The Certified Information Systems Auditor (CISA) certification is highly desired after credential for IT risk, IT security, and IT Auditors. Many CISA (Certified Information Systems Auditor) certified positions are available in reputable firms such as Internal Auditor, Accountant, Accounts and Audit Assistant...

Nowadays, it is no secret that technology has become an increasingly important aspect of our lives; as a result, the usage of technology and Information Systems (IS) in the business world has increased dramatically. This increase in the use of technology and Information Systems (IS) has surged in cybercrimes....

The Information Systems Audit and Control Association (ISACA) offers the designation of Certified Information Systems Auditor (CISA). The certification is a global standard for professionals in information systems, especially those who work in auditing, control, and security. In addition, the certifica...

Gantt charts:   Gantt chart is a type of bar chartthat illustrates a project schedule, named after its inventor, Henry Gantt A Gantt chart is a project management tool that assists in planning and scheduling projects of all sizes, although they are beneficial for simplifying complex project...

This article covers – Overall understanding of the domain Important concepts to focus on from exam point of view The article is split into 16 parts as below:        Part 1 – Information Security Management Systems (ISMS) – Its importance and key elements Part 2 – The Clas...

While performing the audit, the IS auditor initially performs compliance testing and then proceed with substantive testing. Now, let us understand the concepts of compliance testing and substantive testing in detail. After reading through this article, you will be able to understand the differences and the co...

This article covers – Overall understanding of the domain Important concepts to focus on from exam point of view The article is split into 10 parts as below:    Part 1 – Information Systems operations, Management of IS operations, ITSM Part 2 – Service Level Agreements, Operational...

PART 9 – CISA Domain 3 – Information Systems Acquisition, development and implementation What are the online audit techniques? Systems Control Audit Review and Embedded Audit Modules (SCARF/EAM) Snapshots Audit Hooks Integrated test facility (ITF) Continuous and intermittent simulati...

PART 8 – CISA Domain 3 – Information Systems Acquisition, development and implementation What is data integrity testing? What are the types of data integrity testing? Relational integrity testing Referential integrity testing What are the four online data integrity requirements? ...

PART 7 – CISA Domain 3 – Information Systems Acquisition, development and implementation What are the various data edits and controls? Sequence check Key verification Limit check Check digit Range check Completeness check Validity check Duplicate check Reasonableness chec...

PART 6 – CISA Domain 3 – Information Systems Acquisition, development and implementation What is Benchmarking process? What is Capacity Maturity Model Integration (CMMI)? What are process procedures and controls? 1. Benchmarking process: Benchmarking is about improving...

PART 5 – CISA Domain 3 – Information Systems Acquisition, development and implementation What does certification and accreditation mean? What does Artificial Intelligence (AI) and Expert systems mean? What is Agile development? What is software re-engineering? What is reverse engineering?...

PART 4 – CISA Domain 3 – Information Systems Acquisition, development and implementation What are the various testing classifications? Unit Testing System testing Integration/interface testing Final acceptance testing – QAT & UAT What are the other types of testing? ...

PART 3 – CISA Domain 3 – Information Systems Acquisition, development and implementation What are the roles and responsibilities of each individual in IS environment? What are project management practices? What are the methods of software size estimation? (1) SLOC and, (2) FPA How to measure...

PART 2 – CISA Domain 3 – Information Systems Acquisition, development and implementation What is Project Management structure? What are the project organizational forms? What is Project communication and culture? What are the project objectives? What is OBS and WBS? 4. Projec...

PART 1 – CISA Domain 3 – Information Systems Acquisition, development and implementation Overall understanding of Domain 3 What is benefits realization? What is portfolio management? What is Business case development and approval? What are the business realization techniques? Overall...

This article covers – Overall understanding of the domain Important concepts to focus on from exam point of view The article is split into 9 parts as below: Part 1 – Overall understanding, Benefits realization and its techniques, Portfolio management and business case Part 2 – Proje...

PART 5 – CISA Domain 2 – Governance and Management of IT What is the classification of systems and their criticality analysis? What are the components of Business Continuity Planning (BCP)? What is Plan testing? 13. Classification of systems and criticality analysis: C...

PART 4 – CISA Domain 2 – Governance and Management of IT What are the various Information Security roles and their Responsibilities? What is Business Continuity Planning (BCP)? What is Business Impact Analysis (BIA)? 10.Information Security – Roles and Responsibilities: ...

PART 3 – CISA Domain 2 – Governance and Management of IT What is Risk Management? What are the steps involved in Risk Management process? What is Human Resource Management? What are the Sourcing Practices? 7.Risk Management: The process of identifying vulnerabilitie...

PART 2 – CISA Domain 2 – Governance and Management of IT What is IT Balanced Score Card (BSC)? What are the roles and responsibilities of IT Governing Committee (IT Strategy and Steering committee)? What are the Maturity and process improvement models? 4.IT Balanced Score Card (B...

This article covers – Overall understanding of the domain Important concepts to focus on from exam point of view   The article is split into 5 parts as below: Part 1 – Corporate Governance, Governance of Enterprise IT (GEIT), Auditor’s role in GEIT Part 2 – IT Balanced Score ...

PART 3 8.Compliance testing Vs. substantive testing Compliance testing - determines whether controls are in compliance with management policies and procedures Examples: User access rights Program change control procedures Review of logs Software license audit Su...

  PART 2 4. Internal Controls: Internal controls are normally composed of policies, procedures, practices and organizational structures which are implemented to reduce risks to the organizations The board of directors are responsible for establishing the effective internal...

This article covers – Overall understanding of the domain Important concepts to focus on from exam point of view The article is split into 3 parts as below: Part 1 – Overall understanding of Domain 1, Important concepts from exam point of view – Audit charter, Audit planning, Risk analys...

New year 2020 is almost here with a lot of new career aspects in cybersecurity for all of you who are looking forward to prosper and be successful in the coming days. We all would agree to the fact that certification in Cybersecurity is a sure shot way of being valued as an expert professional in this domain....

Today, none of the organisation can survive or flourish without using technology. This has given a huge scope for the growth of career in the field of IT Security. Certified Information Systems Auditor (CISA) Certification is one of the most in-demand certification at present. It is a validation of possessin...

Have you been giving a thought to CISA Certification for sometime and not able to decide whether to go for it or not? There are many other professionals in a similar dilemma. The Internet is flooded with blogs and articles on the benefits of earning CISA Certification. Indeed, it offers life changing career o...

The CISA (Certified Information Security Auditor) Certification is a globally recognized certification awarded by ISACA. This certification validates the knowledge, skill, and expertise of an information security professional in the vital areas of managing vulnerabilities, instituting control, and ensuring co...

Imagine what happens when you use an app for fun and it turns out to be saving all your data silently? Even this thought of being vulnerable on this online space gives us a chill. But this is what has been actually discovered being done by the viral Faceapp. Yes! you read it right! Faceapp is one of the mo...

‘Certified Information systems auditor’ or popularly known as ‘CISA’ is a world-renowned certification from ISACA. This coveted CISA certification is for IT auditors or security professionals who would like to showcase their audit experience, skills and knowledge. The new CISA job practice comes in...

So you have finally decided to go through CISA certification Exam! It is definitely going to improve your system security management skills and to boost your professional career. But before you sit for the exam, it is important for you to prepare well and understand the format of the exam so that you can get ...

1. What is the CISA certification? Certified Information Systems Auditor, CISA is a globally valued certification devised and offered by ISACA that helps IT professionals gain expertise in monitoring, managing, and protecting the IT and business systems in the organizations. Passing the CISA certificatio...