10-02-2003, 01:33 AM
Hi phobia
Point to point answers to your queries
1. In a place like Pakistan, where IS auditing is still fresh and there arent many professionals around, even the passing of the exams without much experience counts. I would recommend that you go for the exams and then seek out a job in a firm which has an IS Risk Management Department.
2. Mostly self-study but if you live in Karachi, then u can attend a course carried out by CISA Karachi Chapter, which will next start in January or February of 2004. I myself attended that course and found it to be pretty helpful.
3. Manual is helpful for those ppl who have a background in IT and Information Systems. Basically it is a refresher manual of what you know on this subject and covers a vast area of study. According to ISACA, the manual should not be thought of as the only source nor should it be viewed as a comprehensive collection of all information and experience that is required in order to pass the exam.
A candidiate should also have good knowledge of ISACA IS Auditing Standards and some knowledge of Auditing as a whole. Other than these standards, a thorough review of COBIT is recommended for candidates preparing for the exams, although it is not specifically tested in the CISA exam.
The CD is good tool for testing one's knowledge and for practice purposes.
4. First of all, CISA is not just IT Auditing, it is IS Auditing which ofcourse as you mustve already known (coming from a BCS background), covers a much larger area. Since you are from a BCS background, the technical areas of the CISA course shouldnt be too much difficult for you to grasp. Therefore, the areas concerning Auditing theory and practice will need you extra attention.
Since i come from an auditing background (I am a CA), the situation was totally opposite for me and I had to focus on the technical areas of the courser rather than the Auditing areas.
Hope that these answers helped.
________________________
Arrrgh... it sure's gonna be mighty rough sailin' today ... mates!
Point to point answers to your queries
1. In a place like Pakistan, where IS auditing is still fresh and there arent many professionals around, even the passing of the exams without much experience counts. I would recommend that you go for the exams and then seek out a job in a firm which has an IS Risk Management Department.
2. Mostly self-study but if you live in Karachi, then u can attend a course carried out by CISA Karachi Chapter, which will next start in January or February of 2004. I myself attended that course and found it to be pretty helpful.
3. Manual is helpful for those ppl who have a background in IT and Information Systems. Basically it is a refresher manual of what you know on this subject and covers a vast area of study. According to ISACA, the manual should not be thought of as the only source nor should it be viewed as a comprehensive collection of all information and experience that is required in order to pass the exam.
A candidiate should also have good knowledge of ISACA IS Auditing Standards and some knowledge of Auditing as a whole. Other than these standards, a thorough review of COBIT is recommended for candidates preparing for the exams, although it is not specifically tested in the CISA exam.
The CD is good tool for testing one's knowledge and for practice purposes.
4. First of all, CISA is not just IT Auditing, it is IS Auditing which ofcourse as you mustve already known (coming from a BCS background), covers a much larger area. Since you are from a BCS background, the technical areas of the CISA course shouldnt be too much difficult for you to grasp. Therefore, the areas concerning Auditing theory and practice will need you extra attention.
Since i come from an auditing background (I am a CA), the situation was totally opposite for me and I had to focus on the technical areas of the courser rather than the Auditing areas.
Hope that these answers helped.
________________________
Arrrgh... it sure's gonna be mighty rough sailin' today ... mates!