ISACA CISA Review Manual 27th Edition

Document Content and Description Below

Chapter 1: Information System Auditing Process Overview Domain 1 Exam Content Outline Learning Objectives/Task Statements Suggested Resources for Further Study Self-assessment Questions Answers to ... Self-assessment Questions Part A: Planning 1.0 Introduction 1.1 IS Audit Standards, Guidelines and Codes of Ethics 1.2Business Processes 1.3 Types of Controls 1.4 Risk-based Audit Planning 1.5Types of Audits and Assessments Part B: Execution 1.6Audit Project Management 1.7Sampling Methodology 1.8Audit Evidence Collection Techniques 1.9Data Analytics 1.10 Reporting and Communication Techniques 1.11 Quality Assurance and Improvement of the Audit Process Case Study Case Study Answers to Case Study Questions OVERVIEW The information systems (IS) auditing process encompasses the standards, principles, methods, guidelines, practices and techniques that an IS auditor uses to plan, execute, assess and review business or information systems and related processes. An IS auditor must have a thorough understanding of this auditing process as well as IS processes, business processes and controls designed to achieve organizational objectives and protect organizational assets. This domain represents 21 percent of the CISA exam (approximately 32 questions). DOMAIN 1 EXAM CONTENT OUTLINE Part A: Planning 1.IS Audit Standards, Guidelines and Codes of Ethics 2.Business Processes 3. Types of Controls 4. Risk-based Audit Planning 5.Types of Audits and Assessments Part B: Execution 1. Audit Project Management 2.Sampling Methodology 3.Audit Evidence Collection Techniques 4.Data Analytics 5. Reporting and Communication Techniques 6. Quality Assurance and Improvement of the Audit Process LEARNING OBJECTIVES/TASK STATEMENTS Within this domain, the IS auditor should be able to: • Plan an audit to determine whether information systems are protected, controlled, and provide value to the organization. (T1) • Conduct an audit in accordance with IS audit standards and a risk-based IS audit strategy. (T2) • Communicate audit progress, findings, results and recommendations to stakeholders. (T3) • Conduct audit follow-up to evaluate whether risk has been sufficiently addressed. (T4) • Evaluate IT management and monitoring of controls. (T11) • Utilize data analytics tools to streamline audit processes. (T36) • Provide consulting services and guidance to the organization in order to improve the quality ......................................................................................................continued............................................................................................ [Show More]

Last updated: 1 year ago

Preview 1 out of 655 pages