Cisa stuvia 2024 - Study guides, Class notes & Summaries

Management - ANSWERPlans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. Is the responsibility of the executive management, under the leadership of the CEO IS Management - ANSWEREnsuring that adequate resources are allocated to suport IS operations Planning to ensure the most efficient and effective use of an operation's resources Authorizing and monitoring IT resource usage based on corporate policy ...

When evaluating the collective effect of preventive, detective and corrective controls within a process, an IS auditor should be aware of which of the following? A. The point at which controls are exercised as data flow through the system B. Only preventive and detective controls are relevant C. Corrective controls are regarded as compensating D. Classification allows an IS auditor to determine which controls are missing - ANSWERA. An IS auditor who has discovered unauthorized transaction...

Audit Function - ANSWEREnsures that the diverse tasks performed and achieved by the audit team will fulfill objectives, while preserving audit independence and competence. Information Systems - ANSWERThe combination of strategic, managerial, and operational activities involved in gathering, processing, storing, distributing and using information and its related technologies. Information Technology - ANSWERThe hardware, software, communication and other facilities used to input, store, proc...

Completing a Risk Analysis. - ANSWERWhat is the most important consideration before implementing a new technology? Indemnity Clause - ANSWERWhat is a clause that holds providers financially liable for violations? Agreed upon performance metrics in the SLA - ANSWERWhat is the best reference for vendor's ability to meet its SLA? Integrated Test Facility (ITF) - ANSWERWhat creates a fictitious entity in the database to process test transactions simultaneously with live input Its adva...

Planning, fieldwork/documentation, and reporting/follow-up - ANSWERMajor phases of the typical audit process Audit Charter - ANSWERAn overarching document that covers the entire scope of audit activities in an entire entity. Engagement Letter - ANSWERMore focused on a particular audit exercise that is sought to be initiated in an organization with a specific objective in mind. Short-Term Planning - ANSWERConsiders audit issues that will be covered during the year. Long-Term Planning ...

What is the definition of audit? - ANSWERAuditing is a detailed and specific evaluation of a process, procedure, organization, job function, or system, in which results are gathered and reported. What is the purpose of ethics? - ANSWERTo mandate the professional and personal conduct of auditors According to the ISACA Code of Ethics is an auditor allowed to share the results of an audit with other personnel? - ANSWERThe auditor must maintain confidentiality of the audit unless required by ...

Audit Charter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the internal audit function. (General audits) Engagement Letter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the external audit function. (Focused audits) Detective Controls (P.43) - ANSWERUse controls that detect and report the occurrence of an error, omission, or malicious act. Corrective Controls (P.43) - ANSWERCo...

Audit Risk - ANSWERThe risk that the audit report might contain a material error or that an error might exist that the auditor did not detect Control Risk - ANSWERThe risk that an auditor could lose control, errors could be introduced, or errors may not be corrected in a timely manner (if ever). Business Risk - ANSWERThese are risks that is inherent in the business or industry itself. They may be regulatory, contractual, or financial. Continuity Risk - ANSWERThe risk the business faces ...

What does EGIT stand for? What is it's meaning? - ANSWEREnterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - ANSWER1. IT Resource Management - Focuses on maintainng an updated inventory of all IT resources and addresses the risk mgmt. process. 2. Performance Measurement ...

Who is responsible for the governance of the enterprise? - ANSWERBoard of Directors What is corporate governance's purpose? - ANSWERto help build an environment of trust, transparency, and accountability to foster long-term investment, financial stability, and business integrity All stakeholders provide ______ into IT-decision making processes - ANSWERinput IT resource management - ANSWERmaintain updated inventory of IT assets and address risk management Performance management - A...