Accountancy Forum

Full Version: CISA - Exam Contents
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Please share your knowledge regarding what are you studying and what you have already been gain the knowledge about CISA examination contents while preparing it.
We will realy appreciate the efforts if somebody will interact s(he) knowledge.
To take first step I already gave the examination contents in the ISA audit forum.
I will write review regarding what i know in my next visit.
You all have a happy days.
And Rabi-ul-Awal Mubarak.
bye

kris
The Information System Audit Process
IS Auditing Standards
The Information Systems Audit and Control Association (ISACA) standards and guidelines for IS auditing and the code of professional ethics for certified IS auditors are the first references the CISA candidate must become familiar with. This information is the internationally recognized basis of all IS audit activity and provides the foundation of defendable and binding audit work. The standards define the mandatory requirements for IS auditing and reporting that the CISA certificate holders are equired to follow. These standards are fairly straight forward and describe the basics of the IS auditing requirements.
The current version and details of these guidelines and procedures are available on the ISACAWeb site at www.isaca.org.
Will cover the next topic in my next visit.
Please enjoy above and don't be afraid of askin any question.
Bye and take good care.


kris
The Information System Audit Process
Risk based approach
As you guys all know to be good candidate for any professional exam we should adopt risk based approach to pass the exam as most the question can be solved rely upon our abilities to solve the problem based on risk.
All activities in our life have risk. We are constantly doing a risk analysis hundreds of times a day in the normal course of our lives, for example, what will happen if used the new product? Should I push my speed limit up? Will I reach my destination if I walk fast? All actions have risk associated with them. As we all know to do any business we should have cost associated with it. We all have same pattern to think about actions which we took or which we going to take i.e. consequences are evaluated, the probability of loss is computed, risks are weighed, then a choice is make. This all is nothing but risk based approach which we apply in our life.
To accomplish business objectives we have to take risks. If we don’t have risk we don’t have any reason to take decisions. We have to have risk to take business decisions. Taking risk is good for business growth. In this fast growing world we are required to take risk based decision making. More risk, more reward. No pain, no gain.
I will some up the above discussion by my these ending remarks - managing risk could mean monitoring the situation with no additional control actions taken, or it could mean reducing controls because the risks do not warrant the extent of the controls currently being applied. The old adage “don’t spend $100 to solve a $10 problem” is what risk management is all about.
There is no word like luck in business world to be sustained in this world. Auditing is designed to give management a view of the effectiveness of their processes and the associated controls and how well the risk is being.
I will continue my discussion on the same topic in my next visit.


kris