CISA EXAM BUNDLE (PACKAGE DEAL) WITH COMPLETE SOLUTIONS!!CISA EXAM BUNDLE (PACKAGE DEAL) WITH COMPLETE SOLUTIONS!!CISA EXAM BUNDLE (PACKAGE DEAL) WITH COMPLETE SOLUTIONS!!VCISA EXAM BUNDLE (PACKAGE DEAL) WITH COMPLETE SOLUTIONS!!CISA EXAM BUNDLE (PACKAGE DEAL) WITH COMPLETE SOLUTIONS!!CISA EXAM BUN...
[Show more]
Information system auditors have identified separation of duties in enterprise resource planning (ERP) systems. Which of the following is the best way to prevent repetitive configuration from occurring? A. Use a role-based model to grant user access B. Regularly monitor access rights C. Correcti...
Preview 1 out of 3 pages
Add to cartInformation system auditors have identified separation of duties in enterprise resource planning (ERP) systems. Which of the following is the best way to prevent repetitive configuration from occurring? A. Use a role-based model to grant user access B. Regularly monitor access rights C. Correcti...
In a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer? Correct A. Nonrepudiation B. Encryption C. Authentication D. Integrity . - ANSWERYou are correct, the answer is A. A....
Preview 4 out of 120 pages
Add to cartIn a public key infrastructure (PKI), which of the following may be relied upon to prove that an online transaction was authorized by a specific customer? Correct A. Nonrepudiation B. Encryption C. Authentication D. Integrity . - ANSWERYou are correct, the answer is A. A....
Chapter 1 - ANSWER Source code - ANSWERuncompiled, archive code Object code - ANSWERcompiled code that is distributed and put into production; not able to be read by humans Inherent risk - ANSWERthe risk that an error could occur assuming no compensating control exist Control risk - ANSW...
Preview 2 out of 15 pages
Add to cartChapter 1 - ANSWER Source code - ANSWERuncompiled, archive code Object code - ANSWERcompiled code that is distributed and put into production; not able to be read by humans Inherent risk - ANSWERthe risk that an error could occur assuming no compensating control exist Control risk - ANSW...
Planning, fieldwork/documentation, and reporting/follow-up - ANSWERMajor phases of the typical audit process Audit Charter - ANSWERAn overarching document that covers the entire scope of audit activities in an entire entity. Engagement Letter - ANSWERMore focused on a particular audit exercise...
Preview 2 out of 5 pages
Add to cartPlanning, fieldwork/documentation, and reporting/follow-up - ANSWERMajor phases of the typical audit process Audit Charter - ANSWERAn overarching document that covers the entire scope of audit activities in an entire entity. Engagement Letter - ANSWERMore focused on a particular audit exercise...
01. An audit charter should: a) be dynamic and change to coincide with the changing nature of technology and the audit profession. b) clearly state audit objectives for, and the delegation of, authority to the maintenance and review of internal controls. c) document the audit procedures designe...
Preview 1 out of 2 pages
Add to cart01. An audit charter should: a) be dynamic and change to coincide with the changing nature of technology and the audit profession. b) clearly state audit objectives for, and the delegation of, authority to the maintenance and review of internal controls. c) document the audit procedures designe...
Al-l The internal audit department wrote some scripts that are used for continuous auditing of some information systems. The IT department asked for copies of the scripts so that they can use them for setting up a continuous monitoring process on key systems. Does sharing these scripts with IT affec...
Preview 4 out of 65 pages
Add to cartAl-l The internal audit department wrote some scripts that are used for continuous auditing of some information systems. The IT department asked for copies of the scripts so that they can use them for setting up a continuous monitoring process on key systems. Does sharing these scripts with IT affec...
When evaluating the collective effect of preventive, detective and corrective controls within a process, an IS auditor should be aware of which of the following? A. The point at which controls are exercised as data flow through the system B. Only preventive and detective controls are relevant C. ...
Preview 2 out of 9 pages
Add to cartWhen evaluating the collective effect of preventive, detective and corrective controls within a process, an IS auditor should be aware of which of the following? A. The point at which controls are exercised as data flow through the system B. Only preventive and detective controls are relevant C. ...
IT governance is most concerned with A. Security policy B. IT policy C. IT strategy D. IT executive compensation - ANSWERIT Strategy IT governance is the mechanism through which IT strategy is established, controlled, and monitored through the balanced scorecard. Long-term and other strategic ...
Preview 3 out of 17 pages
Add to cartIT governance is most concerned with A. Security policy B. IT policy C. IT strategy D. IT executive compensation - ANSWERIT Strategy IT governance is the mechanism through which IT strategy is established, controlled, and monitored through the balanced scorecard. Long-term and other strategic ...
Completing a Risk Analysis. - ANSWERWhat is the most important consideration before implementing a new technology? Indemnity Clause - ANSWERWhat is a clause that holds providers financially liable for violations? Agreed upon performance metrics in the SLA - ANSWERWhat is the best reference for...
Preview 2 out of 9 pages
Add to cartCompleting a Risk Analysis. - ANSWERWhat is the most important consideration before implementing a new technology? Indemnity Clause - ANSWERWhat is a clause that holds providers financially liable for violations? Agreed upon performance metrics in the SLA - ANSWERWhat is the best reference for...
Most important step in risk analysis is to identify a. Competitors b. controls c. vulnerabilities d. liabilities - ANSWERc. vulnerabilities In a risk based audit planning, an IS auditor's first step is to identify: a. responsibilities of stakeholders b. high-risk areas within the org...
Preview 4 out of 68 pages
Add to cartMost important step in risk analysis is to identify a. Competitors b. controls c. vulnerabilities d. liabilities - ANSWERc. vulnerabilities In a risk based audit planning, an IS auditor's first step is to identify: a. responsibilities of stakeholders b. high-risk areas within the org...
1. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)? A References from other customers B Service level agreement (SLA) template C Maintenance agreement D C...
Preview 3 out of 25 pages
Add to cart1. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)? A References from other customers B Service level agreement (SLA) template C Maintenance agreement D C...
Which of the following is the BEST preventive control to protect the confidentiality of data on a corporate smartphone in the event it is lost? a) Biometric authentication for the device b) Remote data wipe program c) Encryption of the data stored on the device d) Password for device authenticat...
Preview 1 out of 2 pages
Add to cartWhich of the following is the BEST preventive control to protect the confidentiality of data on a corporate smartphone in the event it is lost? a) Biometric authentication for the device b) Remote data wipe program c) Encryption of the data stored on the device d) Password for device authenticat...
Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions? a. Parity check b. Echo check c. Block sum check d. Cyclic redundancy check - ANSWERd. Cyclic redundancy check An employee loses a mobile device resulting in loss of sensiti...
Preview 4 out of 65 pages
Add to cartWhich of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions? a. Parity check b. Echo check c. Block sum check d. Cyclic redundancy check - ANSWERd. Cyclic redundancy check An employee loses a mobile device resulting in loss of sensiti...
Audit Charter - ANSWERa formal document that contains: 1. scope of the audit functions 2. authority of the audit functions 3. responsibility of the audit functions Audit Universe - ANSWERAn inventory of all the functions/processes/units under the organization Qualitative Risk Assessment - ...
Preview 1 out of 3 pages
Add to cartAudit Charter - ANSWERa formal document that contains: 1. scope of the audit functions 2. authority of the audit functions 3. responsibility of the audit functions Audit Universe - ANSWERAn inventory of all the functions/processes/units under the organization Qualitative Risk Assessment - ...
Who should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the primary reason for the audit function directly reporting to the audit committe...
Preview 1 out of 2 pages
Add to cartWho should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the primary reason for the audit function directly reporting to the audit committe...
Which of the following is most closely related to data backup frequency? - ANSWERRPO Which of the following identifies how negative incidents affect business operations? - ANSWERBusiness impact analysis What is the overall purpose of an ARP poisoning attack? - ANSWERForce user traffic through ...
Preview 1 out of 1 pages
Add to cartWhich of the following is most closely related to data backup frequency? - ANSWERRPO Which of the following identifies how negative incidents affect business operations? - ANSWERBusiness impact analysis What is the overall purpose of an ARP poisoning attack? - ANSWERForce user traffic through ...
Who should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the prime reason for review of an organization chart? - ANSWERTo understand the au...
Preview 3 out of 20 pages
Add to cartWho should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the prime reason for review of an organization chart? - ANSWERTo understand the au...
Who is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? - ANSWERIT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning...
Preview 2 out of 15 pages
Add to cartWho is responsible for imposing an IT governance model encompassing IT strategy, information security, and formal enterprise architectural mandates? - ANSWERIT executives and the Board of Directors The party that performs strategic planning, addresses near-term and long-term requirements aligning...
Who should approve the audit charter of an organization? - ANSWERSenior management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the prime reason for review of an organization chart? - ANSWERTo understand the au...
Preview 2 out of 5 pages
Add to cartWho should approve the audit charter of an organization? - ANSWERSenior management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the prime reason for review of an organization chart? - ANSWERTo understand the au...
What does EGIT stand for? What is it's meaning? - ANSWEREnterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad pro...
Preview 2 out of 7 pages
Add to cartWhat does EGIT stand for? What is it's meaning? - ANSWEREnterprise Governance of Information and Technology. It a system composed of stakeholders, board of directors, department managers, and internal customers who provide input into the IT decision making process. What are the three broad pro...
Management - ANSWERPlans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. Is the responsibility of the executive management, under the leadership of the CEO IS Management - ANSWEREnsuring that adequate resources...
Preview 2 out of 12 pages
Add to cartManagement - ANSWERPlans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. Is the responsibility of the executive management, under the leadership of the CEO IS Management - ANSWEREnsuring that adequate resources...
true - ANSWEROne of the primary advantages of an object is that it contains reusable code. true - ANSWERDatabase management systems can be used to track orders, products, and customers; analyze weather data to make forecasts for the next several days; and summarize medical research results. tr...
Preview 1 out of 3 pages
Add to carttrue - ANSWEROne of the primary advantages of an object is that it contains reusable code. true - ANSWERDatabase management systems can be used to track orders, products, and customers; analyze weather data to make forecasts for the next several days; and summarize medical research results. tr...
Acceptable use policy - ANSWERA policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Internet. Access control - ANSWERThe processes, rules and deployment mechanisms that ...
Preview 4 out of 47 pages
Add to cartAcceptable use policy - ANSWERA policy that establishes an agreement between users and the enterprise and defines for all parties' the ranges of use that are approved before gaining access to a network or the Internet. Access control - ANSWERThe processes, rules and deployment mechanisms that ...
Audit Charter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the internal audit function. (General audits) Engagement Letter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the external audi...
Preview 2 out of 6 pages
Add to cartAudit Charter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the internal audit function. (General audits) Engagement Letter (P.32) - ANSWERThe overarching document that outlines the scope, authority, and responsibilities of the external audi...
Audit Function - ANSWEREnsures that the diverse tasks performed and achieved by the audit team will fulfill objectives, while preserving audit independence and competence. Information Systems - ANSWERThe combination of strategic, managerial, and operational activities involved in gathering, proce...
Preview 2 out of 8 pages
Add to cartAudit Function - ANSWEREnsures that the diverse tasks performed and achieved by the audit team will fulfill objectives, while preserving audit independence and competence. Information Systems - ANSWERThe combination of strategic, managerial, and operational activities involved in gathering, proce...
Who is responsible for the governance of the enterprise? - ANSWERBoard of Directors What is corporate governance's purpose? - ANSWERto help build an environment of trust, transparency, and accountability to foster long-term investment, financial stability, and business integrity All stakeho...
Preview 2 out of 7 pages
Add to cartWho is responsible for the governance of the enterprise? - ANSWERBoard of Directors What is corporate governance's purpose? - ANSWERto help build an environment of trust, transparency, and accountability to foster long-term investment, financial stability, and business integrity All stakeho...
Audit Risk - ANSWERThe risk that the audit report might contain a material error or that an error might exist that the auditor did not detect Control Risk - ANSWERThe risk that an auditor could lose control, errors could be introduced, or errors may not be corrected in a timely manner (if ever). ...
Preview 2 out of 7 pages
Add to cartAudit Risk - ANSWERThe risk that the audit report might contain a material error or that an error might exist that the auditor did not detect Control Risk - ANSWERThe risk that an auditor could lose control, errors could be introduced, or errors may not be corrected in a timely manner (if ever). ...
A1-1: The internal audit department has written some scripts that are used for continuous auditing of some information systems. The IT department has asked for copies of the script so that they can use them for setting up a continuous monitoring process on key systems. Would sharing these with IT af...
Preview 1 out of 3 pages
Add to cartA1-1: The internal audit department has written some scripts that are used for continuous auditing of some information systems. The IT department has asked for copies of the script so that they can use them for setting up a continuous monitoring process on key systems. Would sharing these with IT af...
In the Planning Stage, the primary goal is to... - ANSWERaddress audit objectives The BEST way to ensure payroll data accuracy is to ... - ANSWERcompare the payroll report to the input forms An IS Auditor would use code comparison software to look at... - ANSWERsource program controls withou...
Preview 1 out of 3 pages
Add to cartIn the Planning Stage, the primary goal is to... - ANSWERaddress audit objectives The BEST way to ensure payroll data accuracy is to ... - ANSWERcompare the payroll report to the input forms An IS Auditor would use code comparison software to look at... - ANSWERsource program controls withou...
What is the definition of audit? - ANSWERAuditing is a detailed and specific evaluation of a process, procedure, organization, job function, or system, in which results are gathered and reported. What is the purpose of ethics? - ANSWERTo mandate the professional and personal conduct of auditors ...
Preview 2 out of 6 pages
Add to cartWhat is the definition of audit? - ANSWERAuditing is a detailed and specific evaluation of a process, procedure, organization, job function, or system, in which results are gathered and reported. What is the purpose of ethics? - ANSWERTo mandate the professional and personal conduct of auditors ...
Capability Maturity Models - ANSWERLevel 1 - Initial - processes are poorly controlled Level 2 - Managed - process is characterized for projects. Level 3 - Defined - documented process characterized for the organization and is proactive Level 4 - Quantitatively Managed - Process is measured and ...
Preview 3 out of 20 pages
Add to cartCapability Maturity Models - ANSWERLevel 1 - Initial - processes are poorly controlled Level 2 - Managed - process is characterized for projects. Level 3 - Defined - documented process characterized for the organization and is proactive Level 4 - Quantitatively Managed - Process is measured and ...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller papersbyjol. Stuvia facilitates payment to the seller.
No, you only buy these notes for $57.61. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
50990 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 15 years now
