Online Mind Mapping and Brainstorming

Create your own awesome maps

Online Mind Mapping and Brainstorming

Even on the go

with our free apps for iPhone, iPad and Android

Get Started

Already have an account? Log In

ISACA® CISA® study guide mind map by Mind Map: ISACA® CISA® study guide mind map
5.0 stars - 62 reviews range from 0 to 5

ISACA® CISA® study guide mind map

ISACA® is a registered trademark of Information Systems Audit and Control Association. CISA®, Certified Information Systems Auditor®, CISM®, CGEIT®, Certified in the Governance of Enterprise IT/CGEIT® (and design)®, COBIT® are registered trademarks of ISACA®. CRISC™, Certified in Risk and Information Systems Control™, Certified Information Security Manager™, Risk IT™, Val IT™ are trademarks of ISACA®. Trademarks are properties of the holders, who are not affiliated with mind map author.

CISA Exam Passing Principles

The job profile of the CISA® (Certified Information Systems Auditor) was published in 1977. Ever since, innumerable individuals around the world have passed this demanding examination which has been consistently updated in line with changing requirements; the examination takes place simultaneously in 80 countries, currently in 12 languages. The successful graduates will, on the provision of meeting the requirement of professional practice / experience, obtain the coveted CISA® designation.



The CISA® job profile has so far been consistently revised in 4 to 6 year intervals (the last time in 2010).

Official Recommended exam study materials


Development Guides

ISACA® CISA® Review Manual 2015

ISACA® CISA® Review Questions, Answers & Explanations Manual 2015 Supplement

ISACA® CISA® Practice Question Database

CISA® Official website

Basic audit related definitions (from ISACA® CISA® perspective)

Audit Risk



Information Systems Auditing


Domain 1: The Process of Auditing Information Systems

Domain 1 - CISA® Exam Relevance

Audit Charter


Audit Planning

Performing the Audit

IS Audit Resource Management

Plan for an Audit

Audit Methodology

Phases of an Audit

Audit Workpapers

Audit Procedures

Types of Tests for IS Controls

Fraud Detection

Risk Management (based on ISACA Risk IT)

Risk-based Auditing

General Controls

Internal Controls

Audit Documentation

Automated Work Papers

Evaluation of Audit Strengths and Weaknesses

Communicating Audit Results

Management Implementation of Audit Recommendations

Control Self-Assessment (CSA)

Continuous Auditing vs Continuous Monitoring

ISACA Code of Professional Ethics

Domain 2: Governance and Management of IT

Domain 2 - CISA® Exam Relevance

Corporate Governance

IT Governance (ITG)

IS Governance (ISG)

Information Technology Monitoring and Assurance Practices for Management

IS Strategy

Enterprise Architecture

Maturity and Process Improvement Models

IT Investment and Allocation Practices

Auditing IT Governance Structure and Implementation

Policies, Procedures, Standards

Risk Management

Resource Management

Human Resource Management

IS Roles and Responsibilities

Segregation of Duties within IS

Organizational Change Management

Quality Management

Performance Optimization

Reviewing Documentation

Reviewing Contractual Commitments

Business Continuity Planning (BCP)

Business Impact Analysis (BIA)

Business Continuity Plan

Domain 3: Information Systems Acquisition, Development, and Implementation

Domain 3 - CISA® Exam Relevance

Business case

Portfolio/Program Management (PPM)

Benefits Realization Techniques

General IT Project Aspects

Project Context and Environment

Project Organizational Forms

Project Communication

Project Objectives

Roles and Responsibilities of Groups and Individuals

Project Management Practices

Project Planning

Project Controlling

Project Risk

Closing a Project

Systems Development Models (SDLC)

Types of Specialized Business Applications


Application Controls

Domain 4: Information Systems Operations, Maintenance and Support

Domain 4 - CISA® Exam Relevance

Auditing System Operations and Maintenance

System and Communications Hardware

Auditing Networks

Business Continuity and Disaster Recovery Audits

Domain 5: Protection of Information Assets

Domain 5 - CISA® Exam Relevance

Importance of IS Management

Key Elements of IS Management

CSFs to IS Management

Inventory and Classification of Information Assets

Privacy Management Issues and the Role of IS Auditors

Social Media Risks

Access Controls

Challenges with Identity Management

Identification and Authentication

Logical Access

Familiarization with the Organization’s IT Environment

Remote Access

Audit logging and monitoring system access


Physical and Environmental Controls

Overview of the CISA® certification

About the CISA® exam

Interactive Glossary

Interactive CISA® Glossary

Recommended additional study

CISA Essential Exam Notes 2014

Effective Approach and Practical Tips for CISA Exam

This freeware, non-commercial mind map (aligned with the newest version of CISA® exam) was carefully hand crafted with passion and love for learning and constant improvement as well for promotion the CISA® qualification and as a learning tool for candidates wanting to gain CISA® qualification. (please share and give feedback - your feedback and comments are my main motivation for further elaboration. THX!)

Questions / issues / errors? What do you think about my work? Your comments are highly appreciated. Feel free to visit my website:

ISO 19011:2011 (Guidelines for auditing management systems)