This book has been updated in October 2022. CISA and CISM are NOT pure technical certs. In fact they tend to focus more on the policies/programs, auditing and management side of IS. There are technical questions but the questions are not like those that you find in the MS/Cisco exams. You need to know the basics of new IT technologies but you also need to know the older technologies since many old stuff are still at work in the modern business world. CISA and CISM are supposed to be different in that one focuses on auditing and another on management. HOWEVER, they are practically sharing many of the knowledge areas. This book focuses more on the audit track. We also reference the latest available guidelines published by ISACA. This book comes with knowledge material created referencing the latest Job Practice Areas. When we develop our material we do not classify topics the BOK way. We follow our own flow of instructions which we think is more logical for the overall learning process. Don’t worry, it does not hurt to do so, as long as you truly comprehend the material.
