The IS Audit Process
ISACA IS Auditing Standards and Guidelines
IS Auditing Practices and Techniques
Gathering Information and Preserving Evidence
Control Objectives and IS-Related Controls
Risk Assessment in an Audit Context
Audit Planning and Management Techniques
Reporting and Communication Techniques
Control Self-Assessment
CISA's Role in IT Governance
IT Governance Basics
IT Governance Frameworks
Information Security Policies
Quality Management Strategies and Practices
The IT Organization's Roles and Responsibilities
Enterprise Architecture
Risk Management
Process Improvement Models
IT Contracting Strategies
Monitoring and Reporting IT Performance
IT Human Resource Management
IT Resource Investment and Allocations Practices
CISA's Role in Systems and Infrastructure Life Cycle Management
Benefits Management Practices
Project Governance Mechanisms
Project Management Practices, Tools and Control Frameworks
Risk Management Practices
Project Success Criteria and Risks
Configuration, Change and Release Management
Application Controls
Enterprise Architecture
Requirements Analysis
Acquisition and Contract Management
System Development Methodologies and Tools
Quality Assurance Methods
Managing Testing Processes
Data Conversion Tools, Techniques and Procedures
System Disposal
Certification and Accreditation
Postimplementation Reviews
System Migration and Deployment
CISA's Role in IT Service Delivery and Support
Service Level Management Practices
Operations Management Best Practices
Systems Performance Monitoring Processes, Tools and Techniques
Functionality of Hardware and Network Components
Database Administration Practices
System Software Functionality
Capacity Planning and Monitoring Techniques
Managing Scheduled and Emergency Changes
Incident and Problem Management Practices
Software Licensing and Inventory Practices
System Resiliency Tools and Techniques
CISA's Role in Protection of Information Assets
Information Security Management
Logical Access Controls
Network Infrastructure Security
Attack Methods and Techniques
Responding to Security Incidents
Security Systems and Devices
Encryption and PKI Components
Virus Detection Tools and Techniques
Penetration Testing
Environmental Protection Practices and Devices
Physical Security Systems
Data Classification Schemes
Voice-Over IP
Transport and Disposal of Information Assets
Security of Portable and Wireless Devices
CISA's Role in Business Continuity and Disaster Recovery
Backup Basics
Legal Elements
Business Impact Analysis
Business Continuity and Disaster Recovery Plans Development and Maintenance
Business Continuity and Disaster Recovery Plan Testing
Human Resources Management
Invoking the Business Continuity Plan
Alternate Processing and Recovery Strategies