CISA Series Introduction - Preparing for the Exam

Transcript

1. CISA Exam Preparation Series Overview of the Series © Alison

   Wickens | Management System Insights CISA Series 2026

2. Purpose of This Series WORK THROUGH THE CISA DOMAINS IN

   A STRUCTURED AND PRACTICAL WAY AS PART OF MY EXAM PREPARATION BREAK DOWN CONCEPTS INTO MANAGEABLE PARTS BUILD PRACTICAL UNDERSTANDING, NOT JUST THEORY

3. What is CISA? Certified Information Systems Auditor Globally recognised certification

   Focus: IT audit, governance, risk, and controls

4. About the Organisation (ISACA) CISA is issued by ISACA Global

   professional body for IT governance, risk, audit, and security Provides: Certifications (CISA, CISM, CRISC, CGEIT) Frameworks and guidance Professional standards

5. The CISA Exam The CISA Exam 150 multiple-choice questions 4-hour

   exam Scaled scoring (200–800) Passing score: 450 Tests: Understanding of concepts Application of knowledge Auditor mindset Weight Domain 18% 1. Information System Auditing Process 18% 2. Governance and Management of IT 12% 3. Information Systems Acquisition, Development, and Implementation 26% 4. Information Systems Operations and Business Resilience 26% 5. Protection of Information Assets

6. What Makes It Challenging What Makes the CISA Exam Challenging

   Broad coverage across 5 domains Questions are scenario-based Focus on best answer, not just correct answer Requires judgement and interpretation It’s not memorisation — it’s how you think

7. My Approach to the Exam How I’m Approaching the Exam

   Work through domains one at a time Focus on understanding concepts Reinforce learning through explanation Link theory to practical experience This series is part of that process

8. Study Strategy  Study Strategy  Break content into manageable

   parts  Revisit key concepts regularly  Focus on:  Risk  Controls  Audit approach  Practice applying concepts, not just reading them

9. How This Series Will Work  Start with a high-level

   overview  Break down each domain individually  Focus on key concepts and exam relevance

10. CISA Domains Overview 1. Information System Auditing Process 1. Information

    System Auditing Process 2. Governance and Management of IT 2. Governance and Management of IT 3. Information Systems Acquisition, Development, and Implementation 3. Information Systems Acquisition, Development, and Implementation 4. Operations & Business Resilience 4. Operations & Business Resilience 5. Protection of Information Assets 5. Protection of Information Assets

11. How the Domains Connect  Governance → Build → Operate

    → Protect → Audit  Each domain supports the next  Together they form a complete assurance model

12. Series Structure  Part 1 – Overview  Part 2

    – Domain 1  Part 3 – Domain 2  Part 4 – Domain 3  Part 5 – Domain 4  Part 6 – Domain 5  Part 7 – Exam Practice

13. Domain 1: Auditing Process Planning – Define scope, risk, and

    audit approach Execution – Perform testing, collect evidence, and communicate findings The IT Assurance Framework available for download on www.isaca.org

14. Domain 2: Governance IT Governance - Direction (Alignment) Risk Management

    - Risk-informed decision making IT Management - Execution (Control)

15. Domain 3: Information Systems Acquisition, Developm ent, and Implement ation

    Acquisition – Selecting and planning systems Development – Building systems securely and correctly Implementation – Deploying systems safely into operations

16. Domain 4: Operations & Resilience IT Operations - Running IT

    systems day-to-day efficiently and reliably IT Infrastructure Monitoring & Support - Ensuring systems are stable, monitored, and issues are detected early Business Resilience - Ensuring the organisation can continue or recover operations Incident Management - Managing disruptions and learning from them

17. Domain 5: Protection of Assets Information Security Governance - Establishing

    the foundation for security Logical and Physical Access Controls - Ensuring only the right people have the right access Data Protection - Protecting data throughout its lifecycle Infrastructure and Network Security - Protecting systems and infrastructure from threats Security Monitoring and Incident Detection - Detecting and responding to security threats

18. Core Objective  Move beyond memorisation  Build practical understanding

     Think like an auditor

19. Next  Domain 1 – Information System Auditing Process -

    Where we explore the audit lifecycle — from planning through to reporting and improvement  Please visit CISA® Certification | Certified Information Systems Auditor® @ www.isaca.org to get more information on courses, manuals, registering for the exams, and exam preparations, etc.  Also see Exam Candidate Guides on their website.

20. Disclaimer PERSONAL LEARNING JOURNEY BASED ON CURRENT UNDERSTANDING OPEN TO

    INPUT AND DIFFERENT PERSPECTIVES I DO NOT REPRESENT ANY ORGANISATION ONE MAY USE THIS MATERIAL IF YOU WISH TO ALSO LEARN FROM THIS.