CISA Review 2003 Introduction[2]
Transcript of CISA Review 2003 Introduction[2]
-
8/2/2019 CISA Review 2003 Introduction[2]
1/23
2002 ISACAIntroduction - page 1
CISA
Review Course2003
INTRODUCTION
Information Systems
Audit and controlAssociation
-
8/2/2019 CISA Review 2003 Introduction[2]
2/23
2002 ISACAIntroduction - page 2
ISACA was formed in 1969 to meet the unique,diverse and high technology needs of theburgeoning information technology field.
In an industry in which progress is measured innano-seconds, ISACA has moved with agility andspeed to bridge the needs of the internationalbusiness community and the information technology
controls profession.
ISACA
-
8/2/2019 CISA Review 2003 Introduction[2]
3/23
2002 ISACAIntroduction - page 3
Historyof the CISA Exam
The Certified Information Systems Auditor (CISA) Programwas established in 1978 to:
Develop and maintain a testing instrument that could beused to evaluate an individuals competency in conductinginformation systems audits
Provide a mechanism for motivating information systemsauditors to maintain their competencies and monitoring thesuccess of the maintenance programs
Aid top management in developing a sound informationsystems audit function by providing criteria for personnel
selection and development
-
8/2/2019 CISA Review 2003 Introduction[2]
4/23
-
8/2/2019 CISA Review 2003 Introduction[2]
5/23
2002 ISACAIntroduction - page 5
Professional RecognitionPersonal Pride
Being a CISA is more than passing anexamination.
It demonstrates the commitment, dedicationand proficiency required to excel in the audit,controland security professions.
The CISA designation identifies its holders asconsummate professionals who maintain acompetitive advantage among their peers
-
8/2/2019 CISA Review 2003 Introduction[2]
6/23
2002 ISACAIntroduction - page 6
Benefits of Becoming aCISA
Attests to an individual's informationsystems audit expertise.
Indicates a desire to serve an organization
with distinction.
Highly sought after professional designation.
Assures employers that their staff is able to
apply state-of-the-art information systemsaudit, security and control practices andtechniques and that these skills aremaintained.
-
8/2/2019 CISA Review 2003 Introduction[2]
7/232002 ISACAIntroduction - page 7
Requirements for
Certification Successfully complete the CISA examination.
Adhere to the Information Systems Audit
and Control Associations Code ofProfessional Ethics.
Submit a completed Application forCertification with evidence of a minimum of
five ( 5 ) years of professional informationsystems ( IS ) auditing, control and securitywork experience. Substitution and waiversmay apply. (explained in detail subsequently)
-
8/2/2019 CISA Review 2003 Introduction[2]
8/232002 ISACAIntroduction - page 8
The CISA Examination
Development of the Exam
One Process Area Six Content Areas
Studying
-
8/2/2019 CISA Review 2003 Introduction[2]
9/232002 ISACAIntroduction - page 9
Summary of CISA ContentAreas
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
The IS Audit Process ( 10%)
Management, Planning and Organization of IS ( 11%)
Technical Infrastructure and Operational Practices ( 13%)
Protection of Information Assets ( 25%)
Disaster Recovery and Business Continuity (10%)
Business Application System Development, Acquisition,
Implementation and Maintenance ( 16%)
Business Process Evaluation and Risk Management(15%)
-
8/2/2019 CISA Review 2003 Introduction[2]
10/232002 ISACAIntroduction - page 10
References
2003 CISA Review Manual
CISA Review Questions, Answers & Explanations Manual
CISA Review Questions, Answers & Explanations Manual:2002 and 2003 Supplements
Information Systems Control Journal (Formerly the ISAudit & Control Journal)
Handbook of IT Auditingwith 2001 Supplement, Warren,Gorham & Lamont
COBIT: Control Objectives for Information and relatedTechnology, 3rdEdition, 2000, IT Governance Institute andISACF
Information Systems Control and Audit, 1999, Weber
-
8/2/2019 CISA Review 2003 Introduction[2]
11/232002 ISACAIntroduction - page 11
How to Study for theCISA Examination
A proper study plan consists of many steps.
Self-appraisal
Determination of the type of study programto undertake
Having an adequate amount of time to prepare
Maintaining momentum
Readiness review
-
8/2/2019 CISA Review 2003 Introduction[2]
12/232002 ISACAIntroduction - page 12
Types of Questionson the Exam
All questions are multiple choice and are designedfor one best answer.
Questions require the candidate to choose theappropriate answer.
Every CISA question has a stem (question) and
four options (answer choices).
-
8/2/2019 CISA Review 2003 Introduction[2]
13/232002 ISACAIntroduction - page 13
Administration of theExamination
Administered on Saturday, 14 June 2003 (exacttime and location will be indicated on exam ticket )
The examination is offered in every city wherethere is an ISACA chapter or in locations where
there are five or more paid candidatesApproximately 190 Test Sites in 57 Countries
Dutch, English, French, German, Hebrew, Italian,Japanese, Korean, Spanish and Chinese Simplified
and Traditional Mandarin languages4 hours
200 Multiple-choice Questions
Passing Mark of 75 (scaled score)
-
8/2/2019 CISA Review 2003 Introduction[2]
14/232002 ISACAIntroduction - page 14
ISACA is pleased to offer this reviewcourse to our chapters and members.We sincerely hope that it will assist
candidates in preparing for the CISAexamination.
Information Systems
Audit and controlAssociation
-
8/2/2019 CISA Review 2003 Introduction[2]
15/23
-
8/2/2019 CISA Review 2003 Introduction[2]
16/232002 ISACAIntroduction - page 16
CISA Designation
Successfully complete CISA Examination
Adhere to ISACA Code of Professional Ethics
Adhere to Information Systems AuditingStandards
A minimum of 5 years of experience in You cant call yourself CISA until you complete the 5
years certification requirements
Waivers and Substitution for experience
Continuing Education Policy CPE hours
-
8/2/2019 CISA Review 2003 Introduction[2]
17/232002 ISACAIntroduction - page 17
Waiver on Experience
A maximum of 1 year of Information Systemsexperience OR1 year of Financial or OperationalAuditing experience can be substituted for 1year of Information Systems Auditing, Control,
or Security experience. (example CA)Any Bachelors degree earns you 2 yearscredit
2 years as a full time university instructor in arelated field (e.g., Computer Science, Accounting,
Information Systems auditing) can besubstituted for 1 year of Information SystemsAuditing, Control or Security experience.(example Teachers / Professor)
MAXIMUM EXEMPTION ALLOWED IS 3
-
8/2/2019 CISA Review 2003 Introduction[2]
18/23
2002 ISACAIntroduction - page 18
Please Note
Experience must have been gained within the
10-year period preceding the application for certification
or
within five (5) years from the date of initially passingthe examination
Application for certification must be submitted within five(5) years from the passing date of the CISA exam.
All experience will be verified independently withemployers. In the event of Multiple employers obtainmultiple certificates from employers and the current
employer certifies the total experience.
-
8/2/2019 CISA Review 2003 Introduction[2]
19/23
2002 ISACAIntroduction - page 19
CISA is / expected tospecialize
IS Audit, Control & Security
Specific Environments
IS Audit, Control & Security Tools
IS Auditing
Net Centric (Intranet/Extranet/Internet)Control & Security
IS Security CISM prospectIS Control
-
8/2/2019 CISA Review 2003 Introduction[2]
20/23
2002 ISACAIntroduction - page 20
Specialize
IS Control
IT Governance & BusinessManagement
E-business
Telecommunications
Project Management
-
8/2/2019 CISA Review 2003 Introduction[2]
21/23
2002 ISACAIntroduction - page 21
Opportunities in India
CISA is recognized in India by Govt ofIndia- Min of Information Technology
RBI has special recognition for CISA
Job Opportunities in Corporate bodies asspecialists
Special demand in Banking & other
Financial Sector due to regulatoryrequirements
Consulting opportunities
-
8/2/2019 CISA Review 2003 Introduction[2]
22/23
-
8/2/2019 CISA Review 2003 Introduction[2]
23/23
2002 ISACA
Thank You!
Questions are welcome!