process Evaluation and Risk Management
- A Note from Series Editor Ed Tittel
- Acknowledgements
- About the Authors
- About the Technical Editor
- We Want to Hear from You!
- Introduction
- Self-Assessment
-
1. The Information Systems (IS) Audit Process
- Conducting IS Audits in Accordance with Generally Accepted IS Audit Standards and Guidelines
- ISACA IS Auditing Standards and Guidelines and Code of Professional Ethics
- Ensuring That the Organization’s Information Technology and Business Systems Are Adequately Controlled, Monitored, and Assessed
- Risk-Based IS Audit Strategy and Objectives
- Aligning Controls with the Organization’s Business Objectives
- Segregation of Duties
- IS Auditing Practices and Techniques
- Audit Planning and Management Techniques
- Information Systems Audits
- Audit Conclusions
- Control Objectives and Controls Related to IS (Such as Preventative and Detective)
- Reviewing the Audit
- Communicating Audit Results
- Facilitating Risk Management and Control Practices
- Risk-Analysis Methods, Principles, and Criteria
- Communication Techniques
- Personnel-Management Techniques
- Practice Questions
-
2. Management, Planning, and Organization of IS
- Strategy, Policies, Standards, and Procedures
- The Components of IS Strategies, Policies, Standards, and Procedures
- Evaluating IS Management Practices to Ensure Compliance with IS Policies, Standards, and Procedures
- Evaluating the Process for Strategy Development, Deployment, and Maintenance
- Principles of IS Organizational Structure and Design
- Examining IS Management and Practices
- IT Governance, Risk Management, and Control Frameworks
- IS Problem- and Change-Management Strategies and Policies
- IS Quality-Management Strategies and Policies
- IS Information Security Management Strategies and Policies
- IS Business Continuity Management Strategies and Policies
- Contracting Strategies, Processes, and Contract-Management Practices
- Roles and Responsibilities of IS Functions (Including Segregation of Duties)
- Practices Related to the Management of Technical and Operational Infrastructure
- Exam Prep Questions
-
3. Technical Infrastructure and Operational Practices and Infrastructure
- IT Organizational Structure
- Evaluating Hardware Acquisition, Installation, and Maintenance
- Evaluating Systems Software Development, Acquisition, Implementation, and Maintenance
- Evaluating Network Infrastructure Acquisition, Installation, and Maintenance
- The TCP/IP Protocol Suite
- Routers
- Internet, Intranet, and Extranet
- Evaluating IS Operational Practices
- Evaluating the Use of System Performance and Monitoring Processes, Tools, and Techniques
- Exam Prep Questions
-
4. Protection of Information Assets
- Understanding and Evaluating Controls Design, Implementation, and Monitoring
- Logical Access Controls
- Network Infrastructure Security
- Environmental Protection Practices and Devices
- Physical Access
- Intrusion Methods and Techniques
- Security Testing and Assessment Tools
- Sources of Information on Information Security
- Security Monitoring, Detection, and Escalation Processes and Techniques
- The Processes of Design, Implementation, and Monitoring of Security
- Exam Prep Questions
-
5. Disaster Recovery and Business Continuity
- Understanding and Evaluating Process Development
- Crisis Management and Business Impact Analysis Techniques
- Disaster Recovery and Business Continuity Planning and Processes
- Backup and Storage Methods and Practices
- Disaster Recovery and Business Continuity Testing Approaches and Methods
-
Understanding and Evaluating Business Continuity Planning, Documentation, Processes, and Maintenance
- Evaluating the Organization’s Capability to Ensure Business Continuity in the Event of a Business Disruption
- Evaluating Backup and Recovery Provisions in the Event of a Short-Term Disruption
- Evaluating the Capability to Continue Information System Processing in the Event That the Primary Information-Processing Facilities Are Not Available
- Insurance in Relation to Business Continuity and Disaster Recovery
- Human Resource Issues (Evacuation Planning, Response Teams)
- Exam Prep Questions
-
6. Business Application System Development, Acquisition, Implementation, and Maintenance
- Evaluating Application Systems Development and Implementation
- System-Development Methodologies and Tools
- Project-Management Principles, Methods, and Practices
- Application-Maintenance Principles
- Evaluating Application Systems Acquisition and Implementation
- Evaluating Application Systems
- Exam Prep Questions
-
7. Business Process Evaluation and Risk Management
- Evaluating IS Efficiency and Effectiveness of Information Systems in Supporting Business Processes
- Evaluating the Design and Implementation of Programmed and Manual Controls
- Evaluating Business Process Change Projects
- Evaluating the Implementation of Risk Management and Governance
- Exam Prep Questions
- 8. Practice Exam 1
- 9. Answer Key 1
- 10. Practice Exam 2
- 11. Answer Key 2
- A CD Contents and Installation Instructions
- CISA Glossary
Product information
- Title: CISA Exam Cram™ 2
- Author(s):
- Release date: April 2005
- Publisher(s): Pearson IT Certification
- ISBN: 9780789732729
You might also like
book
CompTIA® A+ Exam Prep (Exams A+ Essentials, 220-602, 220-603, 220-604)
This book covers every skill measured by the latest A+ Exams including: Understanding all essential PC …
book
CISA Exam Prep
CISA Exam Prep Certified Information Systems Auditor Michael Gregg Your Complete Certification Solution! The Smart Way …
book
Security Fundamentals
A Sybex guide to Windows Security concepts, perfect for IT beginners Security is one of the …
book
PHR/SPHR Professional in Human Resources Certification Deluxe Study Guide
Comprehensive PHR/SPHR exam preparation, featuring interactive learning environment PHR/SPHR Professionals in Human Resources Certification Deluxe Study …