Information System Audit / CISA

[Usman Zubair]

Hi. anyone pursuing the CISA qalification. Please contact

[jbladeus]

Hi Usman

I have given the CISA June 2003 attempt and am waiting for the result. What about u?

________________________
Arrrgh... it sure's gonna be mighty rough sailin' today ... mates!

[Usman Zubair]

I am a Associate Member, ICAP. Practicing in Lahore. I am preparing to take exam in 2004. Colud you please highlight the study material followed by you. It will be of a great help.

waiting for help.

[Usman Zubair]

Please can any body reply to my request. Because IS audit is the future shape of audit.

[CBPian]

Dear Usman
Although I am not pursuing CISA, I think they have a study text which should be followed.
According to my knowledge, it is not a very difficult examination (I did not pursue it for other reasons), you ought to have an understanding of Informations Systems and relevant audit techniques plus CISA ethics standards etc etc.
Good Luck

[CBPian]

Dear Usman
Although I am not pursuing CISA, I think they have a study text which should be followed.
According to my knowledge, it is not a very difficult examination (I did not pursue it for other reasons), you ought to have an understanding of Informations Systems and relevant audit techniques plus CISA ethics standards etc etc.
Good Luck

[sumaaan]

Don't have much info about CISA. However, hope this link will help you out.

http//www.isaca.org/isacafx.htm

I'll be glad to know the minimum requirements of it and how exactly is the qualification pursued, by report-submission/exams/etc.



Edited by - sumaaan on Aug 13 2003 034745 AM

[Bowman]

Hi....

next exam will be in June 2004..... U can get the Study Material i.e photocopy of CISA Review Manual from Karachi, I dont know if any shop in Lahore is catering it. Also, you can also have the CD containing 600 MCQ.

The exam is 4 hours long containing 200 MCQ. You can get the content area list from the website.....75 score is required to pass the exam

Also dowmload the IS Audit standards from the website as they will be useful

See you in June 2004 <img src=icon_smile.gif border=0 align=middle>

[sumaaan]

<BLOCKQUOTE id=quote><font size=1 face="Verdana" id=quote>quote<hr height=1 noshade id=quote>
Hi....

next exam will be in June 2004..... U can get the Study Material i.e photocopy of CISA Review Manual from Karachi, I dont know if any shop in Lahore is catering it. Also, you can also have the CD containing 600 MCQ.

The exam is 4 hours long containing 200 MCQ. You can get the content area list from the website.....75 score is required to pass the exam

Also dowmload the IS Audit standards from the website as they will be useful

See you in June 2004 <img src=icon_smile.gif border=0 align=middle>


<hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana" size=2 id=quote>


Thankyou for the information... I hope you can help me out with some more queries.

What are the minimum requirements and what future prospects does CISA hold?

[Bowman]

CISA is recognized worldwide, by all industries, as
the preferred designation for IS audit, control and security professionals.
Monetary aspects If we consider Middle East (as most of CA end up there).....CISA is getting 12-15k at the minimum.....

In paksitan, there is not much scope, as companies have yet to explore the idea of CISA.

As CPbian said that its not a very tough exam. Perhaps true....but passing exam is not very much that counts, to become a CISA (thatz getting a Certification), one has to complete 5 years of Computer Audit experience...... Our qualification and experience (CA) will qualify for 2/3 years..... and getting the remaining experience in Pakistan is a tough question indeed.

Min requirements..... Bachelors Degree....

Areas of study as under

Process-based Area
The IS Audit Process—Conduct IS audits in accordance with generally accepted IS audit standards and guidelines to ensure
that the organization’s information technology and business systems are adequately controlled, monitored and assessed.

Content Areas
1-Management, Planning and Organization of IS—Evaluate the strategy, policies, standards, procedures and related practices
for the management, planning and organization of IS.

2-Technical Infrastructure and Operational Practices—Evaluate the effectiveness and efficiency of the organization’s
implementation and ongoing management of technical and operational infrastructure to ensure that they adequately support
the organization’s business objectives.

3-Protection of Information Assets—Evaluate the logical, environmental and IT infrastructure security to ensure that it satisfies
the organization’s business requirements for safeguarding information assets against unauthorized use, disclosure,
modification, damage or loss.

4-Disaster Recovery and Business Continuity—Evaluate the process for developing and maintaining documented, communicated
and tested plans for continuity of business operations and IS processing in the event of a disruption.

5-Business Application System Development, Acquisition, Implementation and Maintenance—Evaluate the methodology and
processes by which the business application system development, acquisition, implementation and maintenance are
undertaken to ensure that they meet the organization’s business objectives.

6-Business Process Evaluation and Risk Management—Evaluate business systems and processes to ensure that risks are
managed in accordance with the organization’s business objectives.

[jbladeus]

Bowman is right about the study material. One might also try out books from indian writers like Rao which help one out in preparation for the exam, although i myself prepared by reading from the manual, the standards and the CD, alongwith taking a few classes held by the CISA Karachi chapter.

CISA is a very useful complimentary qualification to have, ie. it is the specialization in an area of audit which is seeing rapid growth and technological advancements these days. Companies in Pakistan which have a medium to large IT environment have begun to realise the need to have information security specialists who can critically identify, analyse and recommend solutions to IS threats affecting both the physical and logical IS infrastructure.

The requirements for CISA are not stringent. Anybody can sit in its exam after due preparation. But for its membership, ISACA requires atleast 5 years of experience in IS audit environement. Although the exam consists of MCQ type questions, but it is quite difficult and the minimum passing criteria is set at 75%. I would recommend atleast 5-6 months of proper preparation before sitting in the CISA exam.

I have sent also an email to Hussein Haji, the conveynor of the CISA Pakistan chapter, who might join this forum and will answer to your queries in detail.

________________________
Arrrgh... it sure's gonna be mighty rough sailin' today ... mates!

[Usman Zubair]

hi Bowman and all other guys thank for contributing.

Bowman, thanks for information on study material, is the CD also available in Pakistan relating to MCQ, for exam preparation.

Can u email the address from where i can get the study material plus CD.

Thanx

[Bowman]

if u r a member of any of the following yahoogroups, you can access both CD and standards from their yahoogroup website under the files section

FCA
KPMG Dudes

[sumaaan]

Thankyou for clarifying doubts and providing good information.

[Usman Zubair]

Hi BOWMAN

You forgot to mention the yahoo group list , please also mention the location of files section from where we can assess the CD.

Usman