Section 1: Information System Auditing Process
Chapter 1: Audit Planning
The content of an audit charter
Key aspects from CISA exam perspective
Self-evaluation questions
Benefits of audit planning
Individual audit assignments
Key aspects from CISA exam perspective
Self-evaluation questions
Business process applications and controls
Electronic Data Interchange (EDI)
Electronic funds transfer (EFT)
Artificial intelligence and expert systems
Key aspects from CISA exam perspective
Self-evaluation questions
The difference between preventive and deterrent controls
Key aspects from CISA exam perspective
Self-evaluation questions
Risk-based audit planning
Understanding vulnerability and threat
Understanding inherent risk and residual risk
Advantages of risk-based audit planning
Risk-based auditing approach
Risk response methodology
Top-down and bottom-up approaches to policy development
Key aspects from CISA exam perspective
Self-evaluation questions
Types of audit and assessment
Self-evaluation questions
Content of the audit charter
Business process applications and controls
Risk-based audit planning
Types of audit and assessment
Chapter 2: Audit Execution
Fraud, irregularities, and illegal acts
Key aspects from CISA exam perspective
Self-assessment questions
The confidence coefficient
Sample standard deviation
Compliance versus substantive testing
The difference between compliance testing vis-à-vis substantive testing
Examples of compliance testing and substantive testing
The relationship between compliance testing and substantive testing
Key aspects from the CISA exam perspective
Self-assessment questions
Audit evidence collection techniques
Independence of the evidence provider
Qualifications of the evidence provider
Objectivity of the evidence
Evidence gathering techniques
Key aspects from the CISA exam perspective
Self-assessment questions
