Free ISACA CISA Practice Tests (By Domains and Subdomains)

DOMAIN 1 β€” Information Systems Auditing Process

Tests your ability to plan and perform industry-standard information systems audits, evaluate an organization’s IS/IT security, risks, and controls, and communicate conclusions that help protect and control its information systems.

1A β€” Planning

ItemExam Content Area
1A-1IS Audit Standards, Guidelines, and Codes of EthicsTest 1Test 2Test 3Test 4
1A-2Types of Audits, Assessments, and ReviewsTest 1Test 2Test 3Test 4
1A-3Risk-Based Audit PlanningTest 1Test 2Test 3Test 4
1A-4Types of Controls and ConsiderationsTest 1Test 2Test 3Test 4

1B β€” Execution

ItemExam Content Area
1B-1Audit Project ManagementTest 1Test 2Test 3Test 4
1B-2Audit Testing and Sampling MethodologyTest 1Test 2Test 3Test 4
1B-3Audit Evidence Collection TechniquesTest 1Test 2Test 3Test 4
1B-4Audit Data AnalyticsTest 1Test 2Test 3Test 4
1B-5Reporting and Communication TechniquesTest 1Test 2Test 3Test 4
1B-6Quality Assurance and Improvement of Audit ProcessTest 1Test 2Test 3Test 4

DOMAIN 2 β€” Governance & Management of IT

Tests your ability to identify critical IT governance and management issues and recommend enterprise-specific practices that support and safeguard the governance of information and related technologies.

2A β€” IT Governance

ItemExam Content Area
2A-1Laws, Regulations, and Industry StandardsTest 1Test 2Test 3Test 4
2A-2Organizational Structure, IT Governance, and IT StrategyTest 1Test 2Test 3Test 4
2A-3IT Policies, Standards, Procedures and PracticesTest 1Test 2Test 3Test 4
2A-4Enterprise Architecture and ConsiderationsTest 1Test 2Test 3Test 4
2A-5Enterprise Risk ManagementTest 1Test 2Test 3Test 4
2A-6Privacy Program and PrinciplesTest 1Test 2Test 3Test 4
2A-7Data Governance and ClassificationTest 1Test 2Test 3Test 4

2B β€” IT Management

ItemExam Content Area
2B-1IT Resource ManagementTest 1Test 2Test 3Test 4
2B-2IT Vendor ManagementTest 1Test 2Test 3Test 4
2B-3IT Performance Monitoring and ReportingTest 1Test 2Test 3Test 4
2B-4Quality Assurance and Quality Management of ITTest 1Test 2Test 3Test 4

DOMAIN 3 β€” Information Systems Acquisition, Development & Implementation

Tests your ability to evaluate the acquisition, development, and implementation of information systems, demonstrating your understanding of IT controls and how technology supports business objectives.

3A β€” Information Systems Acquisition and Development

ItemExam Content Area
3A-1Project Governance and ManagementTest 1Test 2Test 3Test 4
3A-2Business Case and Feasibility AnalysisTest 1Test 2Test 3Test 4
3A-3System Development MethodologiesTest 1Test 2Test 3Test 4
3A-4Control Identification and DesignTest 1Test 2Test 3Test 4

3B β€” Information Systems Implementation

ItemExam Content Area
3B-1System Readiness and Implementation TestingTest 1Test 2Test 3Test 4
3B-2Implementation Configuration and Release ManagementTest 1Test 2Test 3Test 4
3B-3System Migration, Infrastructure Deployment, and Data ConversionTest 1Test 2Test 3Test 4
3B-4Post-implementation ReviewTest 1Test 2Test 3Test 4

DOMAIN 4 β€” Information Systems Operations & Business Resilience

Tests your ability to evaluate information systems operations and business resilience, demonstrating your understanding of IT controls and how reliable, recoverable technology services support business objectives.

4A β€” Information Systems Operations

ItemExam Content Area
4A-1IT ComponentsTest 1Test 2Test 3Test 4
4A-2IT Asset ManagementTest 1Test 2Test 3Test 4
4A-3Job Scheduling and Production Process AutomationTest 1Test 2Test 3Test 4
4A-4System InterfacesTest 1Test 2Test 3Test 4
4A-5Shadow IT and End-User ComputingTest 1Test 2Test 3Test 4
4A-6Systems Availability and Capacity ManagementTest 1Test 2Test 3Test 4
4A-7Problem and Incident ManagementTest 1Test 2Test 3Test 4
4A-8IT Change, Configuration, and Patch ManagementTest 1Test 2Test 3Test 4
4A-9Operational Log ManagementTest 1Test 2Test 3Test 4
4A-10IT Service Level ManagementTest 1Test 2Test 3Test 4
4A-11Database ManagementTest 1Test 2Test 3Test 4

4B β€” Business Resilience

ItemExam Content Area
4B-1Business Impact AnalysisTest 1Test 2Test 3Test 4
4B-2System and Operational ResilienceTest 1Test 2Test 3Test 4
4B-3Data Backup, Storage, and RestorationTest 1Test 2Test 3Test 4
4B-4Business Continuity PlanTest 1Test 2Test 3Test 4
4B-5Disaster Recovery PlansTest 1Test 2Test 3Test 4

DOMAIN 5 β€” Protection of Information Assets

Tests your understanding of cybersecurity principles, best practices, and common pitfalls involved in protecting information assets and managing security events.

5A β€” Information Asset Security and Control

ItemExam Content Area
5A-1Information Asset Security Frameworks, Standards, and GuidelinesTest 1Test 2Test 3Test 4
5A-2Physical and Environmental ControlsTest 1Test 2Test 3Test 4
5A-3Identity and Access ManagementTest 1Test 2Test 3Test 4
5A-4Network and End-Point SecurityTest 1Test 2Test 3Test 4
5A-5Data Loss PreventionTest 1Test 2Test 3Test 4
5A-6Data EncryptionTest 1Test 2Test 3Test 4
5A-7Public Key InfrastructureTest 1Test 2Test 3Test 4
5A-8Cloud and Virtualized EnvironmentsTest 1Test 2Test 3Test 4
5A-9Mobile, Wireless, and Internet-of-Things DevicesTest 1Test 2Test 3Test 4

5B β€” Security Event Management

ItemExam Content Area
5B-1Security Awareness Training and ProgramsTest 1Test 2Test 3Test 4
5B-2Information System Attack Methods and TechniquesTest 1Test 2Test 3Test 4
5B-3Security Testing Tools and TechniquesTest 1Test 2Test 3Test 4
5B-4Security Monitoring Tools and TechniquesTest 1Test 2Test 3Test 4
5B-5Security Incident Response ManagementTest 1Test 2Test 3Test 4
5B-6Evidence Collection and ForensicsTest 1Test 2Test 3Test 4
Scroll to Top