Cisa it governance 1 - Study guides, Class notes & Summaries

CISA Domain 2 Exam 100 Questions with Verified Answers What does EGIT stand for? What is it's meaning? - CORRECT ANSWER Enterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad processes in the EGIT framework are: - CORRECT ANSWER 1. IT Resource Management - Focuses on maintainng an updated inventory of all IT res...

CISA Exam 14, 13 mc, 10 mc 55 Questions with Verified Answers (CISA exam, adapted) Authentication is the process by which the: system verifies that the user is entitled to enter the transaction requested. user identifies him- or herself to the system. system verifies the identity of the user. user indicates to the system that the transaction was processed correctly. - CORRECT ANSWER system verifies the identity of the user. (CMA exam, adapted) Data processing activities may be classi...

CISA examtopics 301-400 Exam Questions with Verified Answers 301. An organization has begun using social media to communicate with current and potential clients. Which of the following should be of PRIMARY concern to the auditor? A. Using a third-party provider to host and manage content B. Lack of guidance on appropriate social media usage and monitoring C. Negative posts by customers affecting the organization's image D. Reduced productivity of stuff using social media - CORRECT A...

Certified Information Systems Auditor (CISA) Cert Guide 109 Questions with Verified Answers Which of the following best describes a baseline document? a. A PCI industry standard requiring a 15-minute session timeout b. Installation step recommendations from the vendor for an Active Directory server c. A network topography diagram of the Active Directory forest d. Security configuration settings for an Active Directory server - CORRECT ANSWER D. A baseline is correct because it is a platfo...

CISA EXAM 1|45 Questions with Verified Answers 1. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)? A References from other customers B Service level agreement (SLA) template C Maintenance agreement D Conversion plan - CORRECT ANSWER The answer is A An IS auditor should look for an independent verification that the ISP can perform the tasks being ...

ACC 580 Exam 1 CISA Book 45 Questions with Verified Answers Which of the following outlines the overall authority to perform an IS audit? A. The audit scope, with goals and objectives B. A request from management to perform an audit C. The approved audit charter D. The approved audit schedule - CORRECT ANSWER C. The approved audit charter In performing a risk-based audit, which risk assessment is completed initially by the IS auditor? A. Detection Risk assessment B. Control Risk asse...

CISA Practice Exam 323 Questions with Verified Answers Identify the most critical element from the following for the successful implementation and ongoing regular maintenance of an information security policy. [BAC] A.Management support and approval for the information security policy B. Understanding of the information security policy by all appropriate parties C. Punitive actions for any violation of information security rules D. Stringent access control monitoring of information secu...

CISA Flashcards Protection of Information Assets Exam 99 Questions with Verified Answers Define the following terms: decompiling, modular stage, due care, negligence, basic care, ordinary care, and extraordinary care. - CORRECT ANSWER Decompiling is the act of dividing a large auditing task into smaller audits so that all objectives and requirements can be met Modular stage is a type of audit created by decompiling. Due care is the degree of care for a client that auditors must demonstrate w...

CISA QAE Domain 5 Exam 89 Questions with Verified Answers When reviewing an organization's logical access security to its remote systems, which of the following would be of GREATEST concern to an IS auditor? - CORRECT ANSWER Unencrypted passwords are used. When evaluating the technical aspects of logical security, unencrypted passwords represent the greatest risk because it would be assumed that remote access would be over an untrusted network where passwords could be discovered. Which...

ISACA CISA practice exam 124 Questions with Verified Answers Abend - CORRECT ANSWER An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing Acceptable Use Policy - CORRECT ANSWER A policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Inter...