Free Ebook CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier
As understood, lots of people claim that e-books are the custom windows for the world. It does not indicate that acquiring publication CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier will mean that you could purchase this world. Simply for joke! Reviewing a book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier will opened up someone to think better, to maintain smile, to captivate themselves, and also to encourage the knowledge. Every e-book likewise has their unique to affect the reader. Have you known why you review this CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier for?
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier
Free Ebook CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier
Exactly how if there is a website that allows you to hunt for referred book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier from throughout the world author? Instantly, the website will be incredible completed. Numerous book collections can be located. All will be so easy without complex point to move from website to website to get guide CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier wanted. This is the site that will certainly offer you those requirements. By following this site you can obtain great deals varieties of publication CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier compilations from versions sorts of author and also author prominent in this world. Guide such as CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier as well as others can be gained by clicking nice on web link download.
For everyone, if you wish to begin accompanying others to check out a book, this CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier is much suggested. As well as you need to get the book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier right here, in the web link download that we provide. Why should be below? If you desire various other kind of books, you will constantly find them as well as CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier Economics, national politics, social, scientific researches, religious beliefs, Fictions, and more books are supplied. These readily available books remain in the soft files.
Why should soft data? As this CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier, many individuals also will certainly need to acquire guide sooner. Yet, in some cases it's so far method to obtain guide CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier, also in various other country or city. So, to relieve you in finding the books CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier that will support you, we assist you by offering the listings. It's not just the list. We will certainly offer the suggested book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier web link that can be downloaded directly. So, it will certainly not need more times or even days to position it and various other publications.
Collect guide CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier begin with now. But the brand-new method is by collecting the soft data of guide CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier Taking the soft data can be conserved or kept in computer or in your laptop. So, it can be greater than a book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier that you have. The simplest method to reveal is that you can also conserve the soft data of CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier in your suitable and available gadget. This condition will certainly mean you frequently read CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier in the spare times greater than chatting or gossiping. It will not make you have bad habit, yet it will lead you to have far better practice to review book CISA Exam Cram 2: Certified Information Systems Auditor, By Allen Keele, Keith Mortier.
Want an affordable yet innovative approach to studying for the Certified Information Systems Auditor (CISA) 2005 exam? CISA 2005 Exam Cram 2 is your solution. You will have the essential material for passing the CISA 2005 exam right at your fingertips. All exam objectives are covered and you'll find practice exams, exam alerts, notes, tips and cautions to help guide you through your exam preparation. A CD also provides you with a video introduction to the exam and complete explanations of answers to the practice questions from Certified Tech Trainers (CTT). As a special bonus, you will receive $75 in discounts on CTT products and services. For your smartest, most efficient way to get certified, choose CISA 2005 Exam Cram 2.
- Sales Rank: #1194465 in Books
- Published on: 2005-04-30
- Original language: English
- Number of items: 1
- Dimensions: 8.90" h x 1.20" w x 6.00" l, 1.24 pounds
- Binding: Paperback
- 456 pages
From the Back Cover
Want an affordable yet innovative approach to studying for the Certified Information Systems Auditor (CISA) 2005 exam? "CISA 2005 Exam Cram 2" is your solution. You will have the essential material for passing the CISA 2005 exam right at your fingertips. All exam objectives are covered and you'll find practice exams, exam alerts, notes, tips and cautions to help guide you through your exam preparation. A CD also provides you with a video introduction to the exam and complete explanations of answers to the practice questions from Certified Tech Trainers (CTT). As a special bonus, you will receive $75 in discounts on CTT products and services. For your smartest, most efficient way to get certified, choose "CISA 2005 Exam Cram 2."
About the Author
Allen Keele has 20 certifications, the CISA, CISM, CISSP, and Security+ among them.� As president and program developer for Certified Tech Trainers, he has over 14 years experience in information security and risk management. He has authored books on security and lectures at leading companies such as Deloitte and Touche, Blue Cross-Blue Shield, and Fujitsu.�
Keith Mortier holds a CISA and CISSP certification and a BS in Computer Information Systems. Within the IT industry, Keith has designed and implemented risk assessment, vulnerability testing and disaster recovery-security plans. Keith is president of LMI solutions providing security services to both commercial and government clients.
Excerpt. � Reprinted by permission. All rights reserved.
Introduction Introduction
Welcome to Information Systems Audit and Controls Association's Certified Information Systems Auditor (CISA) Exam Cram 2! Whether this is your first or your fifteenth Exam Cram 2 series book, you will find information here that will help ensure your success as you pursue knowledge, experience, and certification. This introduction explains ISACA certification programs in general and talks about how the Exam Cram 2 series can help you prepare for the CISA exam. This chapter discusses the basics of ISACA certification exams, including a description of the testing environment and a discussion of test-taking strategies. Chapters 1 through 7 are designed to remind you of everything you need to know to take—and pass—the CISA certification exam. The two sample tests at the end of the book should give you a reasonably accurate assessment of your knowledge—and, yes, we've provided the answers and their explanations to the tests. Read the book and understand the material, and you'll stand a very good chance of passing the test.
Exam Cram 2 books help you understand and appreciate the subjects and materials you need to pass ISACA certification exams. Exam Cram 2 books are aimed strictly at test preparation and review. They do not teach you everything you need to know about a topic. Instead, we present and dissect the questions and problems we've found that you're likely to encounter on a test. We've worked to bring together as much information as possible about ISACA certification exams.
Nevertheless, to completely prepare yourself for any ISACA test, we recommend that you begin by taking the Self-Assessment that is included in this book, immediately following this introduction. The Self-Assessment will help you evaluate your knowledge base against the requirements for an ISACA Certified Information Systems Auditor under both ideal and real circumstances.
Based on what you learn from the Self-Assessment, you might decide to begin your studies with some classroom training, some practice with systems auditing, or some background reading. On the other hand, you might decide to read one of the many study guides available from ISACA or third-party vendors on certain topics, including the award-winning certification preparation series from Que Publishing. We also recommend that you supplement your study program with visits to http://www.examcram2.com to receive additional practice questions, get advice, and track the CISA program.
About the CISA Exam and Content AreasThe Information Systems Audit and Control Association (ISACA) developed the Certified Information Systems Auditor (CISA) program in 1978 to accomplish these goals:
-
Develop and maintain a testing instrument that could be used to evaluate an individual's competency in conducting information systems audits
-
Provide a mechanism for motivating information systems auditors to maintain their competencies and monitoring the success of the maintenance programs
-
Aid top management in developing a sound information systems audit function by providing criteria for personnel selection and development
The CISA program is designed to assess and certify individuals in the IS audit, control, or security profession who demonstrate exceptional skill, judgment and proficiency in IS audit, control, and security practices.
More than 35,000 professionals have earned the CISA certification since inception, and the certification is widely respected as a premier information security and information systems auditing accreditation. The certification continues to grow in acceptance and employer desirability; more than 15,000 candidates are expected to register for the 2005 exam (15% growth from 2004).
The CISA exam is offered only once per year, in early June; the exam for 2005 is offered on June 11. You may register as early as February 2, 2005, and the registration deadline is March 30, 2005. You should note that this exam is not computerized and is not provided through conventional testing centers such as Prometric or Vue. You may register online at http://www.isaca.org or take the exam at any ISACA chapter location. The current published exam registration fee is $385 for members and $505 for nonmembers. The best place to learn more about the CISA certification and the CISA exam is http://www.isaca.org.
The Information Systems Audit and Control Association states that the tasks and knowledge required of today's and tomorrow's information systems audit professional serve as the blueprint for the CISA examination. These areas are defined through a Practice Analysis that is conducted at regular intervals and consists of both process and content components in a CISA's job function. Accordingly, exams consist of tasks that are routinely performed by a CISA and the required knowledge to perform these tasks.
How valuable is the CISA certification to employers and individuals? Sometimes the best measure of a certification's value is reflected by how certification holders feel about the certification after having achieved it. In 2001, ISACA surveyed its membership to obtain feedback from CISA certified professionals as to whether obtaining the certification had advanced their careers. Seventy-one percent of members holding the CISA certification affirmed the value of the certification toward career advancement, and 75% of all members, certified and noncertified alike, felt that the CISA certification would be valuable for career advancement in the future.
Another measure of a certification's value can be found by assessing the desirability of the certification to employers. How many employers desire the certification as an employment prerequisite? Looking to popular job boards on the Internet such as Monster.com, TotalJobs.com, and Workthing.com, we can see that the quantity and quality of jobs requiring CISA certification are growing every month.
What is driving the employer demand for the CISA certification? Companies are under growing pressure to improve, document, and test their methods for managing information. As the late Dr. W. E. Deming (1900–1993) was able to prove, the quest for quality of processes and product is achieved through careful measurement of what exists, thorough analysis of defects, and effective remediation and correction. The quest for quality is just that: a quest. This means that quality improvement is an ongoing process that requires continuous reassessment. Assessing the capability of information systems to support business goals while maintaining information confidentiality, integrity, and reliability is exactly what a Certified Information Systems Auditor (CISA) does well.
It is easy enough to create and implement a technology for processing information, which is what the majority of individuals within the information technology (IT) industry are tasked with. However, using IT to facilitate communication and information management is only half the story. Today we need to make sure that IT not only does what it is supposed to do, but also that it will not do what it is not supposed to do. For example, we have created systems to facilitate online commerce and transaction processing. Will those same systems ensure that no transactional errors occur? Will those systems resist accidental or purposeful and malicious modification of data? Do the systems protect the information confidentiality well enough to comply with new privacy laws and standards? We cannot know the answers to these questions unless we have professionally reviewed, measured, and tested the systems. Again, this is what a CISA does.
Although many organizations strive to ensure quality of processes and manufacturing according to ISO standards such as the ISO 9000 series, for competitive reasons, other organizations are forced to invest in quality assurance to comply with the law. Either way, most organizations are spending increasing amounts of money to improve corporate governance. We draw from this example to show the importance of improving IT governance in today's corporate and governmental environment.
In the United States, the healthcare industry is painfully aware of the effects the Health Insurance Portability and Accountability Act (HIPAA) has had on how it does business and manages information. How does an affected healthcare entity prove systems compliance with HIPAA? Why, an audit must be performed! Who directs or assists such a specialized systems audit? Finding someone certified to perform professional systems audits might be a good start. A CISA perhaps?
Likewise, other U.S. legislation, such as the Gramm-Leach-Bliley Act of 1999 (affecting financial institutions) and the Sarbanes-Oxley Act of 2002 (affecting all organizations that are publicly traded on the New York Stock Exchange), are forcing companies to change they way they do business and manage information. Other countries around the world have instituted similar laws or are in the process of creating similar laws. Just look at the United Kingdom's Combined Code, more commonly known as the Turnbull report, and you will see what we mean. Proving compliance with any legislation requires testing and documentation. Testing and documentation of systems controls is what a CISA systems auditor does. The simple fact is that there are new and compelling reasons for companies and government agencies to increase and improve systems auditing, and they need CISA professionals to help them.
The CISA examination is quite broad in scope. The following is a brief description of each topic area. As we move through the chapters, we cover each area in greater detail and provide a map for navigating the CISA exam.
-
Area 1—Management, planning, and organization of IS comprise 11% of the exam. Evaluate strategy, policies, standards, procedures, and related practices for the management, planning, and organization of IS.
-
Area 2—Technical infrastructure and operational practices comprise 13% of the exam. Evaluate the effectiveness and efficiency of the organization's implementation and ongoing management of technical and operational infrastructure to ensure that they adequately support the organization's business objectives.
-
Area 3—Protection of information assets comprises 25% of the exam. Evaluate IT infrastructure security to ensure that it satisfies the organization's business requirements for safeguarding information assets against unauthorized use, disclosure, modification, damage, and loss.
-
Area 4—Disaster recovery and business continuity comprise 10% of the exam. Evaluate the process for developing and maintaining documented, communicated, and tested plans for the continuity of business operations and IS processing in the event of a disruption.
-
Area 5—Business application system development, acquisition, implementation, and maintenance comprise 16% of the exam. Evaluate the methodology and processes by which the business application system development, acquisition, implementation, and maintenance are undertaken to ensure that they meet the organization's business objectives.
-
Area 6—Business process evaluation and risk management comprise 15% of the exam. Evaluate business systems and processes to ensure that risks are managed in accordance with the organization's business objectives.
-
Area 7—The IS audit process comprises 10% of the exam. Conduct IS audits in accordance with generally accepted IS audit standards and guidelines to ensure that the organization's information technology and business systems are adequately controlled, monitored, and assessed.
Reference: http://www.isca.org
How to Prepare for the ExamThe CISA exam is somewhat difficult to prepare for because it is very broad in scope and asks indirect questions requiring strong cognitive skills. The exam is also unusual in its format. The exam is not computerized and is presented as 200 multiple-choice questions in a paper exam booklet. You are required to provide your answers on a familiar "fill-in-the-bubble" answer sheet.
This is not an exam that you can adequately prepare for by simply rote- memorizing terms and definitions. You need to be able to analyze a scenario and answer by combining various knowledge points from various topic areas. Successfully completing this exam requires a great deal of thought and analysis to properly choose the "best" solution from several "viable" solutions. Having successfully passed the CISA, CISSP, Security+, SCNP, CCSE, CCSI, CCNP, CCNA, MCSE, CCEA, and a multitude of other technical and professional certifications, Allen Keele is able to provide valuable exam-taking tips in the audiovisual presentation of the computer-based training available on the accompanying CD-ROM within this book.
Additional Exam-Preparation ResourcesBecause the scope of the CISA certification is so broad, you could spend months, or even years, reading the myriad of books recommended by ISACA. Unfortunately, there is not much available for the individual seeking a concise distillation of the exam topics only—hence the need for this book! However, other resources are available via additional books and instructor-led training.
-
Information Systems Audit and Controls Association (ISACA)—ISACA sells exam-preparation materials on its website, and we recommend that you seriously consider augmenting your studies with these two:
-
CISA Review Manual —Note that this book is purposed as a review manual. As such, many of my students have found it difficult to prepare for the CISA exam with this book because it tends to focus on strictly review points rather than teaching the supporting concepts. It has been my experience that much of the exam relates to the content of ISACA's CISA Review Manual, but you should be forewarned that it does not seem to provide 100% of the content necessary to pass the exam. We personally found it impossible to do well on ISACA's practice exams after having thoroughly read this book. In spite of this, we recommend it as a supplemental resource. This book is available for purchase at http://www.isaca.org.
-
CISA Review Questions, Answers, and Explanations CD-ROM (650 Questions) Edition . This is an excellent resource, if you can afford it. Although you should not expect to see a great deal of direct overlap with your real exam, the practice questions provided in this resource nicely fortify your ability to achieve success on exam day. We found the questions to relate much more closely to the actual exam than the content from the CISA Review Manual. The questions might not teach you necessary concepts as well as other mediums, but this is an excellent resource for final exam preparation. This resource is available for purchase at http://www.isaca.org.
-
Instructor-led training—Instructor-led training for CISA exam preparation is somewhat scarce. As a matter of fact, comprehensive training for information systems and controls auditing is scarce as well. Some ISACA chapters provide review sessions in the months just before the exam. These sessions can vary in price and are not controlled for content quality or consistency by ISACA itself. Whereas ISACA provides template material to present from, the chapters have complete discretion regarding what is actually delivered and how it is delivered. Typically, the sessions are provided by chapter members on a volunteer basis in their spare time. As you can see, it is difficult to really be sure of what to expect in terms of the quality of content and presentation style. Session locations and registration information is available at http://www.isaca.org.
A few professional training organizations are starting to offer specialized training for systems auditing and assurance. One of the authors of this book, Allen Keele, is the lead content developer and lecturer for IT auditing and assurance courses provided by Certified Tech Trainers. As such, he has developed a very specialized custom curriculum focused on the core essentials of IT auditing and IT governance best practices. Certified Tech Trainers provides these courses at various locations throughout the world. These courses are far more than simple exam-preparation reviews and are priced accordingly. However, if you are looking for a complete course on IS auditing so that you can learn about CISA exam topics, as well as many other critical IS auditing topics not covered on the exam or in this book, you might want to take a look at CTT's course offerings and decide whether instructor-led training is a viable and attractive alternative for you. Session locations and registration information are available at http://www.certifiedtechtrainers.com.
This book is designed to be read as a pointer to the areas of knowledge you will be tested on. In other words, you might want to read the book one time just to get insight into how comprehensive your knowledge of this topic is. The book is also designed to be read shortly before you go for the actual test and to give you a distillation of the field of systems auditing in as few pages as possible. We think you can use this book to get a sense of the underlying context of any topic in the chapters—or to skim-read for Exam Alerts, bulleted points, summaries, and topic headings.
We have drawn on material from ISACA's own listing of knowledge requirements, from other preparation guides, and from the exams themselves. We have also drawn from a battery of third-party test-preparation tools and technical websites, as well as from our own experience with application development and the exam. Our aim is to walk you through the knowledge you will need—looking over your shoulder, so to speak—and point out those things that are important for the exam (Exam Alerts, practice questions, and so on). Much of the explanation of concepts has been derived from Certified Tech Trainer's professional instructor-led training for IT Auditing and Assurance, Information Security Essentials and Best Practices, Business Continuity and Disaster Recovery Management, and Business Continuity: Incident Response. By reading this book, you will not only gain from the experience of real-world professional information systems auditors, but you will also enjoy the benefit of costly professional content development.
The CISA exam makes a basic assumption that you already have a strong background in information systems auditing and controls. On the other hand, because the systems auditing requirements and practices constantly evolve, no one can be a complete expert. We have tried to demystify the jargon, acronyms, terms, and concepts. In addition, wherever we think you are likely to blur past an important concept, we have defined the assumptions and premises behind that concept.
Contacting the AuthorsWe have tried to create a real-world tool that you can use to prepare for and pass the CISA certification exam. We are interested in any feedback you would care to share about the book, especially if you have ideas about how we can improve it for future test-takers. We will consider everything you say carefully and will respond to all reasonable suggestions and comments. You can reach Allen Keele via email at allenk@certifiedtechtrainers.com, and you can reach Keith Mortier via email at kmortier@lmisol.com.
Let us know if you found this book to be helpful in your preparation efforts. We would also like to know how you felt about your chances of passing the exam before you read the book and then after you read the book. Of course, we would love to hear that you passed the exam—and even if you just want to share your triumph, we would be happy to hear from you.
Thanks for choosing us as your personal trainers, and enjoy the book. We would wish you luck on the exam, but we know that if you read through all the chapters and have some real-world information systems and controls auditing experience, you will not need luck—you will pass the test on the strength of real knowledge!
What This Book Will Not DoThis book will not teach you everything you need to know about auditing systems and controls, or even about an auditing standard or procedure. Nor is this book an introduction to computer technology. This book reviews what you need to know before you take the test, with its fundamental purpose dedicated to reviewing the information needed on the ISACA CISA certification exam.
This book uses a variety of teaching and memorization techniques to analyze the exam-related topics and to provide you with everything you will need to know to pass the test. Again, it is not a comprehensive introduction to information systems and controls auditing.
About the BookIf you are preparing for the CISA exam for the first time, you should know that we have structured the topics in this book to correspond directly to the CISA exam objective content areas as published by ISACA. The topic areas for the exam often overlap in required understanding and can sometimes seem somewhat redundant. Topic areas can often intertwine, to make elimination of redundancy unavoidable. Try not to let redundancy bother you; instead, let it reinforce the concept interdependencies you need to understand to pass the CISA exam.
We suggest that you read this book from front to back. You will not be wasting your time because nothing we have written is a guess about an unknown exam. We have had to explain certain underlying information on such a regular basis that we have included those explanations here.
After you have read the book, you can brush up on a certain area by using the index or the table of contents to go straight to the topics and questions you want to re-examine. We have tried to use the headings and subheadings to provide outline information about each given topic. After you have been certified, we think you will find this book useful as a tightly focused reference and an essential foundation of information systems and controls auditing.
Each Exam Cram 2 chapter follows a regular structure, along with graphical cues about especially important or useful material. The structure of a typical chapter is as follows:
-
Opening hotlists—Each chapter begins with lists of the terms you will need to understand and the concepts you will need to master before you can be fully conversant in the chapter's subject matter. We follow the hotlists with a few introductory paragraphs, setting the stage for the rest of the chapter.
-
Topical coverage—After the opening hotlists, each chapter covers the topics related to the chapter's subject.
-
Exam Alerts—Throughout the text, we highlight material most likely to appear on the exam by using a special Exam Alert that looks like this:
-
Notes—This book is an overall examination of information systems and controls auditing. As such, we dip into many aspects of systems auditing. Where a body of knowledge is deeper than the scope of the book, we use notes to indicate areas of concern.
-
Tips—We provide tips that will help you to build a better foundation of knowledge or to focus your attention on an important concept that reappears later in the book. Tips provide a helpful way to remind you of the context surrounding a particular area of a topic under discussion.
-
Practice questions—This section presents a short list of test questions related to the specific chapter topic. Following each question is an explanation of both correct and incorrect answers. The practice questions highlight the areas we found to be most important on the exam.
Caution - This is what an Exam Alert looks like. An Exam Alert stresses concepts, terms, or best practices that will most likely appear in one or more certification exam questions. For that reason, we think any information presented in an Exam Alert is worthy of unusual attentiveness on your part.
Even if material is not flagged as an Exam Alert, all the content in this book is associated in some way with test-related material. What appears in the chapter content is critical knowledge.
Note - Cramming for an exam will get you through a test, but it will not make you a competent information systems auditing professional. Although you can memorize just the facts you need to become certified, your daily work in the field will rapidly put you in water over your head if you do not know the underlying principles of systems auditing and IT governance.
Tip - An IS auditor's primary responsibility is to advise senior management of the risk involved in not implementing proper segregation of duties, such as having the security administrator perform an operations function.
The bulk of the book follows this chapter structure, but we would like to point out a few other elements:
-
Glossary—This is an extensive glossary of important terms used in this book.
-
The Cram Sheet—This appears as a tear-away sheet inside the front cover of this Exam Cram 2 book. It is a valuable tool that represents a collection of the most difficult-to-remember facts and numbers we think you should memorize before taking the test. Remember, you can dump this information out of your head onto a piece of paper as soon as you enter the testing room. These are usually facts that we have found require brute-force memorization. You need to remember this information only long enough to write it down when you walk into the test room. Be advised that you will be asked to surrender all personal belongings other than pencils before you enter the exam room itself.
-
The CD—The CD also contains the Certified Tech Trainers exam-simulation software. The included software provides an additional 200 practice questions in electronic format. CTT's practice questions even include audiovisual mentored feedback for each question, to reteach you the information you need to correctly answer the question, or possibly just to teach you professional exam-taking shortcuts for answering difficult questions. In addition to more practice questions with audio/video mentored feedback, the CD contains a short audiovisual presentation by one of this book's authors, Allen Keele. The presentation gives you a good orientation to "set the scene" for this book, the CISA certification, and the information systems auditing and security environment.
You might want to look at the Cram Sheet in your car or in the lobby of the testing center just before you walk into the testing center. The Cram Sheet is divided under headings, so you can review the appropriate parts just before each test.
Most helpful customer reviews
16 of 16 people found the following review helpful.
Excellent book for CISA prep.
By Richard
I have been trying to prepare for the upcoming ISACA CISA exam using materials from ISACA, namely the 2005 CISA Review Manual and the ISACA practice questions on CD. I have personnally found the ISACA material a bit challenging to prep from since the CD questions refer to many sources besides the ISACA Review Manual.
This Exam Cram prep book is EXCELLENT. It maps directly to the exam objectives, and teaches the material in a way that I can understand and retain. The book is FILLED with "Exam Alerts" so you do not have to wonder if you've missed important key learning points for test prep.
The CD that comes with the book has some very good practice questions as well. The answers are even explained with audio/visual clips that often show the author's technique for ferreting the answer from the question itself. Nice.
The seminars on the CD were very informative too, and provided additional content beyond the book. Nice. For twice the price, this book would still be a must-have CISA prep resource.
14 of 14 people found the following review helpful.
For a cursory appraisal of one's knowledge
By H. Lam
Per the authors' intent, CISA Exam Cram 2 is not meant to be a comprehensive preparation for the Certified Information Systems Auditor exam, but a summary of its important elements. As such, this book does a fair job, and I would recommend the book as a cursory appraisal of one's knowledge to identify areas for further study.
There are some idiosyncrasies in the book, such as:
- "4GL languages are inappropriate for designing any intensive data-calculation procedures" (Page 259);
but the book appears to be reflective of ISACA test policy. The authors and the publishing company were responsive to my questions about content in the book.
CISA Exam Cram 2 also includes a set of practice multiple-choice questions on CD-ROM. Registration of the book online entitles one to a bonus set of questions. As the book is not comprehensive, neither are the practice questions - in that they mirror the material in the book, and in that they require less analytical reasoning than typical of the actual exam. The answers do not explain why a particular choice is right compared to other choices, and why other choices are wrong. Nonetheless, the practice questions are a good value, considering their price and that the actual exam may also ask basic questions.
One should look to other resources for in-depth preparation (one can ask for recommendations in the various Yahoo and Google Groups dedicated to the CISA exam), but CISA Exam Cram 2 deserves to be considered as an introductory part of a rigorous curriculum in preparation for ISACA's Certified Information Systems Auditor exam. It is probably best to use this book before December 2005. ISACA has stated that the 2006 exams will cover new practice areas.
13 of 14 people found the following review helpful.
Very well written - not quite aligned with the CISA exam
By Eric Svetcov
I used this book and the associated test questions as my primary study resource for the June 11, 2005 CISA exam. I thought that the book was extremely well written and the practice test questions were very well aligned with the book; however, after just experiencing the test this past weekend, I am a bit concerned that the material in the book was not well aligned with the test. Sure, the topics were the same, but the real test hit on areas the book didn't cover. I would say that between 20 and 30 percent of the test was very well covered by this book and another 30 to 40 percent was fairly well covered; however, the remaining 30-50 percent was not well covered. It is possible that by using just this book to study that you will be able to pass the test; however, you will need to know quite a bit already and this book will need to fill-in areas you didn't already know about.
Incidentally, if I did pass using just this book, I will come back and report that....in a few months.
*****Returning to Continue Review*****
As I mentioned before, I indicated I would come back and say whether I passed or not (I passed). This book and the practice questions that were bundled with this book were my only study materials. I have been working for a big 4 accounting firm for nearly a year and have in addition to the CISA a CISSP, CWNA, and MCP. I've been working in IT for over 10 years.
As I alluded to in my first review, this book is not completely aligned with the test; however it is well written and the test questions are well aligned with the book.
I'm fairly sure that without my background that this book alone would not have been enough. I would suggest that at least you pickup alternate test questions from some other source or read alternate study materials in addition to this book. Although I did well on the test, significantly better than many others who passed, I did feel underprepared while taking the test.
Good luck on your studies.
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier PDF
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier EPub
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier Doc
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier iBooks
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier rtf
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier Mobipocket
CISA Exam Cram 2: Certified Information Systems Auditor, by Allen Keele, Keith Mortier Kindle