CISA Review 2003 Introduction[2]

8/2/2019 CISA Review 2003 Introduction[2]

1/23

2002 ISACAIntroduction - page 1

CISA

Review Course2003

INTRODUCTION

Information Systems

Audit and controlAssociation


2/23


ISACA was formed in 1969 to meet the unique,diverse and high technology needs of theburgeoning information technology field.

In an industry in which progress is measured innano-seconds, ISACA has moved with agility andspeed to bridge the needs of the internationalbusiness community and the information technology

controls profession.

ISACA


3/23


Historyof the CISA Exam

The Certified Information Systems Auditor (CISA) Programwas established in 1978 to:

Develop and maintain a testing instrument that could beused to evaluate an individuals competency in conductinginformation systems audits

Provide a mechanism for motivating information systemsauditors to maintain their competencies and monitoring thesuccess of the maintenance programs

Aid top management in developing a sound informationsystems audit function by providing criteria for personnel

selection and development


4/23


5/23


Professional RecognitionPersonal Pride

Being a CISA is more than passing anexamination.

It demonstrates the commitment, dedicationand proficiency required to excel in the audit,controland security professions.

The CISA designation identifies its holders asconsummate professionals who maintain acompetitive advantage among their peers


6/23


Benefits of Becoming aCISA

Attests to an individual's informationsystems audit expertise.

Indicates a desire to serve an organization

with distinction.

Highly sought after professional designation.

Assures employers that their staff is able to

apply state-of-the-art information systemsaudit, security and control practices andtechniques and that these skills aremaintained.


7/232002 ISACAIntroduction - page 7

Requirements for

Certification Successfully complete the CISA examination.

Adhere to the Information Systems Audit

and Control Associations Code ofProfessional Ethics.

Submit a completed Application forCertification with evidence of a minimum of

five ( 5 ) years of professional informationsystems ( IS ) auditing, control and securitywork experience. Substitution and waiversmay apply. (explained in detail subsequently)



The CISA Examination

Development of the Exam

One Process Area Six Content Areas

Studying



Summary of CISA ContentAreas

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

Chapter 7

The IS Audit Process ( 10%)

Management, Planning and Organization of IS ( 11%)

Technical Infrastructure and Operational Practices ( 13%)

Protection of Information Assets ( 25%)

Disaster Recovery and Business Continuity (10%)

Business Application System Development, Acquisition,

Implementation and Maintenance ( 16%)

Business Process Evaluation and Risk Management(15%)



References

2003 CISA Review Manual

CISA Review Questions, Answers & Explanations Manual

CISA Review Questions, Answers & Explanations Manual:2002 and 2003 Supplements

Information Systems Control Journal (Formerly the ISAudit & Control Journal)

Handbook of IT Auditingwith 2001 Supplement, Warren,Gorham & Lamont

COBIT: Control Objectives for Information and relatedTechnology, 3rdEdition, 2000, IT Governance Institute andISACF

Information Systems Control and Audit, 1999, Weber



How to Study for theCISA Examination

A proper study plan consists of many steps.

Self-appraisal

Determination of the type of study programto undertake

Having an adequate amount of time to prepare

Maintaining momentum

Readiness review



Types of Questionson the Exam

All questions are multiple choice and are designedfor one best answer.

Questions require the candidate to choose theappropriate answer.

Every CISA question has a stem (question) and

four options (answer choices).



Administration of theExamination

Administered on Saturday, 14 June 2003 (exacttime and location will be indicated on exam ticket )

The examination is offered in every city wherethere is an ISACA chapter or in locations where

there are five or more paid candidatesApproximately 190 Test Sites in 57 Countries

Dutch, English, French, German, Hebrew, Italian,Japanese, Korean, Spanish and Chinese Simplified

and Traditional Mandarin languages4 hours

200 Multiple-choice Questions

Passing Mark of 75 (scaled score)



ISACA is pleased to offer this reviewcourse to our chapters and members.We sincerely hope that it will assist

candidates in preparing for the CISAexamination.

Information Systems

Audit and controlAssociation


15/23



CISA Designation

Successfully complete CISA Examination

Adhere to ISACA Code of Professional Ethics

Adhere to Information Systems AuditingStandards

A minimum of 5 years of experience in You cant call yourself CISA until you complete the 5

years certification requirements

Waivers and Substitution for experience

Continuing Education Policy CPE hours



Waiver on Experience

A maximum of 1 year of Information Systemsexperience OR1 year of Financial or OperationalAuditing experience can be substituted for 1year of Information Systems Auditing, Control,

or Security experience. (example CA)Any Bachelors degree earns you 2 yearscredit

2 years as a full time university instructor in arelated field (e.g., Computer Science, Accounting,

Information Systems auditing) can besubstituted for 1 year of Information SystemsAuditing, Control or Security experience.(example Teachers / Professor)

MAXIMUM EXEMPTION ALLOWED IS 3


18/23


Please Note

Experience must have been gained within the

10-year period preceding the application for certification

or

within five (5) years from the date of initially passingthe examination

Application for certification must be submitted within five(5) years from the passing date of the CISA exam.

All experience will be verified independently withemployers. In the event of Multiple employers obtainmultiple certificates from employers and the current

employer certifies the total experience.


19/23


CISA is / expected tospecialize

IS Audit, Control & Security

Specific Environments

IS Audit, Control & Security Tools

IS Auditing

Net Centric (Intranet/Extranet/Internet)Control & Security

IS Security CISM prospectIS Control


20/23


Specialize

IS Control

IT Governance & BusinessManagement

E-business

Telecommunications

Project Management


21/23


Opportunities in India

CISA is recognized in India by Govt ofIndia- Min of Information Technology

RBI has special recognition for CISA

Job Opportunities in Corporate bodies asspecialists

Special demand in Banking & other

Financial Sector due to regulatoryrequirements

Consulting opportunities


22/23


23/23

2002 ISACA

Thank You!

Questions are welcome!

CISA Review 2003 Introduction[2]

Documents

Transcript of CISA Review 2003 Introduction[2]