upto 50% Off Upgrade your Skills with our Special Offers! JOIN NOW X

CISA Domain 3 – Information Systems Acquisition, Development and Implementation- PART 6

PART 6 – CISA Domain 3 – Information Systems Acquisition, development and implementation

  • What is Benchmarking process?
  • What is Capacity Maturity Model Integration (CMMI)?
  • What are process procedures and controls?

1. Benchmarking process:

  • Benchmarking is about improving business processes.
  • It is defined as a continuous, systematic process for evaluating the products, services or work processes of organizations recognized as a world-class “reference” in a globalized world
  • Benchmarking process includes the following exercise:
    • Plan
    • Research
    • Observe
    • Analyze
    • Adopt
    • Improve

2. Capacity Maturity Model Integration (CMMI):

  • Capability Maturity Model Integration (CMMI) is a process level improvement training and appraisal program. Administered by the CMMI Institute, a subsidiary of ISACA.
  • The following are the characteristics of the maturity levels:
    • Level 1 – Initial Processes are unpredictable, poorly controlled and reactive.
    • Level 2 – Managed Process is characterized for projects and is often reactive.
    • Level 3 – Defined Process characterized for the organization and is proactive
    • Level 4 – Quantatively managed Process is measured and controlled
    • Level 5 – Optimizing Focus is on process improvement.

3. Processing procedures and controls:

  • Processing procedures and controls are meant to ensure the reliability of application program processing.
  • IS auditors need to understand the procedures and controls that can be exercised over processing to evaluate what exposures are covered by these controls and what exposures remain.

Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8, Part 9

AUTHOR
Aswini Srinath ( )
Writer And Editor
I am a qualified Chartered Accountant based out of Chennai, with 8+ years of experience in various roles in finance domain including CA Practice, financial reporting and auditing. I have always been keen to challenge myself by exploring potential capabilities outside of my core competency. Picked up Information Security as one such thing. Cleared CISA with 2nd Rank in ISACA Chennai Chapter in 2019. Since then, i have been sharing my learning and experience to a small group of avid followers, helping them prepare for their CISA exams. This article is also one such attempt, where I summarize the key areas in each domain based on the importance and weightage from an exam point of view.
TOP