CISA - Certified Information Systems Auditor Cheat Sheet

19 practice tests · 740 questions

Pick an answer to see if it was correct and why, then continue.

Test 1
IS Audit Standards, Guidelines and Code of Ethics, Types of Audits, Assessments and Reviews, Risk-Based Audit Planning
40 questions
Test 2
Types of Controls and Considerations, Audit Project Management, Audit Testing and Sampling Methodology
35 questions
Test 3
Audit Evidence Collection and Data Analytics (CAATs), Audit Reporting and Communication Techniques, Quality Assurance and Improvement of the Audit Process
39 questions
Test 4
Laws, Regulations and Industry Standards, Organizational Structure, IT Governance and IT Strategy, IT Policies, Standards, Procedures and Practices
32 questions
Test 5
Enterprise Architecture and Considerations, Enterprise Risk Management, Privacy Program and Principles
36 questions
Test 6
Data Governance and Classification, IT Resource Management, IT Vendor Management
38 questions
Test 7
IT Performance Monitoring and Reporting (KPIs and KRIs), Quality Assurance and Quality Management of IT, Project Governance and Management
36 questions
Test 8
Business Case and Feasibility Analysis, System Development Methodologies, Control Identification and Design
37 questions
Test 9
System Readiness and Implementation Testing, Implementation Configuration and Release Management, System Migration, Infrastructure Deployment and Data Conversion
39 questions
Test 10
Post-implementation Review, IT Components, IT Asset Management
26 questions
Test 11
Job Scheduling and Production Process Automation, System Interfaces, Shadow IT and End-User Computing
37 questions
Test 12
Systems Availability and Capacity Management, Problem and Incident Management, IT Change, Configuration and Patch Management
34 questions
Test 13
Operational Log Management, IT Service Level Management, Database Management
33 questions
Test 14
Business Impact Analysis, System and Operational Resilience, Data Backup, Storage and Restoration
34 questions
Test 15
Business Continuity Plan, Disaster Recovery Plans, Information Asset Security Frameworks, Standards and Guidelines
35 questions
Test 16
Physical and Environmental Controls, Identity and Access Management, Network and Endpoint Security
47 questions
Test 17
Data Loss Prevention, Data Encryption, Public Key Infrastructure
31 questions
Test 18
Cloud and Virtualized Environments, Mobile, Wireless and Internet-of-Things Devices, Security Awareness Training and Programs
41 questions
Test 19 · Final
Information System Attack Methods and Techniques, Security Testing Tools and Techniques, Security Monitoring Tools and Techniques, Security Incident Response Management, Evidence Collection and Forensics
90 questions
+150 XP

IS Audit Standards, Guidelines and Code of Ethics, Types of Audits, Assessments and Reviews, Risk-Based Audit Planning

Types of Controls and Considerations, Audit Project Management, Audit Testing and Sampling Methodology

Audit Evidence Collection and Data Analytics (CAATs), Audit Reporting and Communication Techniques, Quality Assurance and Improvement of the Audit Process

Laws, Regulations and Industry Standards, Organizational Structure, IT Governance and IT Strategy, IT Policies, Standards, Procedures and Practices

Enterprise Architecture and Considerations, Enterprise Risk Management, Privacy Program and Principles

Data Governance and Classification, IT Resource Management, IT Vendor Management

IT Performance Monitoring and Reporting (KPIs and KRIs), Quality Assurance and Quality Management of IT, Project Governance and Management

Business Case and Feasibility Analysis, System Development Methodologies, Control Identification and Design

System Readiness and Implementation Testing, Implementation Configuration and Release Management, System Migration, Infrastructure Deployment and Data Conversion

Post-implementation Review, IT Components, IT Asset Management

Job Scheduling and Production Process Automation, System Interfaces, Shadow IT and End-User Computing

Systems Availability and Capacity Management, Problem and Incident Management, IT Change, Configuration and Patch Management

Operational Log Management, IT Service Level Management, Database Management

Business Impact Analysis, System and Operational Resilience, Data Backup, Storage and Restoration

Business Continuity Plan, Disaster Recovery Plans, Information Asset Security Frameworks, Standards and Guidelines

Physical and Environmental Controls, Identity and Access Management, Network and Endpoint Security

Data Loss Prevention, Data Encryption, Public Key Infrastructure

Cloud and Virtualized Environments, Mobile, Wireless and Internet-of-Things Devices, Security Awareness Training and Programs

Information System Attack Methods and Techniques, Security Testing Tools and Techniques, Security Monitoring Tools and Techniques, Security Incident Response Management, Evidence Collection and Forensics

IS Audit Standards, Guidelines and Code of Ethics, Types of Audits, Assessments and Reviews, Risk-Based Audit Planning

Types of Controls and Considerations, Audit Project Management, Audit Testing and Sampling Methodology

Audit Evidence Collection and Data Analytics (CAATs), Audit Reporting and Communication Techniques, Quality Assurance and Improvement of the Audit Process

Laws, Regulations and Industry Standards, Organizational Structure, IT Governance and IT Strategy, IT Policies, Standards, Procedures and Practices

Enterprise Architecture and Considerations, Enterprise Risk Management, Privacy Program and Principles

Data Governance and Classification, IT Resource Management, IT Vendor Management

IT Performance Monitoring and Reporting (KPIs and KRIs), Quality Assurance and Quality Management of IT, Project Governance and Management

Business Case and Feasibility Analysis, System Development Methodologies, Control Identification and Design

System Readiness and Implementation Testing, Implementation Configuration and Release Management, System Migration, Infrastructure Deployment and Data Conversion

Post-implementation Review, IT Components, IT Asset Management

Job Scheduling and Production Process Automation, System Interfaces, Shadow IT and End-User Computing

Systems Availability and Capacity Management, Problem and Incident Management, IT Change, Configuration and Patch Management

Operational Log Management, IT Service Level Management, Database Management

Business Impact Analysis, System and Operational Resilience, Data Backup, Storage and Restoration

Business Continuity Plan, Disaster Recovery Plans, Information Asset Security Frameworks, Standards and Guidelines

Physical and Environmental Controls, Identity and Access Management, Network and Endpoint Security

Data Loss Prevention, Data Encryption, Public Key Infrastructure

Cloud and Virtualized Environments, Mobile, Wireless and Internet-of-Things Devices, Security Awareness Training and Programs

Information System Attack Methods and Techniques, Security Testing Tools and Techniques, Security Monitoring Tools and Techniques, Security Incident Response Management, Evidence Collection and Forensics