Cisa execution - Study guides, Class notes & Summaries

CISA Exam Questions (401 - 500) with Verified Answers An IS auditor is reviewing the software development process for an organization. Which of the following functions would be appropriate for the end users to perform? Select an answer: A. Program output testing B. System configuration C. Program logic specification D. Performance tuning - CORRECT ANSWER You are correct, the answer is A. A. A user can test program output by checking the program input and comparing it w...

CISA Exam 122 Questions and Terms 122 Questions with Verified Answers COBIT Framework - CORRECT ANSWER Framework developed by ISACA to support EGIT by providing a framework to ensure that IT is aligned with the business, IT enables the business and maximizes benefits, IT resources are used responsibly, and IT risk is managed appropriately. (ISO)/International Electrotechnical Commission (IEC) 27000 series - CORRECT ANSWER A set of best practices that provides guidance to organizations impl...

CISA Chapter 2 Exam 218 Questions with Verified Answers Organizations should define IT strategies, policies, standards and operating procedures in line with... - CORRECT ANSWER organizational goals and objectives In order to provide assurance to stakeholders that IT services are aligned with the business vision, mission and objectives, top management should implement... - CORRECT ANSWER an IT governance framework The committees, made up of _____________ will examine and approve the IT s...

CISA Section 1 Exam 56 Questions with Verified Answers substantive test - CORRECT ANSWER A substantive test includes gathering evidence to evaluate the integrity (i.e., the completeness, accuracy or validity) of individual transactions, data or other information. Conducting a physical count of the tape inventory is a substantive test. When using an integrated test facility (ITF), an IS auditor should ensure that: - CORRECT ANSWER An ITF creates a fictitious file in the database, allowing f...

CISA Practice Exam 559 Questions with Verified Answers It is important to understand the organization and its environment in order to effectively pinpoint the organization's key risk. One specific factor is an understanding of: - CORRECT ANSWER The organization's selection and application of policies and procedures Of the following, which is not a way to treat a risk? - CORRECT ANSWER Ignore it The three focus areas that management must address in order to govern IT include all of the...

CISA CH 3 Exam 133 Questions with Verified Answers Project governance and management - CORRECT ANSWER IS auditor's role is to ensure that rules of system development like SoD are not compromised Components of project management are initiating, planning, executing, controlling, monitoring and closing Three types of project management org structures - CORRECT ANSWER Functional-structured organization-project manager only has a staff function without formal management authority manager ad...

CISA Domain 4 Exam 103 Questions with Verified Answers Management - CORRECT ANSWER Plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives. Is the responsibility of the executive management, under the leadership of the CEO IS Management - CORRECT ANSWER Ensuring that adequate resources are allocated to suport IS operations Planning to ensure the most efficient and effective use of an operation's resources...

ISACA CISA SET Exam 121 Questions with Verified Answers The internal audit dept. wrote some scripts that are sued for continuous auditing of some information systems. The IT dept. asked for compies of the scripts so that they can use them for setting up a continuous monitoring process on key systems. Does sharing these scripts with IT affect the ability of the IS auditors to independently and objectively audit the IT functions? a. sharing scripts is not permitted because it gives IT abilit...

CISA Domain 4 Information Systems Operations, Maintenance and Service Management 100 Questions with Verified Answers Service Level Management - CORRECT ANSWER negotiate, document, and manage the services in the manner in which the customer requires those services (not necessarily ensures that services are delivered at highest level of availability) Availability reports - CORRECT ANSWER downtime is addressed here and provides time period which computer was available for utilization by use...

CISA Domain 3 Exam 113 Questions with Verified Answers Integrated Test Facility (ITF) - CORRECT ANSWER - Fictitious entity is created in LIVE environment - This technique allows auditor to open a dummy account - Auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness - Processed results and expected results are compared to verify that systems are operating correctly - Example: A dummy asset of $100,000/- is entered into syst...