Cisa Exam Cram 2

Key concepts you will need to understand:

ISACA IS Auditing Standards and Guidelines and Code of Professional Ethics

IS auditing practices and techniques

Techniques to gather information and preserve evidence

Control objectives and controls related to IS

Types of risk: IS, business, and audit risk

How to determine an organizations use of system platforms, IT infrastructure and applications

Risk-analysis methods, principles, and criteria

Audit planning and management techniques

How to communicate the audit results

Personnel-management techniques

Techniques you will need to master:

Develop and implement a risk-based IS audit strategy and objectives, in compliance with generally accepted standards, to ensure that the organizations information technology and business processes are adequately controlled, monitored, and assessed, and are aligned with the organization's business objectives

Plan specific audits to ensure that the IS audit strategy and objectives are achieved

Obtain sufficient, reliable, relevant, and useful evidence to achieve the audit objectives

Analyze information gathered to identify reportable conditions and reach conclusions

Review the work performed to provide reasonable assurance that objectives have been achieved

Communicate audit results to key stakeholders

Facilitate the implementation of risk-management and control practices within the organization