Cisa Exam Cram 2

2017-07-07 02:10:07



•	Table of Contents
•	Index
•	Examples

Exam Cram™ 2: CISA
By Allen Keele, Keith Mortier

Publisher	: Que
Pub Date	: April 20, 2005
Print ISBN	: 0-7897-3272-6
Pages	: 456

The CISA Cram Sheet

IS Audit Process

Management, Planning, and Organization of IS

Technical Infrastructure and Operational Practices

Protection of Information Assets

Disaster Recovery and Business Continuity

Business Application System Development, Acquisition, Implementation, and Maintenance

Business Process Evaluation and Risk Management

A Note from Series Editor Ed Tittel

Acknowledgements

About the Authors

About the Technical Editor

We Want to Hear from You!

Introduction

About the CISA Exam and Content Areas

How to Prepare for the Exam

Additional Exam-Preparation Resources

What This Book Will Do

What This Book Will Not Do

Self-Assessment

Certified Information Systems Auditors in the Real World

Chapter 1. The Information Systems (IS) Audit Process

Conducting IS Audits in Accordance with Generally Accepted IS Audit Standards and Guidelines

ISACA IS Auditing Standards and Guidelines and Code of Professional Ethics

Ensuring That the Organization's Information Technology and Business Systems Are Adequately Controlled, Monitored, and Assessed

Risk-Based IS Audit Strategy and Objectives

Aligning Controls with the Organization's Business Objectives

Segregation of Duties

IS Auditing Practices and Techniques

Audit Planning and Management Techniques

Information Systems Audits

Audit Conclusions

Control Objectives and Controls Related to IS (Such as Preventative and Detective)

Reviewing the Audit

Communicating Audit Results

Facilitating Risk Management and Control Practices

Risk-Analysis Methods, Principles, and Criteria

Communication Techniques

Personnel-Management Techniques

Practice Questions

Chapter 2. Management, Planning, and Organization of IS

Strategy, Policies, Standards, and Procedures

The Components of IS Strategies, Policies, Standards, and Procedures

Evaluating IS Management Practices to Ensure Compliance with IS Policies, Standards, and Procedures

Evaluating the Process for Strategy Development, Deployment, and Maintenance

Principles of IS Organizational Structure and Design

Examining IS Management and Practices

IT Governance, Risk Management, and Control Frameworks

IS Problem- and Change-Management Strategies and Policies

IS Quality-Management Strategies and Policies

IS Information Security Management Strategies and Policies

IS Business Continuity Management Strategies and Policies

Contracting Strategies, Processes, and Contract-Management Practices

Roles and Responsibilities of IS Functions (Including Segregation of Duties)

Practices Related to the Management of Technical and Operational Infrastructure

Exam Prep Questions

Chapter 3. Technical Infrastructure and Operational Practices and Infrastructure

IT Organizational Structure

Evaluating Hardware Acquisition, Installation, and Maintenance

Evaluating Systems Software Development, Acquisition, Implementation, and Maintenance

Evaluating Network Infrastructure Acquisition, Installation, and Maintenance

The TCP/IP Protocol Suite

Routers

Internet, Intranet, and Extranet

Evaluating IS Operational Practices

Evaluating the Use of System Performance and Monitoring Processes, Tools, and Techniques

Exam Prep Questions

Chapter 4. Protection of Information Assets

Understanding and Evaluating Controls Design, Implementation, and Monitoring

Logical Access Controls

Network Infrastructure Security

Environmental Protection Practices and Devices

Physical Access

Intrusion Methods and Techniques

Security Testing and Assessment Tools

Sources of Information on Information Security

Security Monitoring, Detection, and Escalation Processes and Techniques

The Processes of Design, Implementation, and Monitoring of Security

Exam Prep Questions

Chapter 5. Disaster Recovery and Business Continuity

Understanding and Evaluating Process Development

Crisis Management and Business Impact Analysis Techniques

Disaster Recovery and Business Continuity Planning and Processes

Backup and Storage Methods and Practices

Disaster Recovery and Business Continuity Testing Approaches and Methods

Understanding and Evaluating Business Continuity Planning, Documentation, Processes, and Maintenance

Insurance in Relation to Business Continuity and Disaster Recovery

Human Resource Issues (Evacuation Planning, Response Teams)

Exam Prep Questions

Chapter 6. Business Application System Development, Acquisition, Implementation, and Maintenance

Evaluating Application Systems Development and Implementation

System-Development Methodologies and Tools

Project-Management Principles, Methods, and Practices

Application-Maintenance Principles

Evaluating Application Systems Acquisition and Implementation

Evaluating Application Systems

Exam Prep Questions

Chapter 7. Business Process Evaluation and Risk Management

Evaluating IS Efficiency and Effectiveness of Information Systems in Supporting Business Processes

Evaluating the Design and Implementation of Programmed and Manual Controls

Evaluating Business Process Change Projects

Evaluating the Implementation of Risk Management and Governance

Exam Prep Questions

Chapter 8. Practice Exam 1

Chapter 9. Answer Key 1

Chapter 10. Practice Exam 2

Chapter 11. Answer Key 2

A CD Contents and Installation Instructions

Multiple Test Modes

Question Types

Random Questions and Order of Answers

Detailed Explanations of Correct and Incorrect Answers

Attention to Exam Objectives

Installing the CD

Technical Support

CISA Glossary

Index

Категории