Exam Essentials

Know how to develop and implement a risk-based audit strategy. The auditor should focus on areas of high value. The risk assessment will help to determine whether the audit will yield meaningful information. Certain types of conditions may be difficult to audit. It is important that the audit is based on meaningful evidence that is materially relevant.

Understand how to conduct IS audits in accordance with published standards, guidelines, and best practices. The auditor is expected to follow published audit standards to ensure thoroughness and consistency. Deviations from standards and guidelines is rare. Any deviation must be well documented, but results may not be accepted by the audit community. The purpose of best practices ...

Get CISA® Certified Information Systems Auditor®: Study Guide, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.