By Peter H. Gregory

"All-in-One is All You Need." CISA qualified info platforms Auditor multi function examination consultant Get whole assurance of all of the fabric incorporated at the qualified details structures Auditor examination inside of this entire source. Written by means of an IT safeguard and audit specialist, this authoritative advisor covers all six examination domain names constructed by means of the knowledge platforms Audit and regulate organization (ISACA). you will discover studying ambitions in the beginning of every bankruptcy, examination advice, perform examination questions, and in-depth factors. Designed that will help you go the CISA examination conveniently, this definitive quantity additionally serves as a necessary on-the-job reference. Covers all examination issues, together with: IS audit strategy IT governance community know-how and defense platforms and infrastructure way of life administration IT carrier supply and aid safeguard of knowledge resources actual protection enterprise continuity and catastrophe restoration Peter H. Gregory, DRCE, CISSP, CISA, is a safety and hazard supervisor at a monetary administration corporation. he's a member of the board of advisors and is the lead teacher for the collage of Washington's certificates application in info structures safeguard.

Show description

Read Online or Download CISA Certified Information Systems Auditor All-in-One Exam Guide PDF

Best network administration books

Outlook 2010 For Dummies (For Dummies (Computer/Tech))

Wake up to hurry at the new positive aspects of Outlook 2010 with this enjoyable and pleasant advisor even though Microsoft Outlook is the #1 most well liked e mail and productiveness instrument, many make the most of just a fraction of its real power. This easy-to-understand consultant walks you thru an abundance of often-overlooked information and methods for you to reap the benefits of all that Outlook has to provide.

A professional's guide to data communication in a TCP/IP world

A reference consultant to the codes, protocols, networks, indications and gear that give the chance to speak utilizing TCP/IP.

Microsoft Office 365 Administration Inside Out

Overcome Microsoft workplace 365 administration-from the interior out! Dive into workplace 365 administration-and quite placed your structures services to paintings! This supremely geared up reference packs hundreds of thousands of timesaving options, roubleshooting suggestions, and workarounds. become aware of how the specialists take on eployment, configuration, and management-and problem your self to new degrees of mastery.

Mastering Microsoft Exchange Server 2013

The bestselling consultant to replace Server, totally up-to-date for the latest versionMicrosoft alternate Server 2013 is touted as an answer for reducing the full expense of possession, no matter if deployed on-premises or within the cloud. just like the past variants, this finished advisor covers each point of putting in, configuring, and handling this multifaceted collaboration procedure.

Additional resources for CISA Certified Information Systems Auditor All-in-One Exam Guide

Sample text

This includes setting strategic and tactical roles and responsibilities in more detail than done by the board of directors. The security strategy should be in harmony with the strategy for IT and the business overall. The steering committee should also ratify security policy and other strategic policies and processes developed by the CISO. • Chief information security officer (CISO) The CISO should be responsible for conducting risk assessments; developing security policy; developing processes for vulnerability management, incident management, identity and access management, and compliance management; and informing the steering committee and board of directors of incidents and new or changed risks.

For instance, an IT department does not necessarily need to create a document that describes the steps for operating a tape backup device when the device vendor’s instructions are available and sufficient. Also, IT procedure documents need not be remedial and include every specific keystroke and mouse click: they can usually assume that the reader has experience in the subject area and only needs to know how things are done in this organization. For example, a procedure document that includes a step that involves the modification of a configuration file does not need to include instructions on how to operate a text editor.

S6: Performance of Audit Work When conducting an audit, it is critical to provide reasonable assurance that audit objectives have been met; sufficient, reliable, and relevant evidence is collected; and all audit work is appropriately documented to support conclusions and findings. • S7: Reporting This standard provides guidance on audit reporting, including guidance on stating scope, objectives, audit work performed, and on stating findings, conclusions, and recommendations. • S8: Follow-up Activities IS auditors are responsible for particular follow-up activities once the findings and recommendations have been reported.

Download PDF sample

Rated 4.12 of 5 – based on 44 votes