CISA EXAM GRADED A+
Definitions and Concepts: - Source Code: The original, uncompiled code that forms the basis of software programs. ️ - Object Code: Compiled code that is ready for distribution and use in production; it's not human
readable. ️ - Inherent Risk: The possibility of an error o...
- Source Code: The original, uncompiled code that forms the basis of software programs. ✔️
- Object Code: Compiled code that is ready for distribution and use in production; it's not human-
readable. ✔️
- Inherent Risk: The possibility of an error occurring without any preventive controls in place. ✔️
- Control Risk: The risk that a significant error exists and would not be detected by the internal controls.
✔️
- Detection Risk: The chance that an error exists but isn’t identified, potentially due to inadequate
testing procedures by the auditor. ✔️
- Audit Risk: The total level of risk that an auditor is willing to accept in their audit work. ✔️
- Compliance Testing: A method to check if internal controls comply with management's established
policies and procedures. ✔️
- Substantive Testing: An examination that assesses the accuracy of individual transactions, data, and
information. ✔️
- Regression Testing: Testing performed to confirm that previously encountered issues do not reoccur in
the software. ✔️
- Sociability Testing: Ensures that an application functions correctly alongside other applications
operating in the same environment, including evaluation of interfaces. ✔️
,- Parallel Testing: Involves inputting test data into two systems simultaneously and comparing the
outputs. ✔️
- White Box Testing: A testing methodology that examines the internal logic and structure of the
software. ✔️
- Black Box Testing: Testing that evaluates the system's functional performance without knowledge of
the internal workings. ✔️
- Redundancy Check: A method to identify transmission errors by appending calculated bits to data
segments. ✔️
- Variable Sampling: A technique used to estimate average or total values of a population. ✔️
- Discovery Sampling: A technique to assess the likelihood of finding a specific attribute within a
population. ✔️
- Attribute Sampling: Selecting items based on a shared attribute, typically used for compliance testing.
✔️
### Chapter 2 Concepts:
- Steering Committee: A group appointed by senior management to oversee projects and acquisitions
without getting involved in daily operations; it includes senior management, user management, and IT
representatives and escalates important issues to upper management. ✔️
- Request for Proposal (RFP): A document sent to software vendors asking them to submit proposals for
developing or providing a software product. It should outline project goals, key requirements,
constraints, vendor qualifications, and references. ✔️
- Quality Assurance: Verifies whether policies are being followed correctly. ✔️
, - Quality Control: Confirms that products or services are free from defects. ✔️
- Bottom-up Approach for Policy Development: Starts by defining requirements and policies at the
operational level based on risk assessments. ✔️
### Chapter 3 Concepts:
- OSI Model: Refers to the conceptual framework for understanding network communication,
summarized by the phrase "All People Seem To Need Dominos Pizza". ✔️
- Layer 7 - Application Layer: Interfaces directly with application processes and provides common
services. ✔️
- Layer 6 - Presentation Layer: Manages data representation issues like encoding and encryption for
the application layer. ✔️
- Layer 5 - Session Layer: Manages dialogues between applications, including session establishment
and termination. ✔️
- Layer 4 - Transport Layer: Ensures reliable data delivery and provides transparent transfer of data
between applications. ✔️
- Layer 3 - Network Layer: Responsible for data routing and maintaining quality of service across
networks. ✔️
- Layer 2 - Data Link Layer: Facilitates data transfer between network entities, ensuring error detection
and possibly correction. ✔️
- Layer 1 - Physical Layer: Defines physical specifications for devices, including connections and
voltages. ✔️
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller CertifiedGrades. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.89. You're not tied to anything after your purchase.
