Summary of effective approach in CISA Exam
This article is written by A.Rafeq, President and Shirish S. Deshpande. I found that the article really usefull. The original article is longer than this, but i simplify this article to the most important point based on my experience, and here is the effective approach in CISA exam.
Objective of CISA Exam
CISA Exam consists of 200 questions from 7 domains as detailed in the Candidates Guide to the CISA Exam. The CISA Exam tests minimum level of competence for conducting Information Systems Audit.
Understanding of IT
CISA Candidates are expected to have working knowledge of Information Technology. The basic understanding of Information Technology should cover key concepts of various components of Information Technology in their practical deployment. The IT knowledge should encompass overall understanding of IT Infrastructure, IT Facilities, various types of Computer hardware, Systems Software (Operating System, Database, Networking, Multimedia, etc), Business Application software, Office Automation Software and Audit Software. Further, candidates are expected to know concepts and practice of Management as relevant to IT deployment in enterprises
IT - Practical Training
Candidates who are not well conversant with IT are advised to do a practical course on IT covering hardware, systems software, office automation, business applications and audit software.
Getting CISA Perspective - practical approach
The overall understanding of a CISA candidate is expected to cover the related domains as per the objectives, tasks and knowledge statements given in the Candidates Guide to CISA Exam. Primarily it encompasses three major disciplines - Information Technology, Management and Auditing. The CISA candidates may follow the following approach for getting the perspective of a CISA:
- Obtain overall understanding of Information Technology - concepts and practice
- Understand the Risks of deployment of relevant IT Component
- Know the features and functionalities of Security and controls of IT Component
- Understand how controls could be implemented using the security features and functionalities so as to mitigate the risks in the relevant IT Component
- Learn how to identify the risks, review the related security, evaluate the implemented controls and identify areas of weaknesses.
CISA Candidates need to have conceptual clarity in the following key areas:
- The inherent risks of Implementing Information Technology
- Appropriate risk management strategy for mitigating these risks.
- Security and controls, which need to be implanted for, risk mitigation.
Do you any others tips for next CISA examination July 2008