100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CISA Domain 1 Questions & 100% Correct Answers $13.49   Add to cart

Exam (elaborations)

CISA Domain 1 Questions & 100% Correct Answers

 6 views  0 purchase
  • Course
  • CISA
  • Institution
  • CISA

An IS auditor is conducting a compliance test to determine whether controls support management policies and procedures. The test will assist the IS auditor to determine: :~~ That the control is operating as designed Compliance tests can be used to test the existence and effectiveness of a d...

[Show more]

Preview 4 out of 65  pages

  • September 9, 2024
  • 65
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CISA
  • CISA
avatar-seller
ExamArsenal
1 | P a g e | © copyright 2024/2025 | Grade A+




CISA Domain 1 Questions & 100%
Correct Answers
An IS auditor is conducting a compliance test to determine whether controls

support management policies and procedures. The test will assist the IS auditor to

determine:


✓ :~~ That the control is operating as designed




Compliance tests can be used to test the existence and effectiveness of a defined

process. Understanding the objective of a compliance test is important. IS auditors

want reasonable assurance that the controls they are relying on are effective. An

effective control is one that meets management expectations and objectives.




When developing a risk management program, what is the first activity to be

performed?

✓ :~~ Inventory of assets.




Identification of the assets to be protected is the first step in developing a risk

management program.




The primary purpose of an IT forensic audit is:




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


✓ :~~ The systemic collection and analysis of evidence after a system

irregularity.




Due to resource constraints of the IS audit team, the audit plan as originally

approved cannot be completed. Assuming that the situation is communicated in

the audit report, which course of action is most acceptable:




Test the adequacy of the control design

Test the operational effectiveness of the control

Focus on auditing high risk areas

Relying on management testing of controls.

✓ :~~ Focus on high risk areas. Reducing the scope and focusing on auditing

high-risk areas is the bets course of action.




While planning an IS audit, an assessment of risk should be made to provide:

✓ :~~ Reasonable assurance that the audit will cover material items.




ISACA IS Audit and Assurance Guideline 2202 (Risk Assessment in Planning) states

that the applied risk assessment approach should help with the prioritization and

scheduling process of the IS audit and assurance work. It should support the

selection process of areas and items of audit interest and the decision process to

design and conduct particular IS audit engagements.



Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+




Which of the following best describes the purpose of performing a risk assessment

in the planning phase of an IS audit:




Establish adequate staffing requirements to complete the IS audit

To provide reasonable assurance that all material items will be addressed

To determine the skills required to perform the IS audit

To develop the audit program and procedures

✓ :~~ To provide reasonable assurance that all material items will be

addressed.




A risk assessment helps focus the audit procedures on the highest risk areas

included in the scope of the audit.




A financial institution with multiple branch offices has an automated control that

requires the branch manager to approve transactions more than a certain amount.

What type of audit control is this?

✓ :~~ Preventative.




An IS auditor is validating a control that involved a review of system generated

exception reports. Which of the following is the best evidence of the effectiveness

of the control.


Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+




1- Walkthrough with the reviewer of the operation of the control

2- System generated exception report for the review period with the reviewers

sign off

3- A sample system generated exceptions report for the review period, with

follow-up action items noted by the reviewer

4- Management's confirmation of the effectiveness of the control for the review

period.

✓ :~~ A sample system generated exceptions report for the review period,

with follow-up action items noted by the reviewer.




A sample of a system generated report with evidence that the reviewer followed

up on the exception represents the best possible evidence of the effective

operation of the control because there is documented evidence that the reviewer

has reviewed and taken actions based on the exception report.




Which of the following is the most important skill an IS auditor should develop to

understand the constraints of conducting an audit:




1 - Contingency Planning

2 - IS Management resource allocation

3 - Project Management



Master01 | September, 2024/2025 | Latest update

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller ExamArsenal. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $13.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

79373 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$13.49
  • (0)
  Add to cart