0
0
CISA: Certified Information Systems Auditor Study Guide

CISA: Certified Information Systems Auditor Study Guide

Höfundur David L. Cannon

Útgefandi Wiley Professional Development (P&T)

Snið Page Fidelity

Print ISBN 9781119056249

Útgáfa 4

Útgáfuár 2016

5.590 kr.

Description

Efnisyfirlit

  • CISA: Certified Information Systems Auditor: Study Guide
  • Contents
  • Introduction
  • Assessment Test
  • Chapter 1 Secrets of a Successful Auditor
  • Understanding the Demand for IS Audits
  • Executive Misconduct
  • More Regulation Ahead
  • Basic Regulatory Objective
  • Governance Is Leadership
  • Three Types of Data Target Different Uses
  • Audit Results Indicate the Truth
  • Understanding Policies, Standards, Guidelines, and Procedures
  • Understanding Professional Ethics
  • Following the ISACA Professional Code
  • Preventing Ethical Conflicts
  • Understanding the Purpose of an Audit
  • Classifying General Types of Audits
  • Determining Differences in Audit Approach
  • Understanding the Auditor’s Responsibility
  • Comparing Audits to Assessments
  • Differentiating between Auditor and Auditee Roles
  • Applying an Independence Test
  • Implementing Audit Standards
  • Where Do Audit Standards Come From?
  • Understanding the Various Auditing Standards
  • Specific Regulations Defining Best Practices
  • Audits to Prove Financial Integrity
  • Auditor Is an Executive Position
  • Understanding the Importance of Auditor Confidentiality
  • Working with Lawyers
  • Working with Executives
  • Working with IT Professionals
  • Retaining Audit Documentation
  • Providing Good Communication and Integration
  • Understanding Leadership Duties
  • Planning and Setting Priorities
  • Providing Standard Terms of Reference
  • Dealing with Conflicts and Failures
  • Identifying the Value of Internal and External Auditors
  • Understanding the Evidence Rule
  • Stakeholders: Identifying Whom You Need to Interview
  • Understanding the Corporate Organizational Structure
  • Identifying Roles in a Corporate Organizational Structure
  • Identifying Roles in a Consulting Firm Organizational Structure
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 2 Governance
  • Strategy Planning for Organizational Control
  • Overview of the IT Steering Committee
  • Using the Balanced Scorecard
  • IT Subset of the BSC
  • Decoding the IT Strategy
  • Specifying a Policy
  • Project Management
  • Implementation Planning of the IT Strategy
  • Using COBIT
  • Identifying Sourcing Locations
  • Conducting an Executive Performance Review
  • Understanding the Auditor’s Interest in the Strategy
  • Overview of Tactical Management
  • Planning and Performance
  • Management Control Methods
  • Risk Management
  • Implementing Standards
  • Human Resources
  • System Life-Cycle Management
  • Continuity Planning
  • Insurance
  • Overview of Business Process Reengineering
  • Why Use Business Process Reengineering
  • BPR Methodology
  • Genius or Insanity?
  • Goal of BPR
  • Guiding Principles for BPR
  • Knowledge Requirements for BPR
  • BPR Techniques
  • BPR Application Steps
  • Role of IS in BPR
  • Business Process Documentation
  • BPR Data Management Techniques
  • Benchmarking as a BPR Tool
  • Using a Business Impact Analysis
  • BPR Project Risk Assessment
  • Practical Application of BPR
  • Practical Selection Methods for BPR
  • Troubleshooting BPR Problems
  • Understanding the Auditor’s Interest in Tactical Management
  • Operations Management
  • Sustaining Operations
  • Tracking Actual Performance
  • Controlling Change
  • Understanding the Auditor’s Interest in Operational Delivery
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 3 Audit Process
  • Understanding the Audit Program
  • Audit Program Objectives and Scope
  • Audit Program Extent
  • Audit Program Responsibilities
  • Audit Program Resources
  • Audit Program Procedures
  • Audit Program Implementation
  • Audit Program Records
  • Audit Program Monitoring and Review
  • Planning Individual Audits
  • Establishing and Approving an Audit Charter
  • Role of the Audit Committee
  • Preplanning Specific Audits
  • Understanding the Variety of Audits
  • Identifying Restrictions on Scope
  • Gathering Detailed Audit Requirements
  • Using a Systematic Approach to Planning
  • Comparing Traditional Audits to Assessments and Self-Assessments
  • Performing an Audit Risk Assessment
  • Determining Whether an Audit Is Possible
  • Identifying the Risk Management Strategy
  • Determining Feasibility of Audit
  • Performing the Audit
  • Selecting the Audit Team
  • Determining Competence and Evaluating Auditors
  • Ensuring Audit Quality Control
  • Establishing Contact with the Auditee
  • Making Initial Contact with the Auditee
  • Using Data Collection Techniques
  • Conducting Document Review
  • Understanding the Hierarchy of Internal Controls
  • Reviewing Existing Controls
  • Preparing the Audit Plan
  • Assigning Work to the Audit Team
  • Preparing Working Documents
  • Conducting Onsite Audit Activities
  • Gathering Audit Evidence
  • Using Evidence to Prove a Point
  • Understanding Types of Evidence
  • Selecting Audit Samples
  • Recognizing Typical Evidence for IS Audits
  • Using Computer-Assisted Audit Tools
  • Understanding Electronic Discovery
  • Grading of Evidence
  • Timing of Evidence
  • Following the Evidence Life Cycle
  • Conducting Audit Evidence Testing
  • Compliance Testing
  • Substantive Testing
  • Tolerable Error Rate
  • Recording Test Results
  • Generating Audit Findings
  • Detecting Irregularities and Illegal Acts
  • Indicators of Illegal or Irregular Activity
  • Responding to Irregular or Illegal Activity
  • Findings Outside of Audit Scope
  • Report Findings
  • Approving and Distributing the Audit Report
  • Identifying Omitted Procedures
  • Conducting Follow-up (Closing Meeting)
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 4 Networking Technology Basics
  • Understanding the Differences in Computer Architecture
  • Selecting the Best System
  • Identifying Various Operating Systems
  • Determining the Best Computer Class
  • Comparing Computer Capabilities
  • Ensuring System Control
  • Dealing with Data Storage
  • Using Interfaces and Ports
  • Introducing the Open Systems Interconnection Model
  • Layer 1: Physical Layer
  • Layer 2: Data-Link Layer
  • Layer 3: Network Layer
  • Layer 4: Transport Layer
  • Layer 5: Session Layer
  • Layer 6: Presentation Layer
  • Layer 7: Application Layer
  • Understanding How Computers Communicate
  • Understanding Physical Network Design
  • Understanding Network Cable Topologies
  • Bus Topologies
  • Star Topologies
  • Ring Topologies
  • Meshed Networks
  • Differentiating Network Cable Types
  • Coaxial Cable
  • Unshielded Twisted-Pair (UTP) Cable
  • Fiber-Optic Cable
  • Connecting Network Devices
  • Using Network Services
  • Domain Name System
  • Dynamic Host Configuration Protocol
  • Expanding the Network
  • Using Telephone Circuits
  • Network Firewalls
  • Remote VPN Access
  • Using Wireless Access Solutions
  • Firewall Protection for Wireless Networks
  • Remote Dial-Up Access
  • WLAN Transmission Security
  • Achieving 802.11i RSN Wireless Security
  • Intrusion Detection Systems
  • Summarizing the Various Area Networks
  • Using Software as a Service (SaaS)
  • Advantages
  • Disadvantages
  • Cloud Computing
  • The Basics of Managing the Network
  • Automated LAN Cable Tester
  • Protocol Analyzers
  • Remote Monitoring Protocol Version 2
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 5 Information Systems Life Cycle
  • Governance in Software Development
  • Management of Software Quality
  • Capability Maturity Model
  • International Organization for Standardization
  • Typical Commercial Records Classification Method
  • Overview of the Executive Steering Committee
  • Identifying Critical Success Factors
  • Using the Scenario Approach
  • Aligning Software to Business Needs
  • Change Management
  • Management of the Software Project
  • Choosing an Approach
  • Using Traditional Project Management
  • Overview of the System Development Life Cycle
  • Phase 1: Feasibility Study
  • Phase 2: Requirements Definition
  • Phase 3: System Design
  • Phase 4: Development
  • Phase 5: Implementation
  • Phase 6: Postimplementation
  • Phase 7: Disposal
  • Overview of Data Architecture
  • Databases
  • Database Transaction Integrity
  • Decision Support Systems
  • Presenting Decision Support Data
  • Using Artificial Intelligence
  • Program Architecture
  • Centralization vs. Decentralization
  • Electronic Commerce
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 6 System Implementation and Operations
  • Understanding the Nature of IT Services
  • Performing IT Operations Management
  • Meeting IT Functional Objectives
  • Using the IT Infrastructure Library
  • Supporting IT Goals
  • Understanding Personnel Roles and Responsibilities
  • Using Metrics
  • Evaluating the Help Desk
  • Performing Service-Level Management
  • Outsourcing IT Functions
  • Performing Capacity Management
  • Using Administrative Protection
  • Information Security Management
  • IT Security Governance
  • Authority Roles over Data
  • Data Retention Requirements
  • Document Physical Access Paths
  • Personnel Management
  • Physical Asset Management
  • Compensating Controls
  • Performing Problem Management
  • Incident Handling
  • Digital Forensics
  • Monitoring the Status of Controls
  • System Monitoring
  • Document Logical Access Paths
  • System Access Controls
  • Data File Controls
  • Application Processing Controls
  • Log Management
  • Antivirus Software
  • Active Content and Mobile Software Code
  • Maintenance Controls
  • Implementing Physical Protection
  • Data Processing Locations
  • Environmental Controls
  • Safe Media Storage
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 7 Protecting Information Assets
  • Understanding the Threat
  • Recognizing Types of Threats and Computer Crimes
  • Identifying the Perpetrators
  • Understanding Attack Methods
  • Implementing Administrative Protection
  • Using Technical Protection
  • Technical Control Classification
  • Application Software Controls
  • Authentication Methods
  • Network Access Protection
  • Encryption Methods
  • Public-Key Infrastructure
  • Network Security Protocols
  • Telephone Security
  • Technical Security Testing
  • Summary
  • Exam Essentials
  • Review Questions
  • Chapter 8 Business Continuity and Disaster Recovery
  • Debunking the Myths
  • Myth 1: Facility Matters
  • Myth 2: IT Systems Matter
  • From Myth to Reality
  • Understanding the Five Conflicting Disciplines Called Business Continuity
  • Defining Disaster Recovery
  • Surviving Financial Challenges
  • Valuing Brand Names
  • Rebuilding after a Disaster
  • Defining the Purpose of Business Continuity
  • Uniting Other Plans with Business Continuity
  • Identifying Business Continuity Practices
  • Identifying the Management Approach
  • Following a Program Management Approach
  • Understanding the Five Phases of a Business Continuity Program
  • Phase 1: Setting Up the BC Program
  • Phase 2: The Discovery Process
  • Phase 4: Plan Implementation
  • Phase 5: Maintenance and Integration
  • Understanding the Auditor Interests in BC/DR Plans
  • Summary
  • Exam Essentials
  • Review Questions
  • Appendix Answers to Review Questions
  • Index
  • Advert
  • EULA
Show More

Additional information

Veldu vöru

Rafbók til eignar

Reviews

There are no reviews yet.

Be the first to review “CISA: Certified Information Systems Auditor Study Guide”

Netfang þitt verður ekki birt. Nauðsynlegir reitir eru merktir *

Aðrar vörur

Related products

Bókakaup sérhæfir sig í sölu á rafbókum.

Bókakaup

Um okkur

Skráðu þig á póstlistann okkar

Facebook Twitter Youtube
0
    0
    Karfan þín
    Karfan þín er tómAftur í búð
    Continue Shopping