Cisa exam preparation Study guides, Class notes & Summaries

CISA Study Guide Exam 427 Questions with Verified Answers Most important step in risk analysis is to identify a. Competitors b. controls c. vulnerabilities d. liabilities - CORRECT ANSWER c. vulnerabilities In a risk based audit planning, an IS auditor's first step is to identify: a. responsibilities of stakeholders b. high-risk areas within the organization c. cost centre d. profit centre - CORRECT ANSWER b. high-risk areas within the organization When developing a risk-...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

CISA Exam 318 Questions with Verified Answers 5 Tasks within the domain covering the process of auditing information systems - CORRECT ANSWER 1. Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included 2. Plan specific audits to determine whether information systems are protected, controlled and provided value to the organization 3. Conduct audits in accordance with IT audit standards to achieve planned audit objectives...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA Domain 2 Exam 100 Questions with Verified Answers What does EGIT stand for? What is it's meaning? - CORRECT ANSWER Enterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - CORRECT ANSWER 1. IT Resource Management - Focuses on maintainng an updated inventory of all IT res...

CISA Study Notes Exam 181 Questions with Verified Answers Who is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? - CORRECT ANSWER IT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning business objectives, and technology strategies. - CORRECT ANSWER The Steering Committee What three elements allow validation o...

CISA examtopics 301-400 Exam Questions with Verified Answers 301. An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor? A. Using a third-party provider to host and manage content B. Lack of guidance on appropriate social media usage and monitoring C. Negative posts by customers affecting the organization's image D. Reduced productivity of stuff using social media - CORRECT ANS...

Certified Information Systems Auditor (CISA) Cert Guide 109 Questions with Verified Answers Which of the following best describes a baseline document? a. A PCI industry standard requiring a 15-minute session timeout b. Installation step recommendations from the vendor for an Active Directory server c. A network topography diagram of the Active Directory forest d. Security configuration settings for an Active Directory server - CORRECT ANSWER D. A baseline is correct because it is a platfo...

AIS Exam 1 Questions and Answers 100% correct What is AIS? a system that collects, records, stores, and processes data to produce useful information for decision makers What are the three major components of AIS? Inputs, Processing methods, and outputs Inputs raw transaction data Processing methods sorting, organizing, calculating, and applying accounting procedures Outputs useful information such as management reports, financial statements, etc What are ...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...