Cisa execution 1 3 1 - Study guides, Class notes & Summaries

CISA Domain 3 Info Sys Acquisition, Development & Implementation 53 Questions with Verified Answers Benchmarking a Process - CORRECT ANSWER term used to describe the activity of continuous process improvement. The purpose of benchmarking is to compare key measurements in a business process. Plan, Research (yourself), Observe(others), Adopt, Improve Characteristic of the Maturity Levels (CMMI) - CORRECT ANSWER IRDMO - I Remember Do Make Oatmeal 1. Initial -This level has no process, no...

CISA EXAM 1|45 Questions with Verified Answers 1. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)? A References from other customers B Service level agreement (SLA) template C Maintenance agreement D Conversion plan - CORRECT ANSWER The answer is A An IS auditor should look for an independent verification that the ISP can perform the tasks being ...

CISA examtopics 201-300 Exam Questions with Verified Answers 201. During a project meeting for the implementation of an enterprise resource planning (ERP). a new requirement is requested by the finance department. Which of the following would BEST indicate to an IS auditor that the resulting risk to the project has been assessed? A. The project status as reported in the meeting minutes B. The analysis of the cost and time impact of the requirement C. The updated business requirements D...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA Domain 1 Exam 88 Questions with Verified Answers Interviewing and Observing Personnel - CORRECT ANSWER Actual Functions - An adequate test to ensure that the individual who is assigned and authorized to perform a particular function is the person who is actually doing the job. Actual Processes and Procedures - allows the IS auditor to gain evidence of compliance and observe deviations, if any. Security Awareness - Should be observed to verify an individuals understanding and practice ...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA Flashcards Protection of Information Assets Exam 99 Questions with Verified Answers Define the following terms: decompiling, modular stage, due care, negligence, basic care, ordinary care, and extraordinary care. - CORRECT ANSWER Decompiling is the act of dividing a large auditing task into smaller audits so that all objectives and requirements can be met Modular stage is a type of audit created by decompiling. Due care is the degree of care for a client that auditors must demonstrate w...

Domain 4 CISA Exam 325 Questions with Verified Answers what identifies and locates assets within a limited radius? - CORRECT ANSWER RFID- Radio Frequency Identification What uses radio waves to identify tagged objects? - CORRECT ANSWER RFID- Radio Frequency Identification In (RFID) Radio Frequency Identification, uses radio waves to identify TAGGED objects. What is included in a tag? - CORRECT ANSWER A tag includes a microchip and antenna. Microchip stores info and Antenna transmits inf...

CISA CH 3 Exam 133 Questions with Verified Answers Project governance and management - CORRECT ANSWER IS auditor's role is to ensure that rules of system development like SoD are not compromised Components of project management are initiating, planning, executing, controlling, monitoring and closing Three types of project management org structures - CORRECT ANSWER Functional-structured organization-project manager only has a staff function without formal management authority manager ad...

CISA Domain 3 Exam 113 Questions with Verified Answers Integrated Test Facility (ITF) - CORRECT ANSWER - Fictitious entity is created in LIVE environment - This technique allows auditor to open a dummy account - Auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness - Processed results and expected results are compared to verify that systems are operating correctly - Example: A dummy asset of $100,000/- is entered into syst...