What is DISA?
Diploma in Information System Audit is offered by ICAI with the objective to enhance professional skills of its members in the area of IT dynamics. This course prepares members to offer services in the area of information security & business continuity which are relatively new avenues as compared to traditional practice.
Why DISA?
(1) Being a Auditor, DISA qualification will be must down the line maybe 2 to 3 years. Reason is simple, most of the organisations will be system driven where all the processing and controls will be integrated through computers. There will be minimum manual intervention. In such scenario, our traditional audit approach will not work. In system driven scenario, auditor need to know about system integration/system processing /data security/encryption techniques/ network security/system availability and backup processing. As a DISA holder you will have a edge over traditional auditors. I recommend you to consider CISA also once you complete DISA.
(2) RBI, SEBI and IRDAI has already mandated annual system audits of all banks, broking house and insurance companies. This is in addition to statutory/internal audits. DISA has been recognized as one of the qualification for system auditors. Huge scope awaits for DISA qualified professional.
(3) For Internal Audits, audit firms with DISA qualified partners are preferred by the organisations.
(4)In employment also, DISA qualified members are in huge demand.
(5) DISA qualification opens up avenues in the field of information security, business continuity, and IT risk management and other related field.
(6) Stringent data privacy laws like GDPR and draft version of data protection bill (India) already have created stiff demand for DISA/CISA qualified professionals.
(7) With changing paradigms, knowledge and experience in technology are not merely desirable, but basic requirements for growth and even survival in the evolving global village.
How to prepare for DISA certification?
To be honest, it’s not an easy task. But if you follow below pattern for preparation, I am sure your certification is not far away.
Resource Requirement:
(1) As of now, DISA exam pattern is aligned with its global peer CISA (Certified Information System Auditor). It is highly recommended to refer www.cisaexamstudy.com and attempt all MCQs available therein.
(2)ICAI modules contain lot of information. But they seems to be too lengthy and dry. For professionals, with limited technical knowledge, it is advisable to grab a copy of DISA Exam-Study Guide published by Notionpress.
(3) Get one thing absolutely clear. No other study material is required. That will unnecessary create confusion.
(4) Please start preparation atleast before 4 months of examination.
(5) Now, this is very very important. Please attempt 40 questions daily. Total time required is less than half an hour per day. No excuses even on weekends/holidays. I am not recommending any more study. 40 questions daily is the only requirement that will help us to get certification.
(6) If you follow 40-40 rule, within a month, you will able to attempt more than 1000 questions. Please note when you attempt a question, please pay more attention to explanation part i.e why a particular answer is correct and why other three are not. Also, note that for many questions testing concept will be repetitive in nature. So more question you attempt, more confidence you get.
(i)Pattern of Questions
(ii) What is the testing concept behind any question.
(iii) Easily able to identify distracters.
(iv) Easily able to co-relate correct answer with question.
(v) Help to manage time element.
(7) Practicing 40 questions daily will help you to understand:
The author can also be reached at career@infosec-career.com
CAclubindia
