CISA Job Practice Areas Effective 2006
CISA Job Practice Area % of Exam
1 IS Audit Process 10
2 IT Governance 15
3 Systems and Infrastructure Lifecycle Management 16
4 IT Service Delivery and Support 14
5 Protection of Information Assets 31
6 Business Continuity and Disaster Recovery 14
Area 1: IS Audit Process
Provide IS audit services in accordance with IS audit standards, guidelines, and best practices to assist the organization in ensuring that its information technology and business systems are protected and controlled. Tasks and Knowledge Statements
Area 2: IT Governance
To provide assurance that the organization has the structure, policies, accountability, mechanisms, and monitoring practices in place to achieve the requirements of corporate governance of IT. Tasks and Knowledge Statements
Area 3: Systems and Infrastructure Lifecycle
To provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance, and disposal of systems and infrastructure will meet the organization‘s objectives. Tasks and Knowledge Statements
Area 4: IT Service Delivery and Support
To provide assurance that the IT service management practices will ensure the delivery of the level of services required to meet the organization‘s objectives. Tasks and Knowledge Statements
Area 5: Protection of Information Assets
To provide assurance that the security architecture (policies, standards, procedures, and controls) ensures the confidentiality, integrity, and availability of information assets. Tasks and Knowledge Statements
Area 6: Business Continuity and Disaster Recovery
To provide assurance that in the event of a disruption the business continuity and disaster recovery processes will ensure the timely resumption of IT services while minimizing the business impact. Tasks and Knowledge Statements
