What do you think?
Rate this book
CISA Review Manual 2015
The CISA® Review Manual 2015 is a comprehensive reference guide designed to help individuals prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor. The manual has been enhanced over the past editions and represents the most current, comprehensive, peer-reviewed IS audit, assurance, security and control resource available worldwide.
The 2015 manual is organized to assist candidates in understanding essential concepts and studying the following job practice areas:
The Process of Auditing Information Systems
Governance and Management of IT
Information Systems Acquisition, Development and Implementation
Information Systems Operations, Maintenance and Support
Protection of Information Assets
The CISA® Review Manual 2015 features an easy-to-navigate format. Each of the five chapters has been divided into two sections for focused study. Section one of each chapter contains the definitions and objectives for the five areas, as well as the corresponding tasks performed by IS auditors and knowledge statements (required to plan, manage and perform IS audits) that are tested on the exam. It also includes:
A map of the relationship of each task to the knowledge statements
A reference guide for the knowledge statements, including the relevant concepts and explanations
References to specific content in section two for each knowledge statement
Self-assessment questions and explanations of the answers
Suggested resources for further study
Section two of each chapter consists of reference material and content that supports the knowledge statements. The material enhances CISA candidates' knowledge and/or understanding when preparing for the CISA certification exam. In addition, the CISA® Review Manual 2015 includes brief chapter summaries focused on the main topics and case studies to assist candidates in understanding current practices. Also included are definitions of terms most commonly found on the exam.
The 2015 manual is organized to assist candidates in understanding essential concepts and studying the following job practice areas:
The Process of Auditing Information Systems
Governance and Management of IT
Information Systems Acquisition, Development and Implementation
Information Systems Operations, Maintenance and Support
Protection of Information Assets
The CISA® Review Manual 2015 features an easy-to-navigate format. Each of the five chapters has been divided into two sections for focused study. Section one of each chapter contains the definitions and objectives for the five areas, as well as the corresponding tasks performed by IS auditors and knowledge statements (required to plan, manage and perform IS audits) that are tested on the exam. It also includes:
A map of the relationship of each task to the knowledge statements
A reference guide for the knowledge statements, including the relevant concepts and explanations
References to specific content in section two for each knowledge statement
Self-assessment questions and explanations of the answers
Suggested resources for further study
Section two of each chapter consists of reference material and content that supports the knowledge statements. The material enhances CISA candidates' knowledge and/or understanding when preparing for the CISA certification exam. In addition, the CISA® Review Manual 2015 includes brief chapter summaries focused on the main topics and case studies to assist candidates in understanding current practices. Also included are definitions of terms most commonly found on the exam.
430 pages, Paperback
First published November 1, 2007
70 people are currently reading
1077 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 23 of 23 reviews
May 31, 2024
Work got me reading this. It’s not as interesting as all the other reviews make out. Tough, tough read. Might just fail the exam it’s better than reading this to be honest
Read
February 27, 2021The official CISA Exam study resource from ISACA. Just for fun, here’s some unusually-named but 100% real cyberattacks that you need to memorize when studying.
“Smurf attack—Occurs when misconfigured network devices allow packets to be sent to all hosts on a particular network via the broadcast address of the network.”
“Teardrop attack—Involves sending mangled IP fragments with overlapping, oversized payloads to the target machine”
“Banana attack—Redirects outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets”
“Pulsing zombie—A DoS attack in which a network is subjected to hostile pinging by different attacker computers over an extended time period. This results in a degraded quality of service and increased workload for the network’s resources.”
“Juice Jacking - Occurs when malware is surreptitiously installed on, or data are copied from, a smart phone, tablet or other device using an often public USB charging port that doubles as a data connection”
“Logic bomb—A program or a section of a program that is triggered when a certain condition, time or event occurs.”
“Pharming - An attack that aims to redirect the traffic of a website to a bogus website. Pharming can be conducted either by changing the host’s file on a victim’s computer or by exploiting a vulnerability in DNS server software.”
“Piggybacking - The act of following an authorized person through a secured door or electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.”
“Salami Attack - Involves slicing small amounts of money from a computerized transaction or account.”
“Worms—Destructive programs that may destroy data or use up tremendous computer and communication resources, but worms do not replicate like viruses.”
“Smurf attack—Occurs when misconfigured network devices allow packets to be sent to all hosts on a particular network via the broadcast address of the network.”
“Teardrop attack—Involves sending mangled IP fragments with overlapping, oversized payloads to the target machine”
“Banana attack—Redirects outgoing messages from the client back onto the client, preventing outside access, as well as flooding the client with the sent packets”
“Pulsing zombie—A DoS attack in which a network is subjected to hostile pinging by different attacker computers over an extended time period. This results in a degraded quality of service and increased workload for the network’s resources.”
“Juice Jacking - Occurs when malware is surreptitiously installed on, or data are copied from, a smart phone, tablet or other device using an often public USB charging port that doubles as a data connection”
“Logic bomb—A program or a section of a program that is triggered when a certain condition, time or event occurs.”
“Pharming - An attack that aims to redirect the traffic of a website to a bogus website. Pharming can be conducted either by changing the host’s file on a victim’s computer or by exploiting a vulnerability in DNS server software.”
“Piggybacking - The act of following an authorized person through a secured door or electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.”
“Salami Attack - Involves slicing small amounts of money from a computerized transaction or account.”
“Worms—Destructive programs that may destroy data or use up tremendous computer and communication resources, but worms do not replicate like viruses.”
March 8, 2016
This is the only reliable book any one should read for cisa exam..how ever..if the content materials would be written in more interesting way, with some examples, colours and diagrams..it would be more interesting to study.
May 19, 2016
can't recommend enough
April 5, 2021
Pretty dry reading. But can't complain too much when it helped me pass the exam despite having no prior IT experience or education to speak of. Would definitely suggest pairing with the review questions to help in your studies.
September 19, 2017
Good Book For Giving the Cisa exam
February 12, 2018
I want to read the book from goodreads. But it doesn't allow this!!!!! Then what is the function of "goodreads"?
May 1, 2019
Horribly dry. We'll see if it's effective in a few weeks.
November 30, 2021
Lasīju nākamo izdevumu, pēc skaita 27. Tajā ir 987 lappuses.. Obligātā literatūra kursā "MGS 642: IS Auditing".
August 1, 2022
Very dry and boring, especially for a study material.
July 3, 2023
tag yourself i’m the pulsing zombie attack
(really hope i pass this exam)
(really hope i pass this exam)
October 12, 2024
Studiny cisa certificate what made me read this book
December 15, 2024
Should be used to torture enemies of the state. Made me cry constantly
January 18, 2026
Shoutout to Dr. Pascal Bizarro at BGSU
August 1, 2019
This book changed my career. Am a Certified Information Systems Auditor (CISA) now with ISACA. 800 pages of mind-changing chapters.
Am on to the next certification offered by ISACA now. 1,600 pages, here I come!!!!
Am on to the next certification offered by ISACA now. 1,600 pages, here I come!!!!
January 20, 2010
its so amazing!!! sampe bingung mo dipahamin pake cara gimana...wakakakak
jadilah...melayang begitu saja...
jadilah...melayang begitu saja...
February 15, 2014
I passed, so I guess it was good.
Read
November 28, 2016great book
Want to read
July 8, 2017Nice
Want to read
October 23, 2017read
Currently reading
February 5, 2018sdf
Read
April 20, 2019Important for the exam
Displaying 1 - 23 of 23 reviews