Description
CISA Certified Information Systems Auditor Study Guide 4th Edition
CISA Certified Information Systems Auditor Study Guide 4th-Edition is designed for anyone interested in straightforward, honest guidance on passing the Certified Information Systems Auditor (CISA) exam. This book is designed for anyone interested in straightforward, honest guidance on passing the Certified Information Systems Auditor (CISA) exam.
The CISA certification is one of the hottest entry-level auditor credentials on the market. It is a trend worldwide for various organizations to upgrade security and prove the existence of strong internal controls.
You may have heard of a few of these:
- International Basel III accord for risk management in banking.
- COSO, which includes several variations by country. The US version deals with Sarbanes-Oxley Act (SOX) for public corporations with equivalent controls offered in other stock exchanges worldwide.
- Safe Harbor International Information Privacy Protection.
- US Federal Information Security Management Act (FISMA).
- Payment Card Industry (PCI) standards for credit card processing.
- Health Insurance Portability and Accountability Act (HIPAA).
These are just a few of more than 30 high-profile regulations that demand audited proof of internal controls. Frankly, they present many opportunities for a CISA. This may be the opportunity that you have been looking for, especially if you come from a background of finance or technology.
One of the biggest problems facing regulatory compliance reporting is individuals running testing applications without understanding all the other simultaneous objectives still required. Running software will never make a person a competent auditor.
Far too many dependencies exist outside of the testing application. To address this problem, the skeptical auditor mentality is coupled with disciplined written procedures, testing plans, factual reporting of failures even if they are fixed, and objective independence in scope and decisions, which are far more important than automated test results alone.
Study pack format: PDF
If you need support on your study materials or just to ask us a question, You can chat with a Teststreams support agent using the live chat link below, or send us a quick in-mail.
Sample of CISA Certified Information Systems Auditor Study Guide 4th Edition
What to Expect on the CISA Exam
Certainly you are curious about the types of questions you will encounter on the exam.
ISACA is very protective of the actual test questions. Let’s look at how the test is designed:
■ The CISA exam is not an IT security test. Candidates will be expected to understand
the basic concepts and terminology of what they will be auditing. However, IT security
knowledge alone will not help candidates pass the test.
■ The CISA exam is not a financial auditor exam. Candidates are not expected to be
accounting technicians or to perform complex financial transactions.
■ The CISA exam is not a computer technician exam. Candidates are not expected to
build computers or to configure network devices. They are expected to understand the
common terminology.
■ The entire focus is on how to apply the structured rules of financial auditing to the
abstract world of managing information technology
How to Fail Your CISA Exam
The CISA exam is based on ISACA’s auditing standards and the application of the
Statements on Auditing Standards (SAS). Abstract concepts of IT require the auditor to
use a different approach to auditing. Adults learn by direct experience or by speaking with
other people. Here are the two ways to fail your exam:
Rehearsing Practice Questions More Than Twice One super-bad habit is to rehearse by
using practice questions. Studies have proven that the brain stops learning after the second
pass over the same question and then it starts memorizing the wording. This causes the
brain to record the answer as rote memory rather than to learn the information. As a result,
you will likely miss the correct answer on your exam because of the different styles ISACA
uses to present the question and the answer choices.
Another big problem is using questions from the Internet that cannot be traced to an
offi cial reference source. Bad questions still make the seller money while programming you
with the wrong information. Beware of ghostly sellers hiding behind websites without full
contact information prominently displayed. I suggest you stick to the questions provided
with this book or the CertTest website or buy the ISACA offi cial practice questions. Stop
rehearsing the same question after two passes. Instead, reread the corresponding section in
the book.
Improper Study Preparation The CISA exam is designed to prevent cram study. You
will discover that the structure of the exam questions is rather convoluted. Some of
the answer choices will barely fi t the question. Just select the best choice that honors
the spirit and intent of the audit objectives. It’s possible that the best answer is only
51 percent correct. Go with the 51 percent answer if that is the best choice available. This
confusion is intentional, to prevent the test taker from using rote memory. The best study
technique is to read about 1 hour per night while taking manual notes. Be sure to read
all the sections—every page in the order presented. Previous CISA candidates were quite
perturbed to discover that the area they assumed to be their strongest was instead where
they scored poorly. You may have many years of experience in the subject, but what matters
is that your view agrees with ISACA’s exam. I have not heard of a single person getting a
better score after protesting an offi cial exam question. ISACA uses a professional testing
company to run its exam. Protest a question if you must, but I’ll wager that you lose the
protest and your protest fee in the end.
The Best Way to Pass Your CISA Exam
Be prepared to answer questions about what the auditor should be doing. Correct answers
are not focused on technical details, as you might expect from an IT equipment support
Reviews
There are no reviews yet.