AUDITING

Featuring CISA Exam Prep

ISACA BOOKSTORE
isaca.org/bookstore
 CISA Exam Prep Materials
BESTSELLING PRODUCT

ISACA (isaca.org) helps global professionals lead, adapt
and assure trust in an evolving digital world by offering
innovative and world-class knowledge, standards,
networking, credentialing and career development.
CISA Review Questions, Answers &
Explanations Database12-Month Subscription
The CISA Review Questions, Answers & Explanations
Database is a comprehensive 1,000-question pool of
items that combines the questions from the CISA Review
Questions, Answers & Explanations Manual, 11th Edition.
The database has been revised according to the recently
updated 2016 CISA Job Practice.
The database is available via the web, allowing CISA
Candidates to log in at home, at work or anywhere they
have Internet connectivity. This database is MAC and
Windows compatible.
Exam candidates can take sample exams with randomly
CISA Review Questions, Answers &
Explanations Database6-Month Extension
The CISA Questions, Answers & Explanations Database
6-Month Extension should be purchased only as an
extension to the CISA Practice Question Database
12-Month Subscription. The database is available via the
web, allowing CISA candidates to log in at home, at work
or anywhere they have Internet connectivity.
After purchase, you can access this course by visiting
your MyISACA page and clicking CISA Question Database
Button.
Member: US $45.00
2016

CISA Non-member: US $65.00

selected questions and view the results by job practice Product Code: XMXCA15-EXT180
Established in 1969, ISACA is a global nonprofit association
Review Questions, Answers
& Explanations Database

domain, allowing for concentrated study in particular areas.

of 140,000 professionals in 180 countries. ISACA also
offers the Cybersecurity Nexus (CSX), a holistic
cybersecurity resource, and COBIT, a business framework
to govern enterprise technology.
Additionally, questions generated during a study session
are sorted based on previous scoring history, allowing
CISA candidates to identify their strengths and weaknesses
and focus their study efforts accordingly.
Other features provide the ability to select sample exams
by specific job practice domain, view questions that were
previously answered incorrectly and vary the length of
study sessions, giving candidates the ability to customize
their study approach to fit their needs.

After purchase, you can access this course by visiting

your MyISACA page and clicking CISA Question Database
Button.

2016 Member: US $185.00

CISA Non-member: US $225.00
Review Questions, Answers
& Explanations Database Product Code: XMXCA15-12M

The CISA Review Questions, Answers &

Explanations Database is also available on
CD-Rom in Spanish.

Contact the ISACA Bookstore

E-mail: bookstore@isaca.org
Tel: +1.847.660.5650
Fax: +1.847.253.1443

Order online at isaca.org/bookstore


CISA Exam Prep Materials

CISA Review Questions, Answers &

Explanations Manual, 11th Edition
CISA Review Manual, 26th Edition
ISACA CERTIFICATIONS
SHOW YOURE
The CISA Review Manual, 26th Edition is a comprehensive
Designed to familiarize candidates with the question types reference guide designed to help individuals prepare for the
and topics featured in the CISA exam, the CISA Review CISA exam and understand the roles and responsibilities

QUALIFIED.
Questions, Answers & Explanations Manual, 11th Edition of an information systems (IS) auditor. The manual has
consists of 1,000 multiple-choice study questions that been revised according to the 2016 CISA Job Practice and
have previously appeared in the CISA Review Questions, represents the most current, comprehensive, peer-reviewed
Answers & Explanations Manual 2015 and the CISA IS audit, assurance, security and control resource available.

EMPLOYERS CAN
Review Questions, Answers & Explanations Manual 2015
The 26th edition is organized to assist candidates in
Supplement. The manual has been updated according to
understanding essential concepts and studying the following
the newly revised 2016 Job Practice.
job practice areas: The Process of Auditing Information
Many questions have been revised or completely rewritten
to be more representative of the CISA exam question
Systems; Governance and Management of IT; Information
Systems Acquisition, Development and Implementation; INSTANTLY SEE
YOU AS AN ASSET.
format and/or to provide further clarity or explanation of Information Systems Operations, Maintenance and Service
the correct answer. These questions are not actual exam Management; Protection of Information Assets
items but are intended to provide CISA candidates with an
The CISA Review Manual, 26th Edition features an
understanding of the type and structure of questions and
easy-to-navigate format. Each of the five chapters has been
content that have previously appeared on the exam. This URMILLA PERSAD, CISA, CISM, CRISC
divided into two sections for focused study. Section one of
publication is ideal to use in conjunction with the: IT AUDIT MANAGER, FIRST CITIZENS TRINIDAD & TOBAGO
each chapter contains:

CISA Review Manual, 26th Edition
PORT OF SPAIN, TRINIDAD & TOBAGO
Definitions and objectives for the five areas, as well ISACA MEMBER SINCE 2004
CISA Review Questions, Answers & Explanations as the corresponding tasks performed by IS auditors
Database 12 Month Subscription and knowledge statements (required to plan, manage
To assist candidates in maximizing study efforts, questions
and perform IS audits) that are tested on the exam Becoming ISACA-certified doesnt just say youre well read or well
are presented in the following two ways: A map of the relationship of each task to the connected. It announces that you have the expertise and insight
knowledge statements to speak with authority. The credibility that it adds lets you create
Sorted by job practice areaQuestions, answers and
explanations are sorted by the CISA job practice A reference guide for the knowledge statements, value for your enterprise. Your ISACA certifications are more than
areas. This allows the CISA candidate to refer to including the relevant concepts and explanations just credentials, they are platforms that can elevate your career.
questions that focus on a particular area as well as to References to specific content in section two for each
evaluate comprehension of the topics covered within knowledge statement
each practice area. Self-assessment questions and explanations of the
Scrambled as a sample 150-question exam150 of answers
the 1,000 questions included in the manual are
selected to represent a full-length CISA exam, with Section two of each chapter consists of reference material
questions chosen in the same percentages as the and content that supports the knowledge statements.
current CISA job practice areas. Candidates are urged The material enhances CISA candidates knowledge
to use this sample test to simulate an actual exam and and/or understanding when preparing for the CISA
to determine their strengths and weaknesses in order certification exam. In addition, the CISA Review Manual,
to identify areas that require further study. Answer 26th Edition includes brief chapter summaries focused
sheets and an answer/reference key for the sample on the main topics and case studies to assist candidates
in understanding current practices. Also included are
exam are also included. All sample test questions have
been cross-referenced to the questions sorted by definitions of terms most commonly found on the exam. CERTIFICATION EXAMS ARE HELD IN JUNE / SEPTEMBER / DECEMBER.
practice area, making it convenient for the user to refer To learn more or register for an upcoming exam go to: www.isaca.org/certifications
The manual also serves as an effective desk reference for
back to the explanations of the correct answers.
IS auditors.

Member: US $100.00
Member: US $105.00
CISA Review Questions, Answers & Explanations Manual

Non-member: US $130.00 26 Edition

th

CISA Non-member: US $135.00

3701 Algonquin Road | Suite 1010
Rolling Meadows, IL 60008 | USA

Product Code: QAE11ED

P: +1.847.253.1545
F: +1.847.253.1443
E: info@isaca.org

Product Code: CRM26ED

isaca.org

Review Manual
CISA Review Manual 26th Edition

11 Edition
Available in: Chinese Simplified, Italian,
th

CISA Available in: Chinese Simplified, French, Italian,

Suite 1010
8 | USA

Japanese, and Spanish

Review Questions, Answers &
Explanations Manual Japanese, and Spanish
11th Edition

Order online at isaca.org/bookstore

 Audit Resources
Auditing Cloud Computing: A Security and
Privacy Guide
by Ben Halpert
Many organizations are reporting or projecting a significant
cost savings through the use of cloud computing-utilizing
shared computing resources to provide ubiquitous
access for organizations and end users. Just as many
organizations, however, are expressing concern with
security and privacy issues for their organizations data in
the cloud. Auditing Cloud Computing provides necessary
guidance to build a proper audit to ensure operational
integrity and customer data protection, among other
aspects, are addressed for cloud based resources.
Member: US $65.00
Non-member: US $75.00
Product Code: 107ACC
A New Auditors Guide to Planning, Performing
and Presenting IT Audits
by Nelson Gibbs, Divakar Jain, Amitesh Joshi, Surekha
Muddamsetti, Sarabjot Singh
Information technology is a highly dynamic, rapidly
changing environment. IT auditors are expected to stay
current with the latest tools, technologies and trends, and
may need to do additional research to prepare for specific
audits. This book is designed to help aspiring and active
internal auditors take a step back and understand the
general process and activities involved in conducting an
audit around technology.
Member: US $70.00
Non-member: US $80.00
Product Code: 1IIA
Information Technology Control and Audit,
Fourth Edition
by Sandra Senft and Frederick Gallegos
The new edition of a bestseller, Information Technology
Control and Audit, Fourth Edition provides a comprehensive
and up-to-date overview of IT governance, controls, auditing
applications, systems development, and operations. Aligned
to, and supporting the Control Objectives for Information
and Related Technology (COBIT), it examines emerging
trends and defines recent advances in technology that
impact IT controls and auditsincluding cloud computing,
web-based applications, and server virtualization.
Member: US $90.00
Non-member: US $100.00
Product Code: 4CRC4
Auditors Guide to IT Auditing and Software
Demo, Second Edition
by Richard E. Cascarino
Many Auditors are unfamiliar with the techniques they need
to know to efficiently and effectively determine whether
information systems are adequately protected. Now in a
Second Edition, Auditors Guide to IT Auditing presents an
easy, practical guide for auditors that can be applied to all
computing environments.
Follows the approach used by the Information System
Audit and Control Associations model curriculum,
making this book a practical guide for IS auditing
Serves as an excellent study aid for those preparing
for the CISA and CISM exams
Includes discussion of risk evaluation methodologies,
new regulations, SOX, privacy, banking, IT
governance, COBIT, outsourcing, network
management and the Cloud.

IT Auditing and Application Controls for Small
and Mid-Sized Enterprise: Revenue, Expenditure,
Inventory, Payroll, and More
by Jason Woods, William Brown, Harry Howe
If youre a financial auditor needing working knowledge
of IT and application controls, IT Auditing and Application
Controls for Small and Mid-Sized Enterprise provides the
information you need. Conceptual overviews of key IT
auditing issues are included, as well as concrete hands-on
tips and techniques. Inside, youll find background and
guidance with appropriate reference to material published
by ISACA, AICPA, organized to show the increasing
complexity of systems, starting with general principles and
progressing through greater levels of functionality.
Member: US $70.00
Non-member: US $80.00
Product Code: 111WIT
Securing Cloud and Mobility: A Practitioners
Guide
by Ian Lin, E.Coleen Coolidge, Paul Hourani
Although virtualization is a widely accepted technology,
there are few books dedicated to virtualization and security.
Securing Cloud and Mobility: A Practitioners Guide fills
this need by explaining how to secure the multifaceted
layers of private and public cloud deployments as well as
mobility infrastructures. With comprehensive coverage that
includes network, server, and endpoint security, it provides
a strategic view of the security implications of virtualization
and cloud computing.
Member: US $80.00
Non-member: US $90.00
Product Code: 58CRC
Member: US $95.00
Non-member: US $105.00
Product Code: 53WAG2
Security Strategies in Windows Platform and
Applications, Second Edition
by Michael G. Solomon
More than ninety percent of individuals, students,
educators, businesses, organizations, and governments
use Microsoft Windows, which has experienced frequent
attacks against its well-publicized vulnerabilities. Revised
and updated to keep pace with this ever-changing field,
Security Strategies in Windows Platform and Applications,
Second Edition focuses on new risks, threats, and points
of weakness associated with the Microsoft Windows
operating system. Particular emphasis is placed on
Windows XP, Vista, and 7 on the desktop, and Windows
Server 2003 and 2008 versions. This book instructs on
how to use tools and techniques to decrease risks arising
from vulnerabilities in Microsoft Windows operating systems
and applications.
Member: US $102.00
Non-member: US $112.00
Product Code: 3JBSS2

Order online at isaca.org/bookstore Order online at isaca.org/bookstore

 Audit Resources
Fraud Auditing and Forensic Accounting,
Fourth Edition
by Tommie W. Singleton, Aaron J. Singleton
With the responsibility of detecting and preventing
fraud falling heavily on the accounting profession, every
accountant needs to recognize fraud and learn the tools
and strategies necessary to catch it in time. Providing
valuable information to those responsible for dealing with
prevention and discovery of financial deception, Fraud
Auditing and Forensic Accounting, Fourth Edition helps
accountants develop an investigative eye toward both
internal and external fraud and how to cope with fraud
when it has occurred.
Member: US $80.00
Non-member: US $90.00
Product Code: 88WFA
IT Audit, Control, and Security
by Robert Moeller
When it comes to computer security, the role of auditors
today has never been more crucial. Auditors must ensure
that all computers, in particular those dealing with
e-business, are secure. As the only source for information
on the combined areas of computer audit, control and
security, the book describes the types of internal controls,
security and integrity procedures that management must
build into its automated systems. This timely book provides
auditors with the guidance they need to ensure that their
systems are secure from both internal and external threats.
Member: US $90.00
Non-member: US $100.00
Product Code: 90WACS
Order online at isaca.org/bookstore
Auditing and Assurance Services: Understanding
the Integrated Audit
by Karen L. Hooks
This publication discusses the auditing professions
requirement to focus on the integrated audit in the wake of
the Sarbanes-Oxley Act. It also outlines the impact of the
Public Company Accounting and Oversight Board (PCAOB)
on the auditing of public companies.
Member: US $237.00
Non-member: US $247.00
Product Code: 93WAAS
Security, Audit and Control Features Oracle
E-Business Suite, 3rd Edition
*Look for the release of the 4th edition in late 2015
by ISACA Deloitte Touche Tohmatsu Research Team
This updated edition of one of ISACAs most popular guides
reflects the many changes that the business environment
and the Oracle ERP application have undergone since the
second edition was published. In response to customer
needs and an increased market awareness of governance,
risk and compliance (GRC), Oracle Corp. has continued
to boost its GRC offerings and released the updated and
improved Oracle E-Business Suite R12.1 (EBS) in 2009.
This in-demand guide also provides an update on current
industry standards and identifies future trends in Oracle
EBS risk and control. It enables audit, assurance, risk and
security professionals (IT and non-IT) to evaluate risks and
controls in existing ERP implementations, and facilitates the
design and implementation of better practice controls into
system upgrades and enhancements.
Member: US $60.00
Non-member: US $75.00
Product Code: 1SOA3
Interpretation and Application of International Security, Audit and Control Features Oracle
Standards on Auditing Database, 3rd Edition
by Steven Collings *Look for the release of the 4th edition in late 2015
In recent years, auditing has undergone significant Protecting information assets is challenging for every
changes, due in large part to well-publicized corporate enterprise, regardless of size and industry, and it has
disasters such as Enron and Parmalat, which have become an even more complex task for enterprises adopting
shaken the profession. In response, many countries have distributed computing environments. Security, Audit and
replaced preexisting domestic standards with International Control Features Oracle Database, 3rd Edition provides
Standards on Auditing (ISAs) in an attempt to ensure that a new perspective of security and controls over Oracle.
auditors throughout the world apply the same level of This updated edition includes a background and review
work during all audit assignments, and that audit quality of security controls and addresses the risks associated
remains consistent on a global basis. Use this book as with protecting information in a distributed computing
ready-resource for navigating the global standards. environment of various platforms, versions, interfaces
and tools.
Member: US $110.00
Non-member: US $120.00 Member: US $40.00
Product Code: 95WISA Non-member: US $55.00
Product Code: ODB9
Controls and Assurance in the Cloud:
Using COBIT 5
This information can assist enterprises in assessing the
potential value of cloud investments to determine whether
the risk is within the acceptable level. It provides a list of
publications and resources that can help determine if cloud
computing is the appropriate solution for the data and
processes being considered.
Print
Member: US $35.00
Non-member: US $60.00
Product Code: CB5CA
eBook
Free member download
Non-member: US $60.00
Product Code: WCB5CA
Order online at isaca.org/bookstore
 Audit Resources

Security, Audit and Control Features Oracle COBIT 5 for Assurance

PeopleSoft, 3rd Edition Building on the COBIT 5 framework, this guide focuses
by ISACA, Deloitte Touche, Tohmatsu Research Team on assurance and provides more detailed and practical

THIS IS THE
guidance for assurance professionals and other interested
Between the covers of this book, readers will find the
parties at all levels of the enterprise on how to use COBIT 5
details needed to confidently plan and execute a detailed
to support a variety of IT assurance activities.

INFORMATION AGE.
review of risk and controls in a PeopleSoft environment.
A lot has changed in terms of new product features, new
Print
releases and various regulatory compliance requirements
Member: US $35.00
for enterprises since the second edition of this guide
Non-member: US $80.00
was published in 2005. This third edition aims to ensure

ISACA KEEPS ME
Product Code: CB5A
that the audit programs, risk and controls are functional
and relevant with current research for Oracle PeopleSoft eBook

MORE INFORMED.
HRMS release 9.1. In addition, chapter 12, New Directions Free member download
for PeopleSoft and ERP Audit, discusses the changing Non-member: US $80.00
Product Code: WCB5A
compliance landscape, tools to assist with compliance and
Oracle Fusion, and the pathway for PeopleSoft installations.

OPEYEMI ONIFADE, CISA, CISM, CGEIT

Member: US $65.00
PRACTICE LEADER, AFENOID ENTERPRISE, LTD
Non-member: US $80.00 ABUJA, NIGERIA
Product Code: ISPS3 ISACA MEMBER SINCE 2010

Connect with a global community of more than 140,000 innovators,

leaders and passionate professionals in IS and IT. Leverage
standards, best practices and expert insights into the rapidly evolving
IT landscape. Be more informed, inspired, skilled and successful
every day of your career.

LIKE BOOKS?

Pinpoint your next job opportunity Consider the real value of an ISACA membership.
with ISACAs CareerLaser Over 575 FREE e-Book downloads available
for ISACA members, including:
ISACAs CareerLaser newsletter offers monthly updates on the latest jobs, top-of-mind industry news, IT Control Objectives for Sarbanes-Oxley
events and employment trends to help you navigate a successful career the information systems industry. Web Download
Let CareerLaser become your top resource for quality jobs matched specifically to your talents in audit,
Controls & Assurance in the Cloud: Using
assurance, security, governance, risk management and more. COBIT 5
Subscribe today by visiting www.isaca.org/careerlaser And hundreds MORE!
Need CPEs? For less than $200 annually*,
membership also offers over 70 FREE CPE
hours each yearWell more than the required
40 annual hours needed to maintain your
certification at an unbeatable price.
*Contingent on regional chapter dues. More than 90% of all
ISACA memberships are under $200.

Visit the ISACA Career Centre at www.isaca.org/careercentre to find additional career tools,
including access to top job candidates.

Networking | Standards | Insights | Member Savings | Free CPEs | COBIT 5

Order online at isaca.org/bookstore

3701 Algonquin Road, Suite 1010
Rolling Meadows, IL 60008 USA

Contact the ISACA Bookstore

E-mail: bookstore@isaca.org
Tel: +1.847.660.5650
Fax: +1.847.253.1443