Most Important Topics-CISA Review Manual

(1)Below mentioned most important topics for CISA Exam have been derived on the basis of our interaction with thousands of students who have appeared in last few CISA Exams.

(2)Invariably, in every CISA Exam, many questions were designed from below mentioned topics.

(3)We strongly recommend to study below mentioned topics directly from CRM, even though you feel that CRM is not meant for you (:-

Sr.NoDomainTesting ConceptCRM-26th Edition-Clause No.CRM-26th Edition-Page No.
11Management of IS Audit Functions1.232
21Risk Assessment & Treatment1.5.649
31Compliance Versus Substantive Testing1.5.1051
51Communicating Audit Results1.657
61Control Self Assessment1.760
71The Evolving IS Audit Process1.862
82IT Governing Committees2.3.288
92IT Balanced Score Card2.3.388
102Roles & Responsibilities of Senior Management & Board of Directors2.3.491
112Information System Strategy2.493
122Risk Management Process2.8.298
132Sourcing Practices2.9.2102
142Segregation of duties within IT2.10.2115
152Segregation of duties Control2.10.3116
162Auditing of Business Continuity2.13130
173Project Management Practices3.4159
183Risk associated with Software Development3.5.4182
193EDI Risk & Controls3.7.3189
213Electronic Funds Transfer3.7.11195
223Artificial Intelligence & Expert Systems3.7.17198
233Decision Support System3.7.19202
243Development Methods3.8204
253Information System Maintenance Practices3.1215
263Online Auditing Techniques3.14232
273Auditing System Development, Acquisition & Maintenance 3.15233
284Incident & Problem Management4.2.5259
294Change Management Process4.2.7260
304Quality Assurance4.2.9262
314Database Management System4.5.5270
324Source Code Management4.5.8276
334Network Standards & Protocals4..6.4278
344Auditing Infrastrucutre & Operations4.7295
354Recovery Point Objectives & Recovery Time Objectives4.8.1303
364Back up & Restoration4.8.6309
374Disaster Recovery Testing Methods4.8.7313
385Classifications of Information Assets5.2.3337
395Fraud Risk Factors5.2.4338
405Mandatory & Discretionary Access Controls5.2.7340
415Information Securities and External Parties5.2.10342
425Identification & Authetication5.3.5354
435Authorization Issues5.3.6359
445Internet Threats & Security5.4.4366
465Environmental Exposures & Controls5.7397
475Data Leakage5.14410
485End-User Computing Risks5.15411