CISAReviewCourse重点分析.pptVIP

CISA Review Course Chapter 2  Chapter Overview 2.1 Corporate Governance 2.2 Monitoring and Assurance Practices for Board and Executive Management 2.3 Information Systems Strategy 2.4 Policies and Procedures 2.5 Risk Management 2.6 IS Management Practices 2.7 IS Organizational Structure and Responsibilities 2.8 Auditing IT Governance Structure and Implementation Chapter Objective The objective of this area is to ensure that the IS Auditor… ”Understands and can provide assurance that the organization has the structure, policies, accountability mechanisms and monitoring practices in place to achieve the requirements of corporate governance of IT.  Chapter Summary According to the Certification Board, this Content Area will represent approximately 15% of the CISA examination. (approximately 30 questions) 2.1 Corporate Governance Ethical corporate behavior by directors or others charged with governance in the creation and presentation of wealth for all stakeholders. Practice of Corporate Governance The distribution of rights and responsibilities among different participants in the corporation, such as board, managers, shareholders and other stakeholders, and (it) spells out the rules and procedures for making decisions on corporate affairs. By doing this, it also provides the structure through which the company objectives are set and the means of attaining those objectives and monitoring performance. IT governance is the responsibility of the board of directors and executive management. It is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organizations IT sustains and extends the organizations strategy and objectives 2.2 Monitoring and Assurance Practices for Board and Executive Management Best Practice for IT Governance IT Strategy Committee Standard IT Balanced Scorecard Information Security Governance 2.3 Information Systems Strategy Strategic planning Long-range plan