| π Back to Exam Syllabus | πΊ RooCloud on YouTube | π RooCloud Practice Exams |
Project Governance & Management (Part 2 of 2)
This episode continues the ISACA Certified Information Systems Auditor (CISA) exam prep series coverage of project governance and management, focusing on the practical mechanics of sizing, scheduling, and controlling a project through to a clean closure. Understanding these disciplines helps auditors identify weak points in project plans and ask the right questions at every stage.
What this episode covers
- Cost estimating approaches β analogous, parametric, bottom-up, and actual cost methods and when to apply each.
- Function point analysis β how software size is measured indirectly through user-visible components rather than lines of code.
- Scheduling tools β Gantt charts, critical path method, and PERT for handling uncertain task durations.
- Timebox management β fixing a short window and resources up front to prevent cost overruns and slipped dates.
- Scope, spending, and risk controls β the formal change request process, earned value analysis, and ownership of project versus business risk.
- Clean project closure β handing over to users, capturing lessons learned, and distinguishing a post-project review from a postimplementation review.
- The auditorβs role β reviewing test plans, checking separation of duties, and participating in the postimplementation review without compromising independence.
Watch the full episode above for the worked examples and detailed explanations of each concept.
Frequently Asked Questions
What are the four common approaches to project cost estimating?
The four approaches are analogous estimating, which borrows numbers from past projects and is fastest but roughest; parametric estimating, which uses statistics such as cost per unit for greater accuracy; bottom-up estimating, which prices every activity individually and is the most accurate but slowest; and actual costs, which extrapolate from what the same system cost previously.
What is function point analysis and why is it used?
Function point analysis measures software size by counting what users see and touch, including inputs, outputs, inquiries, files, and interfaces, each rated simple, average, or complex. It provides an indirect measure of size rather than a line count, making it well suited to business applications. You need to know what it does for the exam, not how to compute one.
How does the critical path method help manage a project schedule?
The critical path is the longest route through the project and sets the shortest possible completion time. Tasks on this path have zero slack, so any delay cascades to the entire project end date. Tasks off the critical path have slack, meaning they can slip slightly without affecting the finish.
What is earned value analysis and how does it detect cost overruns?
Earned value analysis compares the planned budget, actual spend to date, and the cost still needed to complete the work. For example, on a three-day task requiring eight hours per day, if the remaining estimate after day one exceeds sixteen hours, the task is already overrunning. This technique gives early warning before a small variance becomes a large problem.
π Master the ISACA CISA Exam!
Ready to test your knowledge? Access chapter-specific Multiple Choice Questions (MCQs) and full-length practice exams for the ISACA CISA certification at RooCloud.com. Solve the chapter-wise questions to reinforce this lesson before moving to the next episode.
Reference: This article is based on concepts discussed in Project Governance & Management (Part 2 of 2).