- The IS Audit Process (10% of exam)
- Discuss IS audit services in accordance with IS audit standards, guidelines, and best practices. IS audit services are used to assist the organization in ensuring that its information technology and business systems are protected and controlled.
- Protection of Information Assets (41% of exam)
- In-depth discussions of how the organization’s security architecture (policies, standards, procedures and controls) must ensure the confidentiality, integrity and availability of information assets.
- IT Governance (15% of exam)
- Relate how successful governance provides assurance to the organization that it has the structure, policies, accountability, mechanisms and monitoring practices in place to effectively govern their information technology infrastructure.
- Systems and Infrastructure Life Cycle Management (16% of exam) Show how Life Cycle Management processes provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure will meet the organization’s business objectives.
- IT Service Delivery and Support (14% of exam)
- Describe how service delivery and support enable IT service management to provide the level of services required to meet the organization’s business objectives.
- Business Continuity and Disaster Recovery (14% of exam)
- Establish the vital need of sound BCP/DRP and show how, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resumption of IT services, while minimizing the business impact.