Plz help me

ISCA SUGGESTIONS FOR Nov 13

 

Hello Students,

I hope your preparations are good and you are taking care of your health. At this stage it is more important to be focussed and to manage stress. Believe in yourself and your efforts. Remember that the institute is only going to check what you know, not what you don’t know. So, please remain confident and do well in all papers. As for ISCA, i hope our classes and class discussions have been helpful in retaining and managing this subject. I have herewith included certain more important topics which must not be missed by anyone. It, however, in no ways means that the others are less important.

Feel free to contact for any doubts and queries. And remember, “EFFORT ALONE BRINGS SUCCESS”

My best wishes are always with you!!

God Bless!!

SANJAY KHEMKA

CHAPTERWISE IMPORTANT TOPICS

Chap 1- 8- 10 marks

1) Initial Concepts of Sub, Supra, Stress, Boundary, Decoupling, Entropy-VIMP

2) TPS- IMP

3) Effect of use of IS on business, Characteristics of CBIS- IMP

4) Short Note-Electronic Document Management System

5) Guidelines for measures and indicators to be included in EIS

6) Misconceptions and pre-requisites of MIS

Chap 2- Minimum 10 marks-IMP

1) System Testing- VIMP FULL

2) Constraints in achieving System Development Objectives

3) Preliminary Investigation- IMP

4) System Maintenance, Input & Output Designing

5) Methods of Validation of Proposal, System Acquisition Standards

6) System Development Methods (specially Agile & Spiral)

7) Short Note on Tools –CASE, System Component Matrix, SRS, Data Dictionary

Chap 3- Around 15 Marks( Parts 2,3 & 5 More Imp)

PART 1(Less Imp)

1) Benefits of Controls and problems without it

2) Effect of Computers on Internal Control & Audit

3) Cost-Effectiveness, Short Note on ISACA

 

PART2-

1) Categories of Control (specially on basis of objective)

2) Control Techniques(2-2-2-3)

3) Audit Trail- IMP

4) Input and Process Controls

PART3( Imp 1 Question)

1) Application Software Acquisition Selection Process and Auditor’s Role- IMP

2) System Design Controls and Program Change Controls

3) Authorization, Testing and Quality Controls

4) Control over System Conversion

5) User Final Acceptance Testing and PIR and Auditor’s Role

PART4(1 Question)

1) Information Classification

2) Data Integrity Controls, Private and Public Key Structure

3) Types of Intrusion Detection, Recommended Controls

4) Types of Hacking

5) Types of Anti-Virus, recommended policies for protection against virus

PART5- VIMP (1 Question)

1) Technical Exposures

2) Asynchronous Attacks

3) Few Logical Access Controls & Auditor’s Role

4) Access Control and Authorization Mechanism

5) Few Physical Access Controls and Auditor’s Role

6) Few Environmental Controls and Auditor’s Role

Chap 4- Around 6-8 Marks (2 questions- 1 FROM 1ST PART AND 1 FROM 2ND)

1) Advantages of Continuous Auditing- VIMP

2) Multi-Year Plans Imp

3) IS Control Audit Phrases and Process of Testing

4) One Question on any Continuous Audit(specially Snapshots and CIS)- Imp

5) Documentation of the Control Testing Phrase

6) Review of Networks

Chap 5- Minimum 10 Marks

1) Risk Management and Risk Management Process(Amendment)-VV IMP

2) Risk Management Strategies- IMP

3) Short Note-Definitions and terms at the start relating to Risk VIMP

4) Considerations in Analysing Risk

5) Short Note- SLM, Outsourcing, Delphi Approach

6) Threats in a Computerised environment

 

 

Chap 6- Around 8-10 Marks

1) Backup(Types, Tips), Alternate Processing Facility-VIMP

2) Process of Development of BCP(especially 2nd, 3rd & 7th stages)

3) Types of Testing and Testing Process

4) Types of Plans

5) Types of Insurance(First Party, Third Party)

Chap 7- Around 10 Marks

1) ERP Implementation Key Decisions, Methodology – V.V.IMP

2) Risk and Governance Issues- V.IMP

3) Benefits of ERP, Why companies undertake ERP- IMP

4) What is ERP, Evolution, Features

Chap 8- Minimum 10-12 Marks

1) CMM-V. V.IMP

2) 4 Phrases of ISMS- IMP

3) COBIT- Benefits, 5 Principles & 7 Enablers- IMP

4) ITIL Framework- IMP

Chap 9- Around 6-8 Marks

1) Types& Components of Security Policy- V.IMP

2) Documentation Process, Contents of Audit Report- IMP

3) Specific points to be kept in mind with respect to Responsibility Allocation, Asset Classification, Access Control & Physical Security- IMP

4) What is Information Security and Security Objectives

5) Preventive, Restorative & Holistic Protection

Chap 10- Minimum 10 Marks

1) Controller- Appointment, Powers & Duties- Section 17,18- V.IMP

2) Intermediaries- V. IMP

3) Objectives of IT Act, Definitions and Initial Sections- 3-IMP,6,6A(Service Provider-IMP),7

4) Applications, Powers and Duties for entire Hierarchy as discussed in Class- Sections 10-IMP,23,35,36,38,46,41-IMP,49-IMP,50,51,54,57,61,62,63,87

5) Penalties- Sections 43,45, 66F-IMP,69-IMP,69B-IMP

6) Nodal Agency, Protected System, Computer Emergency Response Team

7) Imp Sections as mentioned in the 1-Page Summary of Chap 10

Thanks yar really thanks, u don't knw u really give some hope for clear this group in this attempt. Once again i thank u from cone of my heart. Nw i devot my tym only in dis topic

*******CA FINAL ISCA GUESSWORK……… DEAR STUDENTS….I HAVE ALREADY MAILED U THE GUESS OF ISCA AROUND 1 MONTH BACK….. OUT OF THOSE…. U MUST REVISE…..************* PUT MAXIMUM{{{{{{{{ 3-3.5 }}}}}} HOURS ON RTP, MODEL TEST PAPER AND FOLLOWING……….. NOTE- ****** DO WHATSOEVER U WOULD BE DOING****** BESIDES THIS******** Ch-1 (1) 5 characterstic of EIS 2)HOW CAN U DESIGN ( CHAPTER- 2) AND IMPLEMENTATION OF DATABASE ( CH-1) UNDER DSS 3) Types of System (4) Transaction Processing System (TPS)? Explain important features of a TPS. misconceptions about MIS (5) set of principles to guide the design of measures and indicators to be included in an EIS chapter-2 (1) Agile Vs Waterfall (2) feasibility study of preliminary investigation (3) Design- Dataflow (4) Case Tool / Data Flow Diagram (5) where source code is examined/ not examined ( unit testing) Chapter- 3 (1) Logical access control/issues and path (2) Control objective a. Data integrity/ privacy policy & methods b. Internal control audit concepts c. PCI Policies / DES / Antivirus method. d. auditor’s role in authorization controls e. Corrective Controls CHAPTER:4 a. CIS Advantage/ disadvantage b. IS Audit effectiveness & control c. Resources of LAN d. continuous auditing techniques, advantage and disadvantage. CHAPTER: 5 (1) RISK a. Risk management cycle – 5 strategies in risk development ( revised in Nov 12) b. Delphi approach of risk evaluation CHAPTER: 6 a. Methodology & methods of disaster recovery / Business continuity plan b. ERP post implements- Dilues, expectation, Fear / Risk & issues c. tasks to be undertaken in ‘Vulnerability assessment and definition of requirement’ phase of a Business Continuity Plan d. Risk issues and governance CHAPTER: 8 (1) COBIT 5 – benefit, Enables, principles / SA 402 / COCO / ISMS/ISO 27001, infrastructure liability- version 3 CHAPTER: 9 (1) Information protection rules methods & IS AUDIT REPORT CHAPTER: 10 (1) DIGITAL SIGNATURE SECTIONS Sec 3,7,10,14,15 Penalties- sec 43,44,45 Offences- sec 66 to 72 SHORT NOTES (a) Weaknesses of Spiral Model (b) Data Dictionary (c) Cryptosystem (d) Test Plan (e) Cold Site and Hot Site (f) Final Acceptance Testing (h) Level 1- Initial Level of CMM