Schweitzer Fachinformationen
Wenn es um professionelles Wissen geht, ist Schweitzer Fachinformationen wegweisend. Kunden aus Recht und Beratung sowie Unternehmen, öffentliche Verwaltungen und Bibliotheken erhalten komplette Lösungen zum Beschaffen, Verwalten und Nutzen von digitalen und gedruckten Medien.
Improve your understanding of every CISA exam domain and objectives to further your career in information security auditing
CISA Certified Information Systems Auditor Practice Tests provides essential and practical exam prep for the popular CISA certification. Hundreds of domain-by-domain practice questions cover all of the tested Certified Information Systems Auditor exam objectives, helping you prepare for the test and for the real-world demands of a career in systems audit, security, and control.
Just like the real exams, the practice questions written by veteran information security experts Peter Gregory and Mike Chapple cover the information system auditing process, the governance and management of IT, information systems acquisition, development, and implementation, information systems operations and business resilience, and the protection of information assets. These rigorous and realistic practice questions will get you ready whether this is your first role in the industry or if you are experienced and ready to advance your career. By studying the domain-by-domain questions and well as taking the full chapter practice exams, you'll get help in identifying your subject-matter strengths and weaknesses and be ready to shift from topic to topic in an exam-like setting. In the book, you'll get:
Perfect for everyone studying for the CISA Certified Information Systems Auditor certification exam, this book will also benefit IT security professionals seeking to test and improve their skillset.
ABOUT THE AUTHORS
PETER H. GREGORY, CISA, CISSP, is a career technologist and cybersecurity leader. He is the retired Senior Director of GRC at GCI Communications, where he leads security policy, control frameworks, business continuity, third-party risk management, privacy, information and AI governance, and law enforcement wiretaps.
MIKE CHAPPLE, PHD, CISA, CISSP, is a teaching professor of IT, analytics, and operations at the University of Notre Dame. He is a cybersecurity professional and educator with over 25 years experience including as chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S. Air Force. Mike is the author of more than 200 books and video courses and provides cybersecurity certification resources at CertMike.com.
Introduction xi
Chapter 1 The Audit Process 1
Chapter 2 Governance and Management of IT 19
Chapter 3 IT Life Cycle Management 37
Chapter 4 IT Service Management and Continuity 57
Chapter 5 Information Asset Protection 73
Practice Test 1 89
Practice Test 2 119
Appendix 151
Index 245
Congratulations on choosing to become a Certified Information Systems Auditor (CISA). Whether you have worked for several years in information systems auditing or have just recently been introduced to the world of controls, assurance, and security, don't underestimate the hard work and dedication required to obtain and maintain CISA certification. Although ambition and motivation are essential, the rewards of being CISA certified can far exceed the effort.
You probably never imagined yourself working in auditing or looking to obtain a professional auditing certification. Perhaps the increase in legislative or regulatory requirements for information system security led to your introduction to this field. Or, possibly, you noticed that CISA-related career options are increasing exponentially, and you have decided to get ahead of the curve. You aren't alone; since the inception of the CISA certification in 1978, more than 200,000 professionals worldwide reached the same conclusion and have earned this well-respected certification. Welcome to the journey and the amazing opportunities that await you.
This book is a companion to the CISA Certified Information Systems Auditor Study Guide: Covers 2024 Exam Objectives (Sybex, 2025, Gregory/Chapple). If you're looking to test your knowledge before you take the CISA exam, this book will help you by providing a combination of 700 questions that cover the CISA domains with easily understood explanations for correct answers.
Since this is a companion to the CISA Certified Information Systems Auditor Study Guide, this book is designed to be similar to taking the CISA exam. It contains standard multiple-choice questions similar to those you may encounter in the certification exam itself. The book is divided into five chapters, each corresponding to the five domains in the CISA Job Practice.
We have compiled this information in both books to help you understand the commitment needed, prepare for the exam, and maintain your certification. Not only do we wish you to prepare for and pass the exam with flying colors, but we also provide you with the information and resources to maintain your certification and represent yourself and the professional world of information system (IS) auditing proudly with your new credentials.
If you're preparing for the CISA exam, you'll undoubtedly want to find as much information as possible about information systems and auditing. The more information you have, the better off you'll be when attempting the exam. The companion study guide was written with that in mind. The goal was to provide enough information to prepare you for the test, but not so much that you'll be overloaded with information outside the exam's scope.
Together, these books present the material at an intermediate technical level. Experience with and knowledge of security and auditing concepts will help you fully understand the challenges you'll face as an information systems auditor.
If you can answer 80% or more of the review questions correctly for a given domain, you can feel safe moving on to the next domain. If you're unable to answer that many correctly, reread the companion book chapter and try the questions again. Your score should improve.
Don't just study the questions and answers! The questions on the actual exam will be different from the practice questions included in this book. The exam is designed to test your knowledge of a concept or objective, so use this book to learn the objectives behind the questions.
ISACA (formerly known as the Information Systems Audit and Control Association) is a recognized leader in control, assurance, and IT governance. Formed in 1967, this nonprofit organization represents more than 180,000 professionals in more than 188 countries. ISACA administers several exam certifications, including:
The certification program has been accredited under ISO/IEC 17024:2012, which means that ISACA's procedures for accreditation meet international requirements for quality, continuous improvement, and accountability.
If you're new to ISACA, we recommend you tour the organization's website (www.isaca.org) and familiarize yourself with the available guides and resources. In addition, if you're near one of the 225 local ISACA chapters in 99 countries worldwide, consider contacting the chapter board for information on local meetings, training days, conferences, or study sessions. You may be able to meet other IS auditors who can give you additional insight into the CISA certification and the audit profession.
Established in 1978, the CISA certification primarily focuses on audit, controls, assurance, and security. It certifies the individual's knowledge of testing and documenting IS controls and their ability to conduct formal IS audits. Organizations seek qualified personnel for assistance with developing and maintaining robust control environments. A CISA-certified individual is a great candidate for these positions.
The CISA exam is designed to be a vendor-neutral certification for information systems auditors. ISACA recommends this certification for those who already have experience in auditing and want to demonstrate that experience to current and future employers.
The exam covers five major domains:
These five areas include a range of topics, from enterprise risk management to evaluating cybersecurity controls. They focus heavily on scenario-based learning and the role of the information systems auditor in various scenarios. You'll need to learn a lot of information, but you'll be well rewarded for possessing this credential. ISACA reports that the average salary of CISA credential holders is more than $145,000. And according to Certification Magazine's 2023 salary survey, ISACA credentials, including CISA, are among the top 10 highest paying in IT.
The CISA exam includes only standard multiple-choice questions. Each question has four possible answer choices, and only one of those answers is correct. When taking the test, you'll likely find some questions where you think multiple answers might be correct. In those cases, remember that you're looking for the best possible answer to the question!
The exam costs $575 for ISACA members and $760 for non-members. More details about the CISA exam and how to take it can be found at www.isaca.org/credentialing/cisa
You'll have four hours to take the exam and be asked to answer 150 questions during that time. Your exam will be scored on a scale ranging from 200 to 800, with a passing score of 450.
ISACA frequently does what is called item seeding, which is the practice of including unscored questions on exams. It does so to gather psychometric data, which is then used when developing new versions of the exam. Before you take the exam, you will be told that your exam may include these unscored questions. So, if you come across a question that does not appear to map to any of the exam objectives-or, for that matter, does not appear to belong in the exam-it is likely a seeded question. However, you never really know whether a question is seeded, so always try to answer every question.
Once fully prepared to take the exam, you can visit the ISACA website to register. Currently, ISACA offers two options for taking the exam: an in-person exam at a testing center and an at-home exam on your own computer through a remote proctoring service.
ISACA partners with PSI Exams testing centers, so your next step will be to locate a testing center near you. In the US, you can do this based on your address or your ZIP code, whereas non-US test takers may find it easier to enter their city and country. You can search for a test center near you on the PSI Exams website: https://www.psiexams.com
Now that you know where you'd like to take the exam, simply set up a PSI testing account and schedule an exam on the site.
On the day of the test, bring a government-issued identification card or passport that contains your full name (exactly matching the name on your exam registration), your signature, and your photograph. Be sure to show up with plenty of time before the exam starts. Remember that you cannot take your notes, electronic devices (including smartphones and watches), or other materials into the testing center with you.
ISACA also offers online exam proctoring. Candidates using this approach will take the exam at their home or office and be proctored over a webcam by a remote proctor.
Due to the rapidly changing nature of the at-home testing experience, candidates wishing to pursue this option should check the ISACA website for the latest details.
One critical fact worth noting is that you must have a...
Dateiformat: ePUBKopierschutz: Adobe-DRM (Digital Rights Management)
Systemvoraussetzungen:
Das Dateiformat ePUB ist sehr gut für Romane und Sachbücher geeignet – also für „fließenden” Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein „harter” Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.Bitte beachten Sie: Wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!
Weitere Informationen finden Sie in unserer E-Book Hilfe.
