CISA Verified Exam Questions and Answers
What is the definition of audit? - answerAuditing is a detailed and specific evaluation of a
process, procedure, organization, job function, or system, in which results are gathered and
reported.
What is the purpose of ethics? - answerTo mandate the prof...
What is the definition of audit? - answer✔✔Auditing is a detailed and specific evaluation of a
process, procedure, organization, job function, or system, in which results are gathered and
reported.
What is the purpose of ethics? - answer✔✔To mandate the professional and personal conduct of
auditors
According to the ISACA Code of Ethics is an auditor allowed to share the results of an audit
with other personnel? - answer✔✔The auditor must maintain confidentiality of the audit unless
required by legal authority
Should the IS audit plan be integrated into the overall audit plan for the organization? -
answer✔✔The IS Audit function must fulfill all organizational audit objectives.
An IS Auditor is best advised to follow the standards provided by ISACA for conducting an
planning IS Audits - answer✔✔ISACA audit standards are recommendations for planning IS
audits.
ISACA Audit standard S2 Independence refers to what? - answer✔✔An Auditor should be
independent of the area being audited
Standard S4 Professional Competence, requires the auditor to have the skills to conduct the
audit? - answer✔✔appropriate continuing professional education
The basis for an audit plan should be what? - answer✔✔Risk
Audit findings and conclusions are supported by what? - answer✔✔Evidence
When an auditor uses the assistance of outside experts, what obligations does the auditor have to
review the work of the experts? - answer✔✔The auditor must apply additional test procedures if
the work of outside experts is not adequate
When an auditor is planning an information system audit and suspects a potential control
weakness, what are they obligated to do? - answer✔✔The auditor must consider the materiality
of the weakness and plan the audit accordingly.
What role does risk assessment have in audit planning? - answer✔✔Risk assessment is used to
determine the priorities for audit and allocation of audit resources.
What steps should an auditor take when a material irregularity is discovered? - answer✔✔The
auditor should communicate the irregularity to management in a timely manner
What is the risk to an audit if unusual relationships exist between staff members in the area being
audited? - answer✔✔The auditor may be provided inaccurate evidence
True or False? Supervision of the information systems audit staff should not be necessary if the
staff is adequately trained and experienced - answer✔✔True
Once an audit is completed and submitted does the auditor have any further responsibility? -
answer✔✔Yes, the auditor should follow up to ensure that management addressed any audit
issues in a timely manner
IT governance means: - answer✔✔The IT function aligns with business mission, values and
objectives
Relationships with third parties may: - answer✔✔Require the organization to comply with the
security standards of the third party
True or False? The organization does not have to worry about the impact of third party
relationships on the security program - answer✔✔False
The role of an Information Systems Security Steering Committee is to: - answer✔✔Provide
feedback from all areas of the organization
The most effective tool a security department has is: - answer✔✔A security awareness program
The role of Audit in relation to Information Security is: - answer✔✔The validate the
effectiveness of the security program against established metrics
Who should be responsible for development of a risk management strategy? - answer✔✔The
Security Manager
The security requirements of each member of the organization should be documented in: -
answer✔✔Their job descriptions
What could be the greatest challenge to implementing a new security strategy? -
answer✔✔Obtaining buy-in from employees
Which forms of wireless media operate only when there are no obstacles in the transmission
path? - answer✔✔Spread spectrum
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.
