Home > Store

Certified Information Systems Auditor (CISA) Cert Guide Premium Edition and Practice Tests

Register your product to gain access to bonus material or receive a coupon.

Certified Information Systems Auditor (CISA) Cert Guide Premium Edition and Practice Tests

Premium Edition eBook

  • Your Price: $47.99
  • List Price: $59.99
  • About Premium Edition eBooks
  • The Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson Test Prep practice tests.

    Your purchase will deliver:

    • Link to download the Pearson Test Prep exam engine
    • Access code for question database
    • eBook in the following formats, accessible from your Account page after purchase:

    EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    PDF The popular standard, which reproduces the look and layout of the printed page.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

    eBook FAQ

    eBook Download Instructions

Description

  • Copyright 2018
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 576
  • Edition: 1st
  • Premium Edition eBook
  • ISBN-10: 0-13-475761-0
  • ISBN-13: 978-0-13-475761-2

The exciting new Certified Information Systems Auditor (CISA) Cert Guide, Premium Edition eBook and Practice Test is a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:

  • The CISA Premium Edition Practice Test, including four full practice exams and enhanced practice test features
  • PDF and EPUB formats of the Certified Information Systems Auditor (CISA) Cert Guide from Pearson IT Certification, which are accessible via your PC, tablet, and smartphone


About the Premium Edition Practice Test


This Premium Edition contains an enhanced version of the Pearson Test Prep practice test software with four full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package:

  • Allows you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most


Pearson Test Prep online system requirements:
Browsers: Chrome version 40 and above; Firefox version 35 and above; Safari version 7; Internet Explorer 10, 11; Microsoft Edge; Opera. Devices: Desktop and laptop computers, tablets running on Android and iOS, smartphones with a minimum screen size of 4.7". Internet access required.


Pearson Test Prep offline system requirements:
Windows 10, Windows 8.1, or Windows 7; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases


About the Premium Edition eBook


Learn, prepare, and practice for CISA exam success with this Cert Guide from Pearson IT Certification, a leader in IT certification learning.

  • Master CISA exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions

Certified Information Systems Auditor (CISA) Cert Guide is a best-of-breed exam study guide from Pearson IT Certification, a leader in IT certification learning. World-renowned enterprise IT security leaders Michael Gregg and Rob Johnson share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.


Certified Information Systems Auditor (CISA) Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.


Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.


The study guide helps you master all the topics on the CISA exam, including:

  • Essential information systems audit techniques, skills, and standards
  • IT governance, management/control frameworks, and process optimization
  • Maintaining critical services: business continuity and disaster recovery
  • Acquiring information systems: build-or-buy, project management, and development methodologies
  • Auditing and understanding system controls
  • System maintenance and service management, including frameworks and networking infrastructure
  • Asset protection via layered administrative, physical, and technical controls
  • Insider and outsider asset threats: response and management



Sample Content

Sample Pages

Download the sample pages (includes Chapter 4 and the Index)

Table of Contents

Introduction xxiii
Chapter 1 The CISA Certification 3
    Exam Intent 3
    Why the CISA Certification Is So Important 4
        CISA: The Gold Standard 5
    Exam Requirements 6
    CISA Exam Windows 6
        Scheduling to Take the Exam 7
        Deadline to Apply for the CISA Certification 7
        ISACA Agreements 9
        CISA Exam Domains 10
        Question Format and Grading 13
        Exam Grading 13
        Exam Questions 14
        Getting Exam Results and Retests 15
        Maintaining CISA Certification 16
        Reporting CPE Hours Earned 16
        Earning CPE Hours 17
    Top 10 Tips and Tricks 18
    Chapter Summary 19
    Define Key Terms 20
    Suggested Readings and Resources 20
Chapter 2 The Information Systems Audit 23
    “Do I Know This Already?” Quiz 23
    Foundation Topics 27
    Skills and Knowledge Required to Be an IS Auditor 27
        Work-Related Skills 27
    Knowledge of Ethical Standards 28
    ISACA Standards, Procedures, Guidelines, and Baselines 31
        Knowledge of Regulatory Standards 35
        Guidance Documents 36
        Auditing Compliance with Regulatory Standards 38
        Knowledge of Business Processes 38
        Types of Audits 39
    Risk Assessment Concepts 40
        Risk Management 43
    Auditing and the Use of Internal Controls 45
    The Auditing Life Cycle 47
        Audit Methodology 47
        The Auditing Life Cycle Steps 48
        Chain of Custody and Evidence Handling 49
        Automated Work Papers 50
        CAATs 51
        Audit Closing 52
        Report Writing 53
    The Control Self-Assessment Process 54
    Continuous Monitoring 55
    Quality Assurance 56
    The Challenges of Audits 57
        Communicating Results 57
        Negotiation and the Art of Handling Conflicts 58
    Chapter Summary 59
    Exam Preparation Tasks 60
    Review All the Key Topics 60
    Complete Tables from Memory 61
    Define Key Terms 61
    Exercises 61
    2.1 Network Inventory 61
    Review Questions 64
    Suggested Readings and Resources 68
Chapter 3 The Role of IT Governance 71
    “Do I Know This Already?” Quiz 71
    Foundation Topics 75
    The IT Steering Committee 75
    Corporate Structure 77
    IT Governance Frameworks 77
        COBIT 78
        ITIL 78
        COBIT Versus ITIL 79
    Enterprise Risk Management 80
        The Risk Management Team 81
        Asset Identification 82
        Threat Identification 82
        Quantitative Risk Assessment 84
        Qualitative Risk Assessment 86
        The Three Lines of Defense Model 87
    Policy Development 90
        Policy 91
        Policy, Standards, Procedures, and Baselines 92
        Auditing Policies, Standards, Procedures, and Baselines 93
        Data Classification 96
        Security Policy 98
    Management Practices of Employees 100
        Forced Vacations, Rotation of Assignments, and Dual Control 102
        Separation Events 102
        Roles and Responsibilities 103
        Segregation of Duties (SoD) 105
        Compensating Controls 106
        Key Employee Controls 106
    Performance Management 107
        Key Performance Terms 108
    Management and Control Frameworks 110
        Enterprise Architecture 111
        Change Management 113
        Quality Management 113
    Maturity Models 116
        Implementing a Maturity Model 118
    Management’s Role in Compliance 119
    Process Optimization Techniques 121
        Taguchi 122
        PDCA 123
        Taguchi Versus PDCA 124
    Management of IT Suppliers 125
        Third-Party Outsourcing 125
        Third-Party Audits 126
        Contract Management 127
        Performance Monitoring 128
        Relationship Management 129
    Chapter Summary 130
    Exam Preparation Tasks 130
    Review All the Key Topics 130
    Complete Tables from Memory 131
    Key Terms 131
    Exercises 132
        3.1 Determining the steps for quantitative risk assessment 132
    Review Questions 133
    Suggested Readings and Resources 135
Chapter 4 Maintaining Critical Services 137
    “Do I Know This Already?” Quiz 137
    Foundation Topics 140
    Threats to Business Operations 140
    The Business Continuity Planning (BCP) Process 142
        Project Management and Initiation 143
        Business Impact Analysis 144
        Criticality Analysis 147
        Development and Recovery Strategy 149
        Final Plan Design and Implementation 151
        Training and Awareness 152
        Implementation and Testing 153
        Paper Tests 155
        Preparedness Tests 155
        Full Operation Tests 156
        Monitoring and Maintenance 156
        Understanding BCP Metrics 157
    Recovery Strategies 159
        Alternate Processing Sites 159
        Alternate Processing Options 160
        Hardware Recovery 163
        Redundant Array of Independent Disks 164
        Software and Data Recovery 165
        Backup and Restoration 167
        Telecommunications Recovery 169
        Verification of Disaster Recovery and Business Continuity Process Tasks 170
        The Disaster Life Cycle 172
    Chapter Summary 174
    Exam Preparation Tasks 174
    Review All the Key Topics 175
    Define Key Terms 175
    Exercises 175
        4.1 Business Impact and Risk 175
    Review Questions 177
    Suggested Readings and Resources 179
Chapter 5 Information Systems Acquisition and Development 181
    “Do I Know This Already?” Quiz 181
    Foundation Topics 185
    IT Acquisition and Project Management 185
        IT Acquisition 185
        Software Escrow Agreements 185
        Software Licensing 185
        Project Management 187
        Roles, Responsibility, and Structure of Project Management 188
        Project Culture and Objectives 189
        Making the Business Case for Investment 190
        Return on Investment 191
        Project Management Activities and Practices 192
        Project Initiation 193
        Project Planning 193
        Project Control and Execution 199
        Project Closing 199
    Business Application Development 200
        Systems-Development Methodology 200
        Phase 1: Initiation phase 202
        Phase 2: Development 204
        Phase 3: Implementation 208
        Phase 4: Operation and Maintenance 210
        Phase 5: Disposal 211
        Tools and Methods for Software Development 212
    Information Systems Maintenance 213
    Outsourcing and Alternative System Development 214
        Cloud Computing 216
        Cloud Threats 218
        Application-Development Approaches 219
        N-tier 220
        Virtualization 221
    Chapter Summary 222
    Exam Preparation Tasks 223
    Review All the Key Topics 223
    Complete Tables from Memory 223
    Define Key Terms 224
    Exercises 224
        5.1 Project Management 224
        5.2 Project Management 225
    Review Questions 226
    Suggested Readings and Resources 229
Chapter 6 Auditing and Understanding System Controls 231
    “Do I Know This Already?” Quiz 231
    Foundation Topics 235
    Audit Universe and Application Auditing 235
    Programmed and Manual Application Controls 236
        Business Process Controls 237
        Input Controls 237
        Processing Controls 239
        Data File Controls 241
        Output Controls 242
    Auditing Application Controls 243
        Understanding the Application 243
        Observation and Testing 244
        Data Integrity Controls 245
        Application System Testing 246
        Continuous Online Auditing 247
    Auditing Systems Development, Acquisition, and Maintenance 249
        Project Management 250
    Business Application Systems 252
        E-commerce 253
        Electronic Data Interchange 254
        Email 255
        Business Intelligence 256
        Decision Support Systems 257
        Artificial Intelligence and Expert Systems 258
        Customer Relationship Management 258
        Supply Chain Management 259
        Social Media 260
    Chapter Summary 260
    Exam Preparation Tasks 261
    Review All the Key Topics 261
    Define Key Terms 262
    Exercises 262
        6-1 Software Application Audit 262
    Review Questions 263
    Suggested Readings and Resources 266
Chapter 7 Systems Maintenance and Service Management 269
    “Do I Know This Already?” Quiz 269
    Foundation Topics 273
    Service Management Frameworks 273
        COBIT 273
        FitSM 274
        ISO 20000 274
        eTOM 275
    Fundamental Technologies 275
        Operating Systems 275
        Secondary Storage 277
        Utility Software 277
        Database-Management Systems 278
        Database Structure 279
        Software Licensing Issues 282
        Digital Rights Management 283
    Network Infrastructure 283
        Network Types 284
        Network Standards and Protocols 285
        The OSI Reference Model 286
        The Application Layer 287
        The Presentation Layer 287
        The Session Layer 288
        The Transport Layer 288
        The Network Layer 288
        The Data Link Layer 289
        The Physical Layer 289
        Network Services and Applications 290
        Comparing the OSI Model to the TCP/IP Model 292
        The Network Access Layer 292
        The Internet Layer 293
        The Host-to-Host/Transport Layer 295
        The Application Layer 296
        Network Services 297
        Wireless Technologies 298
        Bluetooth 298
        802.11 Wireless 299
        Smartphones, Tablets, and Hotspots 302
        Network Equipment 303
        Edge Devices 306
        DMZ 306
        Firewalls 306
        Firewall Configuration 308
        IDS/IPS 310
        Wide Area Networks 312
        Packet Switching 312
        Circuit Switching 313
    Capacity Planning and Systems Performance Monitoring 314
        Network Analyzers 316
        System Utilization and Load Balancing 317
        Third Parties and Cloud Providers 318
        Network Design 318
        Network Cabling 320
    Chapter Summary 323
    Exam Preparation Tasks 324
    Review All the Key Topics 324
    Define Key Terms 324
    Exercises 325
        7.1 Organizing Network Components 325
    Review Questions 328
    Suggested Readings and Resources 331
Chapter 8 Protection of Assets 333
    “Do I Know This Already?” Quiz 333
    Foundation Topics 336
    Access Control 336
        Identification and Authentication (I&A) 336
        Authentication by Knowledge 336
        Authentication by Ownership 338
        Authentication by Characteristic 338
        Single Sign-on 340
        Federation 343
        Remote Access 345
        RADIUS 345
        Diameter 346
        TACACS 346
        Additional Remote Access Options 346
        SSH 347
        VPNs 348
        Physical and Environmental Access Controls 349
        Fences, Gates, and Bollards 349
        Other Physical and Environmental Controls 351
        Using Guards to Restrict Access 352
        Locks 353
        Lighting 354
        CCTV 355
        Heating, Ventilation, and Air Conditioning (HVAC) 356
    Security Controls for Hardware and Software 356
        Securing Voice Communications 356
        Encryption’s Role as a Security Control 357
        Private Key Encryption 359
        Data Encryption Standard (DES) 361
        Advanced Encryption Standard (AES) 362
        Public Key Encryption 362
        RSA Encryption 363
        Elliptic Curve Cryptography (ECC) 363
        Quantum Cryptography 364
        Hashing and Digital Signatures 364
        Public Key Infrastructure (PKI) 365
        Using Cryptography to Secure Assets 367
        Internet Security Protocols 368
    Protection of Information Assets 369
        Information Life Cycle 369
        Access Restriction 370
        Laws Related to the Protection of Information 370
        Maintaining Compliance 371
        Protection of Privacy 372
        Using Data Classification to Secure Critical Resources 373
    Data Leakage and Attacks 374
        Attacks Against Encryption 374
        Threats from Unsecured Devices 375
        Threats from Improper Destruction 378
        Threats to the Infrastructure 378
    Chapter Summary 380
    Exam Preparation Tasks 381
    Review All the Key Topics 381
    Complete Tables from Memory 382
    Define Key Terms 382
    Review Questions 382
    Suggested Reading and Resources 384
Chapter 9 Asset Threats, Response, and Management 387
    “Do I Know This Already?” Quiz 387
    Foundation Topics 391
    Security Controls 391
        Technical Controls 391
        Cloud Computing 391
        Operating Systems 391
        Databases 393
        Virtualization 395
        Administrative Controls 396
    Attack Methods and Techniques 399
        Social Engineering and Nontechnical Attacks 399
        Sniffing 400
        Man-in-the-Middle Attacks and Hijacking 401
        Denial of Service 402
        Botnets 403
        Malware 404
        Wireless and Bluetooth 405
        SQL Injection 408
        Buffer Overflow 409
        XSS and XSRF 411
        Logic Bombs, Rounding Down, and Asynchronous Attacks 411
        Integer Overflow 412
        Password Attacks 412
    Prevention and Detection Tools and Techniques 414
        Audit and Log Review 414
        Security Testing Techniques 415
        Vulnerability Scanning 416
        Penetration Testing 416
    Problem and Incident Management Practices 418
        Tracking Change 418
        Fraud Risk Factors 419
        Insiders 419
        Outsiders 419
        Incident Response 420
        Emergency Incident Response Team 422
        Incident Response Process 422
        Incident Response and Results 424
        Forensic Investigation 425
        Forensics Steps 426
        Other Forensic Types 427
        Computer Crime Jurisdiction 429
    Chapter Summary 430
    Exam Preparation Tasks 430
    Review All the Key Topics 430
    Complete Tables from Memory 431
    Define Key Terms 431
    Review Questions 431
    Suggested Reading and Resources 433
Chapter 10 Final Preparation 437
    Tools for Final Preparation 437
        Pearson Test Prep Practice Test Software and Questions on the Website 437
        Accessing the Pearson Test Prep Software Online 438
        Accessing the Pearson Test Prep Software Offline 438
        Customizing Your Exams 439
        Updating Your Exams 440
        Premium Edition 440
        Memory Tables 441
        Chapter-Ending Review Tools 441
    Suggested Plan for Final Review/Study 441
    Summary 442
Glossary 445
Appendix A Answers to the “Do I Know This Already” Quizzes and Review
Questions 467

Online Elements:
Appendix B Memory Tables
Appendix C Memory Tables Answer Key
9780789758446, TOC, 10/4/2017

Updates

Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020