CISA Exam Prep: Certified Information Systems Auditor [Paperback]

Michael Gregg (Author)

Book Description

ISBN-10: 0789735733 | ISBN-13: 978-0789735737 | Publication Date: April 1, 2006 | Edition: 1

CISA Exam Prep

Certified Information Systems Auditor

 

Michael Gregg

 

Your Complete Certification Solution!

 

The Smart Way to Study™

 

In This Book You’ll Learn How To:

• Approach the IS audit process from ISACA’s view of IS auditing best practices
• Relate and apply information security and systems audit best practices to the six CISA job practice areas
• Understand the IS audit process and learn how to apply best practices to secure an organization’s assets
• Evaluate IT governance to ensure that the organization has the structure, policies, and mechanisms in place to provide sufficient IS controls
• Minimize risk within an IT/IS environment by using sound security techniques and practices
• Assess systems and infrastructure lifecycle practices to determine their effectiveness in meeting security requirements and meeting organizational objectives
• Gain a deeper understanding of the business continuity and disaster recovery process to help minimize risk
• Protect key informational assets by examining the security architecture and evaluating controls designed for the protection of confidentiality, availability, and integrity
• Streamline your exam preparations with our exam insights, tips, and study strategies

 

WRITTEN BY A LEADING CISA EXAM EXPERT!

Michael Gregg, founder and president of Superior Solutions, Inc., a Houston-based IT security consulting and auditing firm, has more than 20 years experience in information security and risk. He holds two associate degrees, a bachelor’s degree, and a master’s degree. He presently maintains more than a dozen certifications and is a nine-time winner of Global Knowledge’s Perfect Instructor Award. Michael not only has experience in performing security audits and assessments, but also is the author of Que Publishing’s Certified Ethical Hacker Exam Prep, CISSP Exam Cram, and is the co-author of Inside Network Security Assessment: Guarding Your IT Infrastructure by Sams Publishing.

 

Introduction

Study and Exam Prep Tips 

Part I: IT Governance and the Audit Process

Chapter 1: The Audit Process

Chapter 2: IT Governance 

Part II: System and Infrastructure Lifecycle Management

Chapter 3: Lifecycle Management 

Chapter 4: System Infrastructure Control

Part III: IT Service Delivery and Support

Chapter 5: Information Systems Hardware and Architecture

Chapter 6: Information Systems Used for IT Delivery and Support

Part IV: Protection of Information Assets

Chapter 7: Protection of Logical Assets

Chapter 8: Physical Security

Part V: Business Continuity and Disaster Recovery

Chapter 9: Business Continuity and Disaster Recovery 

Part VI: Final Preparation

Fast Facts

Practice Exam 

Answers to Practice Exam Questions 

Glossary

Index

www.examcram.com

ISBN-13: 978-0-7897-3573-7

ISBN-10: 0-7897-3573-3 

 

U.S. $59.99

CAN. $74.99

U.K. £42.99

 

Editorial Reviews

About the Author

As the founder and president of Superior Solutions, Inc., a Houston-based IT security consulting and auditing firm, Michael Gregg has more than 15 years of experience in information security and risk management. He holds two associate's degrees, a bachelor's degree, and a master's degree. Some of the certifications he holds include the following: CISA, CISSP, MCSE, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA.

 

Michael not only has experience in performing security audits and assessments, but he also is the co-author of Inside Network Security Assessment: Guarding Your IT Infrastructure (ISBN

0672328097, Sams, 2005). Other publications he has authored include the CISSP Exam Cram 2 (ISBN 078973446X, Que, 2005) and the Certified Ethical Hacker Exam Prep 2 (ISBN 0789735318, Que, 2006). Michael is a site expert for TechTarget.com websites, including SearchSMB.com and SearchNetworking.com; he also serves on their editorial advisory board. His articles have been published on IT websites including CertMag.com, CramSession.com, and GoCertify.com. Michael has created security audit and assessment course material for various

companies and universities. Although audits and assessments are where he spends the bulk of his time, teaching and contributing to the written body of IT security knowledge is how Michael believes he can give something back to the community that has given him so much. He is a member of the American College of Forensic Examiners and of the Texas Association

for Educational Technology. When not working, Michael enjoys traveling and restoring muscle cars.

Product Details

• Paperback: 480 pages
• Publisher: Que; 1 edition (April 1, 2006)
• Language: English
• ISBN-10: 0789735733
• ISBN-13: 978-0789735737
• Product Dimensions: 9.1 x 7.1 x 1.3 inches
• Shipping Weight: 2 pounds (View shipping rates and policies)
• Average Customer Review: 3.7 out of 5 stars  See all reviews (6 customer reviews)
• Amazon Best Sellers Rank: #1,051,529 in Books (See Top 100 in Books)

More About the Author

Michael Gregg is COO of Superior Solutions, Inc. (www.thesolutionfirm.com), a Houston based information security assessment, penetration testing, and IT security training firm. Mr. Gregg is responsible for helping corporations establish and validate enterprise wide information security programs and controls. He is an expert on cyber security, networking, and Internet technologies.

While consulting consumes a large amount of Michael's time, he has contributed to more than 10 books and has spoken at security, technology, and educational conferences such as ISC2's Security Leadership Conference, Hacker Halted, Government Technology Conference (GTC), National Credit Union Administration (NCUA) IT Conference, and The American College of Forensic Examiners.

Michael has appeared in numerous media outlets including The New York Times, Fox News, Canadian News (BNN), Kiplinger as well as NPR, ESPN, and other major networks. He holds two associate's degrees, a bachelor's degree, and a master's degree. He presently maintains many certifications including CISSP, CISA, CISM, etc.

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

3.0 out of 5 stars A very good book for CISA exam preparation, February 20, 2008

By 

Robin Rootsmith (Wagga Wagga, NSW Australia) - See all my reviews

This review is from: CISA Exam Prep: Certified Information Systems Auditor (Paperback)

I really enjoyed reading this study guide as it does cover many aspects of CISA exam. I am also impressed that the author provides real life examples and tools that are used for IT auditing. Such information works great for rookies like me who have no professional experience in this field. However, this book alone is not sufficient to clear the exam. Apart from professional experience in ICT industry, I used the following to clear the CISA exam in December 2007:
CISA exam prep study guide (latest edition)
CISA study guide by sybex (latest edition)
ISACA question and answer set (software) - latest edition

This should suffice to give anyone a good try at the CISA exam. Cheers.

2 of 2 people found the following review helpful:

5.0 out of 5 stars A Great Additional CISA Resource, July 11, 2007

By 

JustaGeek718 (New York) - See all my reviews

This review is from: CISA Exam Prep: Certified Information Systems Auditor (Paperback)

I would recommend this book as it does a good job of covering the topics addressed in the areas required for the exam. The front of the book describes each objective and lists where that information is in the book. It covers the practice areas as laid out for the 2007 exam. I liked the way that several of the larger domains were broken into two chapters. This made it easier to read and retain the information.

ISACA expects candidates to have 5 years of experience. You need to read more than one book on the CISA examination areas to round out your understanding. Don't underestimate the difficulty of this exam.

In many areas ISACA gives review classes that can help supplement the needed knowledge to pass the CISA exam. In the end I attended the review classes, browsed the official text and read this book. In that role this book fit my needs as its much easer to read than the official text. CISA candidates should map out a preparation plan months before the exam and then stick to it. Read this book but also use other materials such as the official questions and answers book and other third party practice exams.

1 of 1 people found the following review helpful:

5.0 out of 5 stars Very good review book, July 22, 2008

By 

WendyT (Kent, Ohio, USA) - See all my reviews

Amazon Verified Purchase

This review is from: CISA Exam Prep: Certified Information Systems Auditor (Paperback)

I purchased this book in January 2008 to prepare for the CISA exam in June 2008. I thought the book was quite helpful in explaining concepts. The material is very structured and it is a useful tool for preparing for the CISA exam. I used this book, one other book, and the ISACA CD (review questions) and passed the exam on my first attempt in June 2008. (I also had the ISACA official review guide/book and found that too comprehensive and dry to study from for more than short periods of time.) I do recommend this book to others looking to prepare for the CISA exam. Note that this book would not be the ONLY book I would use to prepare for the CISA exam but that it is a good part of one's preparation.