Commencez à lire CISA Certified Information Systems Auditor Study Guide sur votre Kindle dans moins d'une minute. Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.

Envoyer sur votre Kindle ou un autre appareil

 
 
 

Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

Tout le monde peut lire les livres Kindle, même sans un appareil Kindle, grâce à l'appli Kindle GRATUITE pour les smartphones, les tablettes et les ordinateurs.
CISA Certified Information Systems Auditor Study Guide
 
Agrandissez cette image
 

CISA Certified Information Systems Auditor Study Guide [Format Kindle]

David L. Cannon
4.0 étoiles sur 5  Voir tous les commentaires (1 commentaire client)

Prix conseillé : EUR 49,44 De quoi s'agit-il ?
Prix Kindle : EUR 34,61 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 14,83 (30%)

Formats

Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 34,61  
Broché --  
-40%, -50%, -60%... Découvrez les Soldes Amazon jusqu'au 5 août 2014 inclus. Profitez-en !





Descriptions du produit

Présentation de l'éditeur

Prepare for CISA certification and improve your job skills with the training you'll receive in this valuable book. Covering the very latest version of the exam, it's packed with instruction on all exam content areas, including the most up-to-date regulations, IS auditing best practices, and compliances. You'll find practical exercises and plenty of real-world scenarios—just what you need for the CISA exam, and beyond.

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.


Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 5878 KB
  • Nombre de pages de l'édition imprimée : 624 pages
  • Editeur : Sybex; Édition : 2 (6 octobre 2009)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B0015DROWI
  • Synthèse vocale : Activée
  • X-Ray :
  • Moyenne des commentaires client : 4.0 étoiles sur 5  Voir tous les commentaires (1 commentaire client)
  •  Souhaitez-vous faire modifier les images ?


En savoir plus sur les auteurs

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne 

5 étoiles
0
3 étoiles
0
2 étoiles
0
1 étoiles
0
4.0 étoiles sur 5
4.0 étoiles sur 5
Commentaires client les plus utiles
0 internautes sur 1 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Très bon livre .... 29 juillet 2009
Par IggyZen
Format:Broché
... qui permet de se rendre compte de la relative aridité du sujet et, fort heureusement, nous détourner de la certification pour réserver son temps à des matières plus sympathiques. Si vous aimez la sécurité informatique, malgré la partie qui la traite, passez votre chemin sauf si l'audit est décidément votre vocation. Le gros du livre traite, comme la certification l'exige, du système d'information dans son étendue.
Je ne peux pas mal noter ce livre à cause de ma propre erreur d'aiguillage.
Avez-vous trouvé ce commentaire utile ?
Commentaires client les plus utiles sur Amazon.com (beta)
Amazon.com: 3.8 étoiles sur 5  47 commentaires
31 internautes sur 34 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 I Passed the Dec 06 CISA Exam Thanks to this Book 6 février 2007
Par Christiaan Huygens - Publié sur Amazon.com
Format:Broché
First, this should not be your only reference. There: got that out of the way.

I recommend this book along with the official questions and answers book and the official questions and answers supplement.

This book does a very good job of covering every topic with which you need to be very familiar in order to pass the test. It covers the practice areas as updated for 2006, which haven't changed for 2007. However, the questions in this book are terrible and do not represent the questions you will be asked on the actual test. Also, there are many editing errors in this book so be on the lookout.

The official questions and answers book and its supplement are essential. The test questions are often misleadingly (or just poorly) worded and correctly answering the multiple choice questions often comes down to almost arbitrarily deciding which one is "most" correct. You will have a hard time on the exam if you haven't subjected yourself to this abuse before hand.

I do not recommend the official study guide. The official study guide is so terrible on so many levels I wished I could throw it at an ISACA official after wasting my time and money on it. The writing is terrible: redundant, dry, and often times of questionable use and technical accuracy. The book itself has terrible typography and pedagogy that make it painful to read. The softcover, oversized dimensions, and spiral binding make it very annoying to carry or store anywhere other than on a flat desktop since it flops around. That it was so obviously cheaply produced and yet costs more than $100 is insulting.

So, in summary: This book is worth your money despite its flaws and will help you pass the CISA exam. Make sure you also buy the official questions and answers book and its supplement. Avoid the official study guide.
20 internautes sur 21 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Having Fun with CISA 4 octobre 2006
Par Taylor B. Oneal - Publié sur Amazon.com
Format:Broché|Achat vérifié
The CISA test itself is pretty much BS. The questions are worded badly, there's a few false alternatives and plain weird ones. Definitely still possible to pass it with the curve ISACA adds.

The official ISACA book is absolutely worthless. It's like reading a dictionary, a dictionary that repeats sentences, is overly wordy and reading is like eating cardboard. The ISACA questions CD however is highly worth it and very close to the questions you'll end up getting. Combine that CD with this third party book and cd and you'll be set. Good luck.
18 internautes sur 20 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Learn to Think like an Auditor 6 février 2008
Par Miriam - Publié sur Amazon.com
Format:Broché|Achat vérifié
After waiting eight weeks for my score, I can finally breathe a sigh of relief: I passed the CISA exam!

Preparing for and taking the CISA exam is a painful and frustrating process. I used this book in combination with the CD of 700+ questions from ISACA. I work as a network security professional, so I also relied heavily on my own experience and the experience of my colleagues. I interviewed colleagues extensively, particularly those with bank auditing experience and background in the financial industry.

My own background includes 10 years as a Network Administrator. I had few worries about the technical material: my main concern was how to think like an auditor. In that, I found this book very helpful. I read through it more than once. The chapters introducing audit concepts I read three times, taking notes and paying close attention. It was important to learn how to translate my technical knowledge into the framework of auditing: concepts such as auditor independence, material evidence, chain-of-custody -- these were issues that were new to me, or at least new in this context.

I strongly recommend the book to technical people who need a way to shift their viewpoint into the mindset of an auditor. There is a structure to auditing that is not covered in most IT training, and thus is new to us. But the knowledge gained is immediately useful and has real-world applications, especially if you already work in the IT security field.

For familiarity with the actual CISA exam questions, I recommend use of the CD available from ISACA. The exam itself is full of ambiguous questions. Even now, I don't know if my passing score reflects actual auditing skill or luck in interpreting the questions. The exam was also grueling due to uncomfortable seating with very little elbow room. It's an unpleasant ordeal all the way through, but I did gain a lot from the process of studying for the test and I hope the certification will be good for my career.
16 internautes sur 20 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 Not a great book for the test 10 décembre 2006
Par Roger A. Grimes - Publié sur Amazon.com
Format:Broché
I took the CISA exam today, so the exam as compared to this book is fresh in my mind.

Overall, I liked the writing style of the book, and the authors did cover much of the CISA domains of knowledge. But that's where the kudos stop.

Book is full of errors, questions are vague or weak (but they are that way on the real exam, too). The book constantly repeated itself on many topics and missed lots of material. It was easy to see that the authors and reviewers did not review each other's work. There was some wrong technical information, especially around the crypto section. Many things the book went over heavily, and repeated through several chapters, were not on the exam (e.g. TCP/IP model, project management, etc.).

Even their review of the TCP/IP model was wrong. The book constantly referred to the five layers of the model, and the model only has 4 layers.

Yes, several of the book's test answers have the incorrect answer choice (as other reviewers have noted), but even worse, often the answer explanation didn't explain the correct answer. Most exam cram type books do poorly on the test questions, and this book was no different.

Overall, I think the book only prepared me for about 1/10th of the questions presented on the CISA exam. I was scoring 85-95% on the book questions and rarely guessing, but on the exam I was guessing a lot more (80% of the time). I probably passed (I do well on most exams and I've got about 50 other certifications), but it would have been nice to have been spoon fed the possible questions better.

But the real CISA exam is very weird, and like a lot of the other crappy security exams, one book will never prepare, so buy and study at least two.

I did not regret buying this book, and I'll lend it to friends. It's a good starter book. It just isn't a good enough test preparer. But I didn't try any of the other books so I can't give a fair comparison or recommend stronger books.
15 internautes sur 19 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 BOOK REVIEW 17 juin 2006
Par Sam Arthur, CPA, CISA, CISSP, CISM - Publié sur Amazon.com
Format:Broché
This team from CertTest Training really hit the bull's eye for the much needed comprehensive study guide for information systems auditors. This guide is very unique because it bridges the gap for two of our primary groups of entrants to the information systems auditing arena. For a traditional auditor, this book translates the risk/control disciplines, traditional to audits, to the information technology environment. A typical auditor can identify with the controls without being an average IT savvy person. For the nuts-and-bolts techie, the guide helps reengineer your thinking process to control awareness and identification.

The guide has eight chapters. Chapters 2 through 8 cover the syllabus for the CISA exam. Below is a brief overview of my evaluation of each chapter.

Chapter 1: Secrets of a Successful Auditor

This chapter is a must read for all existing or wanna-be systems auditors. It provides an overview of the IS audit standards in simple terms for almost any audience, gives an overview of professional requirements, skill sets, the auditing environment and some project management. The tone is this chapter is very motivating and encouraging. For IS auditors like us, it tells our life story, for a wanna-be, this is a recruitment effort. This chapter characterizes the authors' combined years of experience. It is a good appetizer.

Chapter 2: Audit Process

Armed with the knowledge of the secrets of a successful auditor in chapter 1, I was ready to delve into the main course. Chapter 2 welcomes you with a flow diagram of the audit process and provides step by step explanation of risk-based audits and how to plan and conduct audits using applicable standards, guidelines and best practices. The authors provide precise definitions of terminology. Auditor independence could not have been over-emphasized in this chapter. For the exam candidate, most questions on independence are based on judgement. This chapter ensures the reader can grasp the concept and can apply it to exam questions and of course to real life situations.

Chapter 3: IT Governance

With respect to the IT Governance area, which has been characterized with ambiguity since it's inception, the authors tried to explain the overall concept successfully. The only glitch is that, with CISA being an internationally acclaimed qualification, I had expected more governance examples such as the ITIL (IT Infrastructure Library) to be included for the readers from Europe and other corners of the world relate to somehow. However, I enjoyed the illustrations on the performance measurement section, the scoring and the Capability Maturity Modeling. The authors' explanation for Business Process Engineering and Business Impact Analysis (my favorite area) was excellent. For the purpose of the exam, I believe this section was adequately written.

Chapter 4: Networking Technology

For the techie, the first few pages may either be boring or a good refresher. However, for the rest of the chapter, the authors' made a conscientious effort to bridge functionality with audit/security controls for the techie candidate. For the traditional auditor, the first few pages of this chapter provide a good foundation on information technology concepts, mush like an IT 101 course would; that is assuming you have some exposure to IT terminology and understand the difference between a "bite" from a hamburger and bytes in the computer. David's group even throws in some excellent mnemonics you can use for the exam. This section will not make you a professional hacker but will assist you in passing the exam.

Chapter 5: System and Infrastructure Life Cycle Management

I was impressed by the authors' experience in performing SDLC type reviews as portrayed in Chapter 5. Not only were the methodologies adequately explained, but the real life examples and tips provided brought life to this subject area. This is good exam material as well as good reference material.

Chapter 6: IT Service Delivery and Support

This was also an excellent section. This section is a good resource for understanding and reviewing IT operations and management. Excellent illustrations and explanations for scorecards, SLA, metrics and problem management.

Chapter 7: Protection of Information Assets

The beginning of this chapter seems more of a CISM study guide, however it lays the ground work for the CISA candidate to appreciate the thin, often fuzzy, demarcation of network security audits by CISA's and other security professionals. This is very relevant as a result of the plethora of new regulations pertaining to privacy, such as HIPAA and Gramm-Leach-Bliley Act that has passed in the USA and other laws passed in Europe and other parts of the world. This section is very rich in information and of definate benefit to the CISA candidate.

Chapter 8: Business Continuity and Disaster Recovery

In light of recent natural and contrived disasters (terrorist strikes, cyberwarfare and floods) around the nation and the rest of the world; the topics in this chapter have been gaining importance by the day. To be able to put this hot issue in only 30 pages without compromising on content and coverage, the authors had to perform a miracle. The authors did justice to this area and any IT audit professional can utilize the information within both as exam and/or reference material. Here again IT auditors are being called upon to review disaster recovery and business continuity initiatives to ensure corporate survival.

After reviewing the book, I was ready to take the exam, but I realized I had already passed the exam ages ago. But this book was surely an excellent refresher and I vow to keep it in my arsenal of references.

Sam Arthur, CPA, CISA, CISM, CISSP is a Director of Information Technology Assurance & Control with Thompson Cobb Bazilio and Associates, a national certified public accounting and consulting firm headquartered in Washington DC. Sam was formerly the Co-chair of Education and Research for the ISACA National Chapter and is now the Coordinator for the Chapter Coordinator CISM. He also co-chairs the Committee on CISA/CISM Review Courses. Sam reviews publications on Information Technology Audits and Security. He has also written several articles in this field.
Ces commentaires ont-ils été utiles ?   Dites-le-nous
Rechercher des commentaires
Rechercher uniquement parmi les commentaires portant sur ce produit

Passages les plus surlignés

 (Qu'est-ce que c'est ?)
&quote;
threat as a negative event that would cause a loss if it occurred. &quote;
Marqué par 10 utilisateurs Kindle
&quote;
The path that allows a threat to occur is referred to as vulnerability. &quote;
Marqué par 10 utilisateurs Kindle
&quote;
All of these regulations require businesses to possess two simple components:  Evidence of business integrity  Evidence of internal controls to protect valuable assets &quote;
Marqué par 7 utilisateurs Kindle

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Thème:
Première publication:
Aller s'identifier
 

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon
   


Rechercher des articles similaires par rubrique