CISA Exam Study Guide from Packt

CISA Study Guide from Packt

I like to review over CISA study materials and keep up with content every year. ISACA usually has small new updates every year to the auditing domains. It is always nice to see all the new changes and advancements that are being made in the auditing world. This year, I decided to check out a book and wanted to post a quick review of it for others so they may get some good use out of it too.

What is this book about

The book is was just recently published by Packt and is called “CISA – Certified Information Systems Auditor Study Guide” authored by Hemang Doshi. You can grab a copy of it here –> https://amzn.to/358rb3h

Lately, Packt has been doing an awesome job publishing Information Technology related books and content.  

Review of the book

One of the things that really stood out for me about the book was that it covers newer concepts. For example, you get to learn about how risks play into IoT devices that many organizations are now starting to leverage in their environments. Retail businesses are becoming heavy especially in the IoT world, as well as some government organizations. There is some good content on thinking about all types of risks associated with IoT devices.

There is good content on risks associated with mobile computing within organizations. And as companies start to collect and mine more data. There is also a section on risk pertaining to storing Data and any type of analytics done from this data. The book covers good concepts and ideas on how auditing can be conducted for these types of systems that are becoming more common with companies as they start to store more data and conduct analysis on it.

With Covid forcing many users to work from home. There is some content on the risks associated with networking/VPN, endpoint security and email security. A lot of good auditing practices and checks that will strengthen security for working from home users and devices.

You will read about information and security practices related to risks associated with cloud computing. Most companies are moving towards a variation of cloud infrastructure. So, the content in this book really concentrates on that aspect of it too.

The content is well organized in the book and does not feel that dry. I recall using the official CISA study book and felt it was very dry and had way too much information on each page. But this book breaks things into smaller chunks. So, it is easier to digest the information and block off all the concepts into smaller chunks.

Overall, the book covers all the CISA domains and content you would need to know about for the official exam. If I were re-writing the CISA exam, I would have this book in my arsenal of CISA study materials.

Review Questions & Answers

The one thing I enjoyed about the book is having review questions and exceptionally good answers with it. Some books have a quick short answer. However, this book explains each answer for every question in detail. It really does prepare you and put you in the mindset of being an Information Systems Auditor.

If anyone is looking for additional review questions and answer. This book is a great addition to the official ISACA CISA Study guide and question exam bank.

Should I get this book

My opinion of the book is that if your goal is to challenge the CISA exam. Then, this is a must add book to your study materials. There is a lot of content that is relevant to the security auditing world in the book. And the review questions prepare you to better understand all the concepts in each of the domains under the CISA exam.

Can I use this to study for my CISA Exam

Personally, I would recommend you add this book as another study source when attempting to challenge the CISA exam. The content you learn does not feel as dry as other books. And the review questions really get you thinking like an Information Systems Auditor.

Where Can I buy this book

You can grab a copy of the book at amazon here –> https://amzn.to/358rb3h

This site uses Akismet to reduce spam. Learn how your comment data is processed.