Sunday, August 8, 2021

Information Systems Auditor : CISA notes

Information System Audit and Control Association (ISACA)

CISA - Certified Information Systems Auditor

CISM - Certified Information Security Manager

CGEIT - Certified in the Governance of Enterprise IT

CRISC - Certified in Risk and Information Systems Control


1: Auditing information systems for IS auditors.

2: Information Technology Governance and Management for IS auditors.

3: Information Technology life cycle for IS Auditors.

4: IT Operations, Maintenance and Service Delivery for IS auditors.

5: Information asset protection for IS auditors.


Each domain has job practice areas and knowledge statements.

Domain 1 - Information System Auditing Process (21%) 

Domain 2 - Governance and Management of IT (17%) 

Domain 3 – Information Systems Acquisition, Development and implementation (12%) 

Domain 4 - Information Systems Operations and Business Resilience (23%) 

Domain 5 – Protection of Information Assets (27%

Organizational concepts

Policies / Procedures/ Standards/ Guidelines.

CISA Exam

150 questions / 4 hours

ISACA Exam Candidate information guide

https://www.isaca.org/-/media/files/isacadp/project/isaca/certification/general/exam-candidate-guide-continuous-testing.pdf?la=en&hash=EF40E6FD3BE8410F62D4F061B9703378B6368D00

Books to refer

CISA All in One Guide (Mc Graw Hill)




Posted by at No comments:
Subscribe to: Posts (Atom)