100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
CISA ISACA (Cht. 1) Exam Study Guide. $10.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. ISACA CISA
  4.  
  5. ISACA CISA

Exam (elaborations)

CISA ISACA (Cht. 1) Exam Study Guide.
 6 views  0 purchase
  • Course
  • ISACA CISA
  • Institution
  • ISACA CISA

CISA ISACA (Cht. 1) Exam Study Guide. Audit Charter - answerAn overarching document that covers the entire scope of the audit activities in an entity. (Purpose, responsibility, authority, and accountability). An engagement letter is more focused on a particular audit exercise that is sought to b...

[Show more]

Preview 2 out of 6  pages

Document information

  • August 17, 2024
  • 6
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • cisa isaca cht 1 exam study guide

Written for

  • ISACA CISA
  • ISACA CISA

Seller

avatar-seller
Brightstars

Content preview

©EXAM STUDY MATERIAL 8/9/2024 11:50 AM




CISA ISACA (Cht. 1) Exam Study Guide.

Audit Charter - answer✔✔An overarching document that covers the entire scope of the audit
activities in an entity. (Purpose, responsibility, authority, and accountability). An engagement
letter is more focused on a particular audit exercise that is sought to be initiated in an
organization with a specific objective in mind.
When does audit planning occur? What factors should be taken into account in the analysis? -
answer✔✔Short and long term analysis should occur annually to take into account new control
issues; changes in risk environment, technologies and business processes; and enhance
evaluation techniques.

Who reviews and who approved audit activities? - answer✔✔The audit activities should be
reviewed by senior audit management and approved by the audit committee or BOD.

Audit assignment considerations for the approach - answer✔✔-periodic risk assessment
-changes in application of tech
-evolving regulatory requirements
-implementation/upgrade deadlines
-current and future technologies
-requirements from the business
-resource limitations

Steps to perform Audit Planning - answer✔✔-gain understanding of biz mission, objectives,
purpose and processes (I.e. availability, integrity, security and business technology and
information confidentiality)
-understand changes in biz environment
-review work papers
-identity stated contents (policies, standards, procedures, org structure)
-perform risk analysis to design audit plan
-set audit scope and objectives

, ©EXAM STUDY MATERIAL 8/9/2024 11:50 AM


-develop audit approach or strategy
-assign resources
-address logistics

Steps performed to determine org's level of compliance with external requirements - answer✔✔-
identify those gov or external requirements around
- electronic data, personal data, copyrights, e-commerce, e-signitures
- computer system practices and controls
- computer, program, and data storage
- org/activities of info tech services
- IS audits
-document applicable laws/regulations
-assess if org/IT function considered external req in policies, procedures, and standards
-review docs that address adherence to laws
-determine if procedures in place for external it services providers (legal requirements)

Risk analysis is part of: - answer✔✔Audit planning and helps identify risk and vulnerabilities so
auditor can determine the controls needed to mitigate risk.

Risk is combination of: - answer✔✔The probability of an event and its consequence

Auditors is often focused on what type of risks: - answer✔✔High risk issues associated with
availability, integrity, confidentiality, of sensitive and critical information and underlying info
systems and processes that generate, store, and manipulate such information.

Definition of Risk - answer✔✔Adverse impact that could occur to organizational operations
(including missions, functions, image, reputation), organizational assets, individuals.. due to the
potential for unauthorized access, use, disclosure, disruption, modification, or destruction of info
and info systems.

What is the IT risk management process? - answer✔✔-identify business objectives
-identify critical and sensitive information assets
-perform risk assessment to identify threats and vulnerabilities, and determine probability of
occurance and resulting impact/safeguards that would mitigate impact
-perform risk mitigation

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $10.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

85169 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$10.49
  • (0)
  Add to cart