This lesson covers what is needed to pass the exam, including how to evaluate an IT government structure and how management style fits into the governance of an organization. [toggle_content title="Transcript"] Alright, so, wrapping up module 2; these are the things we need to worry about for the exam. We have to know how to evaluate the IT governance structure. How to learn what it actually looks like and who's responsible for what. Then we have to think about the structure of the organization itself to make sure that that shows proper alignment with the business objectives. Then we have to think about policies, standards, procedures and guidelines, how those fit-in to the management style and governance of the organization. We know that management is responsible for enforcing the policies, procedures, and standards. If they have a hand in creating those, they're going to be responsible for the enforcement as well. It just makes sense. We need to know how risk management works and understand that that process of risk management continues throughout the entire life-cycle of a system or potentially the entire life-cycle of the organization. Having some way to measure quality and to manage defects in quality is an important thing to remember. Having the ability to monitor the processes of the organization and how well it's doing, picking the appropriate metrics and understanding what those numbers really mean. And then, last, we have IT performance and the performance of IT vendors. So this could be things that are determined through service level agreements. Through turnaround time for trouble tickets, requests for audit information, how soon they respond. There's lots of different ways to quantify that. So if you dig in to these topics a little bit deeper before we move on to the next module, you should be well rehearsed for the exam. Alright, so, after this, go ahead and do the module 2 review questions and we'll see you in module 3. Thank you. [/toggle_content]
Certified Information System Auditor (CISA)
In order to face the dynamic requirements of meeting enterprise vulnerability management challenges, CISA course covers the auditing process to ensure that you have the ability to analyze the state of your organization and make changes where needed.