Cisa execution - Study guides, Class notes & Summaries

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA Domain 3 Exam 49 Questions with Verified Answers expert system - CORRECT ANSWER capture and recording of the knowledge and experience of individuals in an organization feasibility study - CORRECT ANSWER determines the strategic benefits of the project, such as a cost-benefit analysis, risks, etc gantt charts - CORRECT ANSWER identify activities that have been completed early or late through comparison to a baseline and determine whether the project is behind, ahead of or on schedul...

CISA Domain 3 Missed 56 Questions with Verified Answers When auditing the proposed acquisition of a new computer system, an IS auditor should FIRST ensure that: a clear business case has been approved by management. corporate security standards will be met. users will be involved in the implementation plan. the new system will meet all required user functionality. - CORRECT ANSWER A is the correct answer. Justification The first concern of an IS auditor is to ensure that the proposal me...

CISA Study Notes Exam 181 Questions with Verified Answers Who is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? - CORRECT ANSWER IT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning business objectives, and technology strategies. - CORRECT ANSWER The Steering Committee What three elements allow validation o...

CISA Domain 3 Info Sys Acquisition, Development & Implementation 53 Questions with Verified Answers Benchmarking a Process - CORRECT ANSWER term used to describe the activity of continuous process improvement. The purpose of benchmarking is to compare key measurements in a business process. Plan, Research (yourself), Observe(others), Adopt, Improve Characteristic of the Maturity Levels (CMMI) - CORRECT ANSWER IRDMO - I Remember Do Make Oatmeal 1. Initial -This level has no process, no...

CISA examtopics 301-400 Exam Questions with Verified Answers 301. An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor? A. Using a third-party provider to host and manage content B. Lack of guidance on appropriate social media usage and monitoring C. Negative posts by customers affecting the organization's image D. Reduced productivity of stuff using social media - CORRECT A...

CISA examtopics 201-300 Exam Questions with Verified Answers 201. During a project meeting for the implementation of an enterprise resource planning (ERP). a new requirement is requested by the finance department. Which of the following would BEST indicate to an IS auditor that the resulting risk to the project has been assessed? A. The project status as reported in the meeting minutes B. The analysis of the cost and time impact of the requirement C. The updated business requirements D...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

CISA Exam 318 Questions with Verified Answers 5 Tasks within the domain covering the process of auditing information systems - CORRECT ANSWER 1. Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included 2. Plan specific audits to determine whether information systems are protected, controlled and provided value to the organization 3. Conduct audits in accordance with IT audit standards to achieve planned audit objectives...

CISA Flashcards Protection of Information Assets Exam 99 Questions with Verified Answers Define the following terms: decompiling, modular stage, due care, negligence, basic care, ordinary care, and extraordinary care. - CORRECT ANSWER Decompiling is the act of dividing a large auditing task into smaller audits so that all objectives and requirements can be met Modular stage is a type of audit created by decompiling. Due care is the degree of care for a client that auditors must demonstrate w...