100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISA Ch 1 - Process of Auditing Information Systems. Exam Study Guide. $11.49   Add to cart

Exam (elaborations)

CISA Ch 1 - Process of Auditing Information Systems. Exam Study Guide.

 6 views  0 purchase
  • Course
  • CISA
  • Institution
  • CISA

CISA Ch 1 - Process of Auditing Information Systems. Exam Study Guide. Audit Charter - answerdocument that states management's objectives for and delegation of authority to IS audit. Should be approved at the highest levels of management, and should outline the overall authority scope, and resp...

[Show more]

Preview 2 out of 7  pages

  • August 17, 2024
  • 7
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISA
  • CISA
avatar-seller
Brightstars
©EXAM STUDY MATERIAL 8/9/2024 11:50 AM



CISA Ch 1 - Process of Auditing Information
Systems. Exam Study Guide.


Audit Charter - answer✔✔document that states management's objectives for and delegation of
authority to IS audit. Should be approved at the highest levels of management, and should
outline the overall authority scope, and responsibilities of the audit function. Should not
significantly change over time.

Engagement Letter - answer✔✔a letter that formalizes the contract between the auditor and the
client and outlines the responsibilities of both parties; focused on a particular audit exercise that
is sought to be initiated in an organization with a specific objective in mind

Audit Plan - answer✔✔A list of the audit procedures the auditors need to perform to gather
sufficient appropriate evidence on which to base their opinion on the financial statements;
consists of both short-term and long-term planning

Sarbanes-Oxley Act of 2002 - answer✔✔Law that requires companies to maintain adequate
systems of internal control

Professional Independence - answer✔✔In all matters related to the audit, the IS auditor should
be independent of the auditee in both attitude and appearance

Organizational Independence - answer✔✔The IS audit function should be independent of the
area or activity being reviewed to permit objective completion of the audit assignment

Audit Risk - answer✔✔the risk that information may contain a material error that may go
undetected during the course of the audit

Error Risk - answer✔✔the risk of errors occurring in the area being audited

Information Technology Assurance Framework (ITAF) - answer✔✔provides an integrated
process (involving technical and non-technical aspects) for developing and deploying IT systems
with intrinsic and appropriate security measures in order to meet the organizations mission

General standards - answer✔✔standards that establish the guiding principles under which the IT
assurance profession operates; they apply to the conduct of all assignments, and deal with the IT

, ©EXAM STUDY MATERIAL 8/9/2024 11:50 AM


audit and assurance professional's ethics, independence, objectivity and due care, as well as
knowledge, competency and skill

Performance standards - answer✔✔standards that establish baseline expectations in the conduct
of IT assurance engagements; focused on the design of the assurance work, the conduct of the
assurance, the evidence required, and the development of assurance and audit findings and
conclusions

Reporting standards - answer✔✔standards that address the types of audit reports, means of
communication, and information to be communicated at the conclusion of an audit

Risk analysis - answer✔✔part of audit planning, and helps identify risks and vulnerabilities so
the IS auditor can determine the controls needed to mitigate those risks

Risk - answer✔✔the potential that a given threat will exploit vulnerabilities of an asset or group
of assets and thereby cause harm to the organization; the combination of the probability of an
event and its consequence

Business Risk - answer✔✔a risk that may negatively impact the assets, processes or objectives
of a specific business or organization

IT Risk - answer✔✔the risk associated with the use, ownership, operation, involvement,
influence, and adoption of IT within an enterprise

Risk Assessment Process - answer✔✔1. Identify Business Objectives
2. Identify Information Assets supporting the BOs
3. Perform Risk Assessment (RA)
4. Perform Risk Mitigation (RM)
5. Perform Risk Treatment (RT)
6. Perform Periodic Risk Reevaluation

Internal controls - answer✔✔normally composed of policies, procedures, practices and
organizational structures which are implemented to reduce risk to the organization; developed to
provide reasonable assurance to management that the organization's business objectives will be
achieved and risk events will be prevented, or detected and corrected

Preventive controls - answer✔✔Controls that deter control problems before they occur

Detective controls - answer✔✔Controls that discover problems as soon as they arise

Corrective controls - answer✔✔Controls that remedy control problems that have been
discovered

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $11.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

83637 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$11.49
  • (0)
  Add to cart