CISA Domain 4 Verified Solutions
Management ️ Plans, builds, runs, and monitors activities in alignment with the direction set by the
governance body to achieve the enterprise objectives. Is the responsibility of the executive
management, under the leadership of the CEO.
IS Management ️...
Management ✔️ Plans, builds, runs, and monitors activities in alignment with the direction set by the
governance body to achieve the enterprise objectives. Is the responsibility of the executive
management, under the leadership of the CEO.
IS Management ✔️ Ensuring that adequate resources are allocated to support IS operations. Planning
to ensure the most efficient and effective use of an operation's resources. Authorizing and monitoring IT
resource usage based on corporate policy. Monitoring operations to ensure compliance with standards.
IS Operations ✔️ Ensuring that detailed schedules exist for each operating shift. Reviewing and
authorizing changes to the operations schedules. Reviewing and authorizing changes to the network,
system, and applications. Ensuring that changes to hardware and software do not cause undue
disruption to normal processing. Monitoring system performance and resource usage to optimize
computer resource utilization. Monitoring service level agreements to ensure the delivery of quality IT
services that meet business needs. Anticipating equipment replacement/capacity to maximize current
job throughput and strategically plan future acquisitions. Maintaining job accounting reports and other
audit records. Reviewing logs from all IT systems to detect critical system events and establish
accountability of IS operations. Ensuring that all problems and incidents are handled in a timely manner.
Ensuring that IS processing can recover in a timely manner from minor and major disruptions of
operations.
Information Security ✔️ Ensuring the confidentiality, integrity, and availability of the data. Monitoring
the environment and the security of the facility to maintain proper conditions for equipment
performance. Ensuring that security vulnerabilities are identified and resolved in a timely manner.
Ensuring that security patches are identified and installed in a timely manner. Detecting intrusion
attempts. Resolving information security events, incidents, and problems in a timely manner. Limiting
logical and physical access to computer resources to those who require and are authorized to use it.
IT Service Management (ITSM) ✔️ The implementation and management of IT services (people,
process, and information technology) to meet business needs. ITIL and ISO 20000 are frameworks for
ITSM.
ITIL ✔️ ITSM framework. Reference body of knowledge for service delivery good practices.
, ITSM - IT services support ✔️ Help Desk. Incident management. Problem management. Configuration
management. Change management. Release management.
ITSM - IT Service Delivery ✔️ Service-level management. IT financial management. Capacity
management. IT service continuity management. Availability management.
Service Level Agreement (SLA) ✔️ Details the services to be provided. Completely defines the nature,
type, time, and other relevant information for the services being offered. If the services provided do not
meet the SLA, the IT organization or service provider has to improve the services.
Change Management ✔️ Cost-benefit and feasibility studies should be reviewed before the changes
are accepted and approved.
Delta Release ✔️ Partial release of updated program/software. Contains only those items that have
undergone changes since the last release.
Service level management ✔️ Process of defining, agreeing upon, documenting, and managing levels of
service that are required and cost justified. It includes the production and maintenance of the service
catalog, service review meetings, and service improvement plans (SIPs) for areas that are not achieving
their SLAs.
Exception Reports ✔️ Automated reports that identify all applications that did not successfully
complete or otherwise malfunctioned. An excessive number of exceptions may indicate: poor
understanding of business requirements, poor application design, development or testing, inadequate
operations instructions and support, inadequate sequencing of tasks, inadequate system configuration.
A way to monitor the efficiency and effectiveness of services provided by IT personnel. Is the first step in
Problem Management.
System and application logs ✔️ Logs generated from various systems and applications should be
reviewed to identify all application problems. A way to monitor the efficiency and effectiveness of
services provided by IT personnel.
Operator problem reports ✔️ Manual reports are used by operators to log computer operations
problems and their resolutions. A way to monitor the efficiency and effectiveness of services provided
by IT personnel.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller CertifiedGrades. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.39. You're not tied to anything after your purchase.