Cisa planning set 2 1 - Study guides, Class notes & Summaries

CISA Study Notes Exam 181 Questions with Verified Answers Who is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? - CORRECT ANSWER IT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning business objectives, and technology strategies. - CORRECT ANSWER The Steering Committee What three elements allow validation o...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

CISA Domain 2 Exam 100 Questions with Verified Answers What does EGIT stand for? What is it's meaning? - CORRECT ANSWER Enterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - CORRECT ANSWER 1. IT Resource Management - Focuses on maintainng an updated inventory of all IT res...

CISA Ch 1 - Process of Auditing Information Systems Practice Questions and Answers (100% Pass) Audit Charter - Answer️️ -document that states management's objectives for and delegation of authority to IS audit. Should be approved at the highest levels of management, and should outline the overall authority scope, and responsibilities of the audit function. Should not significantly change over time. Engagement Letter - Answer️️ -a letter that formalizes the contract between the au...

CISA Domain 2 Exam 183 Questions with Verified Answers IT management - CORRECT ANSWER the process of managing activities related to information technology operations and resources, which helps ensure that IT continues to support the defined enterprise objectives IT resource management - CORRECT ANSWER the process of pre-planning, scheduling and allocating the limited IT resources to maximize efficiency in achieving the enterprise objectives - When an organization invests its resources in...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

Certified Information Systems Auditor CISA Exam Questions 1. Information system auditors identified separation of duties in ERP systems. What is the most effective way to avoid repetitive configurations? - A. Implement a role-based model to manage user access - B. Routinely review access permissions - C. Rectify separation of duties - D. Use a standard user access matrix ️ A. Implement a role-based model to manage user access 2. When creating a disaster recovery plan, which factor sho...

CISA EXAM 182 Questions with Verified Answers Chapter 1 - CORRECT ANSWER Source code - CORRECT ANSWER uncompiled, archive code Object code - CORRECT ANSWER compiled code that is distributed and put into production; not able to be read by humans Inherent risk - CORRECT ANSWER the risk that an error could occur assuming no compensating control exist Control risk - CORRECT ANSWER the risk that an error exists that would not be prevented by internal controls Detection risk - COR...

Certified Information Systems Auditor (CISA) Cert Guide 109 Questions with Verified Answers Which of the following best describes a baseline document? a. A PCI industry standard requiring a 15-minute session timeout b. Installation step recommendations from the vendor for an Active Directory server c. A network topography diagram of the Active Directory forest d. Security configuration settings for an Active Directory server - CORRECT ANSWER D. A baseline is correct because it is a platfo...

CISA Exam 318 Questions with Verified Answers 5 Tasks within the domain covering the process of auditing information systems - CORRECT ANSWER 1. Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included 2. Plan specific audits to determine whether information systems are protected, controlled and provided value to the organization 3. Conduct audits in accordance with IT audit standards to achieve planned audit objectives...