Doshi Aspects from CISA Exam Perspective Questions & Answers(RATED A+)
0 view 0 purchase
Course
Doshi Aspects from CISA
Institution
Doshi Aspects From CISA
Who should approve the audit charter of an organization? - ANSWERSenior management
What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function
What is the prime reason for review of an organization chart? - ANSWERTo understand the a...
Doshi Aspects from CISA Exam
Perspective Questions &
Answers(RATED A+)
Who should approve the audit charter of an organization? - ANSWERSenior
management
What should the content of an audit charter be? - ANSWERThe scope, authority,
and responsibilities of the audit function
What is the prime reason for review of an organization chart? - ANSWERTo
understand the authority and responsibility of individuals
The actions of an IS auditor are primarily influenced by - ANSWERAudit charter
Which document provides the overall authority for an auditor to perform an audit? -
ANSWERAudit charter
What is the primary reason for the audit function directly reporting to the audit
committee? - ANSWERThe audit function must be independent of the business
function and should have direct access to the audit committee of the board
What is the first step in risk-based audit planning? - ANSWERTo identify areas of
high risk
What is a major benefit of risk-based audit planning? - ANSWERThe utilization of
resources for high-risk areas
What is the first step to conduct a data center review? - ANSWERTo evaluate
vulnerabilities and threats related to data center location
What is the major risk of EDI transactions? - ANSWERThe absence of agreement (in
the absence of a trading partner agreement, there could be uncertainty related to
specific legal liability).
What is the objective of encryption ? - ANSWERTo ensure the integrity and
confidentiality of transactions.
How are inbound t
In risk-based audit planning, an IS auditor's first step is to identify what? -
ANSWERHigh risk areas
Once threats and vulnerabilities are identified, what should be the next step? -
ANSWERIdentify and evaluate existing controls
ransactions controlled in an EDI environment? - ANSWERInbound transactions are
controlled via logs of the receipt of inbound transactions, the use of segment count
totals, and the use of check digits to detect transposition and transcription errors.
, What is the objective of key verification control? - ANSWERKey verification is a
method where data is entered a second time and compared with the initial data entry
to ensure that the data entered is correct. This is generally used in EFT transactions,
where another employee re-enters the same data to perform this check before any
money is transferred.
What is the objective of nonrepudiation? - ANSWERNom-repudiation ensures that a
transaction is enforceable and that the claimed sender cannot later deny generating
and sending the message.
What is the most important component of the artificial intelligence /expert system
area? - ANSWERKnowledge base (The knowledge base contains specific
information or fact patterns associated with a particular subject matter and the rules
for interpreting these facts; therefore, strict access control should be implemented
and monitored to ensure the integrity of the decision rules)
Segregation of duties is an example of which type of control? -
ANSWERPreventative Control
Controls that enable a risk or deficiency to be corrected before a loss occurs are
known as what? - ANSWERCorrective Control
Controls that directly mitigate a risk or lack of controls directly acting upon a risk are
know as what? - ANSWERCompensating Control
The most important step in a risk assessment is to identify - ANSWERThreats and
vulnerabilities
What is the advantage of risk based audit planning? - ANSWERResources can be
utilized for high risk areas
What does the level of protection of information assets depend on? -
ANSWERCriticality of assets
What is risk before controls are applied known as? - ANSWERInherent risk/gross
risk (after the implementation of controls, it is known as residual risk/net risk).
What does the information systems audit provide? - ANSWERReasonable
assurance about coverage of material items.
What is the first step of an audit project? - ANSWERTo develop an audit plan.
What is risk that is influenced by the actions of an auditor known as? -
ANSWERDetection risk
What is audit risk? - ANSWERAudit risk is the sum total of inherent risk, control risk,
and detection risk
What is risk the product of? - ANSWERProbability and impact
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller papersbyjol. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
