100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
SAMPLE EXAM CISA QUESTIONS AND ANSWERS WITH SOLUTIONS 2024 CA$21.49   Add to cart
Quickly navigate to
Preview
  2.  
  3. CISA
  4.  
  5. CISA

Exam (elaborations)

SAMPLE EXAM CISA QUESTIONS AND ANSWERS WITH SOLUTIONS 2024
 4 views  0 purchase
  • Course
  • CISA
  • Institution
  • CISA

SAMPLE EXAM CISA QUESTIONS AND ANSWERS WITH SOLUTIONS 2024

Preview 4 out of 40  pages

Document information

  • August 16, 2024
  • 40
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers

Subjects

  • sample exam cisa questions and answers with soluti

Written for

  • CISA
  • CISA

Seller

avatar-seller
Performance

Reviews received

Content preview

SAMPLE EXAM CISA QUESTIONS AND
ANSWERS WITH SOLUTIONS 2024
A digital hash ensures:



1. Integrity

2. Confidentiality

3. Availability

4. Authenticity - ANSWER Integrity (no tampering - think about computer forensics class at Salve and
hashing)



A PRIMARY benefit derived for an organization employing control self-assessment techniques is that it:



1. Can identify high-risk area that need a detailed review later

2. Can be used as a replacement for traditional audits

3. Allows management to relinquish responsibility for control

4. Allows IS auditors to independently assess risk - ANSWER Can identify high-risk areas that might need
a detailed review later



A project development team is considering using production data for its test deck.



The team removed sensitive data elements before loading it into the test environment. Which of the
following additional concerns should an IS auditor have this practice?



1. Production data are introduced into the test environment

2. Not all functionality will be tested

3. Specialized training is required

4. The project may run over budget - ANSWER Not all functionality will be tested (Review - very difficult)

,A system developer transferred to the audit department to serve as an IT auditor. When production
systems are to be reviewed by this employee, which of the following will become the MOST SIGNIFICANT
CONCERN?



1. The employee may not have sufficient control assessment skills

2. The employee's knowledge of business risk may be limited

3. Audit points may largely shift to technical aspects

4. The work may be construed as a self-audit - ANSWER The work may be constructed as a self-audit
(these are all true but review)



Accountants are developing a temporary reporting solution using a spreadsheet and macro program.



Which of the following will be the MOST SIGNIFICANT concern from a control perspective?



1. The temporary solution becomes a permanent solution

2. Development is done using an agile development methodology

3. A tighter reconciliation process is required to ensure integrity

4. The modifications do not follow standard change management process - ANSWER The modifications
do not follow standard change management process



(Review)



After identifying the findings, the IS auditor should FIRST:



1. obtain remediation deadlines to close the findings

2. determine mitigation measures for the findings

3. gain agreement on the findings

4. inform senior management of the findings - ANSWER gain agreement on the findings (Review)

,After initial investigation, an IS auditor has reasons to believe that fraud may be present. The IS auditor
should:



1. expand activities to determine whether an investigation is warranted

2. consult with external legal counsel to determine the course of action to be taken

3. report the matter to the audit committee

4. report the possibility of fraud to management - ANSWER expand activities to determine whether an
investigation is warranted (review)



An advantage of using sanitized live transaction in test data is that:



1. every error condition is likely to be tested

2. all transaction types will be included

3. no special routines are required to assess the results

4. test transactions are representative of live processing - ANSWER test transactions are representative
of live processing



An auditee disagrees with an audit finding. Which of the following is the BEST course of action for the IT
auditor to take?



A. Discuss the finding with the IT auditor's manager.

B. Retest the control to confirm the finding.

C. Elevate the risk associated with the control.

D. Discuss the finding with the auditee's manager. - ANSWER Discuss the finding with the IT auditor's
manager



- (Review but always think internally first before showing client or internal management auditee, etc.)



An employee who has access to highly confidential information has resigned. Upon departure, which of
the following should be done FIRST?

, 1. Ensure succession plans are in place

2. Conduct an exit interview with the employee

3. Review the employee's job history

4. Revoke the employees access to all systems - ANSWER Revoke the employee's access to all systems



An enterprise has selected a vendor to develop and implement a new software system.



To ensure that the enterprise's investment in software is protected, which of the following security
clauses is MOST important to include in the Master Services Agreement?



1. Limitation of liability

2. Service Level Agreements

3. Version Control

4. Software Escrow - ANSWER Software Escrow



(Review Master Services Agreement and what Software Escrow means and how it is applied)



An enterprise is looking to obtain cloud hosting services from a cloud vendor with a high level of
maturity.



Which of the following would be the MOST important for the auditor to ensure continued alignment
with the enterprise's security requirements?



1. The vendor agrees to implement controls in alignment with the enterprise

2. The vendor provides the latest internal audit report to verification

3. The vendor provides the latest third-party audit report for verification

4. The vendor agrees to provide annual external audit reports in the contract - ANSWER The vendor
agrees to provide annual external audit reports in the contract.



(Definitely Review - third-party vendor agreeements or outsourcing cloud)

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Performance. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for CA$21.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78998 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
CA$21.49
  • (0)
  Add to cart