CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 188
1. An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:
A) conclude that the controls are inadequate.
B) expand the scope to include substantive testing
C) place greater reliance on previous audits.
D) suspend the audit.
2. An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise:
A) professional independence
B) organizational independence.
C) technical competence.
D) professional competence.
3. The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:
A) understand the business process.
B) comply with auditing standards.
C) identify control weakness.
D) plan substantive testing.
4. In the process of evaluating program change controls, an IS auditor would use source code comparison software to:
A) examine source program changes without information from IS personnel.
B) detect a source program change made between acquiring a copy of the source and the comparison run.
C) confirm that the control copy is the current version of the production program.
D) ensure that all changes made in the current source copy are detected.
5. The PRIMARY purpose for meeting with auditees prior to formally closing a review is to:
A) confirm that the auditors did not overlook any important issues.
B) gain agreement on the findings.
C) receive feedback on the adequacy of the audit procedures.
D) test the structure of the final presentation.
A) conclude that the controls are inadequate.
B) expand the scope to include substantive testing
C) place greater reliance on previous audits.
D) suspend the audit.
2. An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise:
A) professional independence
B) organizational independence.
C) technical competence.
D) professional competence.
3. The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:
A) understand the business process.
B) comply with auditing standards.
C) identify control weakness.
D) plan substantive testing.
4. In the process of evaluating program change controls, an IS auditor would use source code comparison software to:
A) examine source program changes without information from IS personnel.
B) detect a source program change made between acquiring a copy of the source and the comparison run.
C) confirm that the control copy is the current version of the production program.
D) ensure that all changes made in the current source copy are detected.
5. The PRIMARY purpose for meeting with auditees prior to formally closing a review is to:
A) confirm that the auditors did not overlook any important issues.
B) gain agreement on the findings.
C) receive feedback on the adequacy of the audit procedures.
D) test the structure of the final presentation.
1. Right Answer: B
Explanation: If the answers provided to an IS auditor's questions are not confirmed by documented procedures or job descriptions, the IS auditor should expand the scope of testing the controls and include additional substantive tests. There is no evidence that whatever controls might exist are either inadequate or adequate. Placing greater reliance on previous audits or suspending the audit are inappropriate actions as they provide no current knowledge of the adequacy of the existing controls.
2. Right Answer: A
Explanation: When an IS auditor recommends a specific vendor, they compromise professional independence. Organizational independence has no relevance to the content of an audit report and should be considered at the time of accepting the engagement. Technical and professional competence is not relevant to the requirement of independence.
3. Right Answer: A
Explanation: Understanding the business process is the first step an IS auditor needs to perform. Standards do not require an IS auditor to perform a process walkthrough.Identifying control weaknesses is not the primary reason for the walkthrough and typically occurs at a later stage in the audit, while planning for substantive testing is performed at a later stage in the audit.
4. Right Answer: A
Explanation: An IS auditor has an objective, independent and relatively complete assurance of program changes because the source code comparison will identify changes.Choice B is incorrect, because the changes made since the acquisition of the copy are not included in the copy of the software. Choice C is incorrect, as an IS auditor will have to gain this assurance separately.Choice D is incorrect, because any changes made between the time the control copy was acquired and the source code comparison is made will not be detected.
5. Right Answer: B
Explanation: The primary purpose for meeting with auditees prior to formally closing a review is to gain agreement on the findings. The other choices, though related to the formal closure of an audit, are of secondary importance.
Explanation: If the answers provided to an IS auditor's questions are not confirmed by documented procedures or job descriptions, the IS auditor should expand the scope of testing the controls and include additional substantive tests. There is no evidence that whatever controls might exist are either inadequate or adequate. Placing greater reliance on previous audits or suspending the audit are inappropriate actions as they provide no current knowledge of the adequacy of the existing controls.
2. Right Answer: A
Explanation: When an IS auditor recommends a specific vendor, they compromise professional independence. Organizational independence has no relevance to the content of an audit report and should be considered at the time of accepting the engagement. Technical and professional competence is not relevant to the requirement of independence.
3. Right Answer: A
Explanation: Understanding the business process is the first step an IS auditor needs to perform. Standards do not require an IS auditor to perform a process walkthrough.Identifying control weaknesses is not the primary reason for the walkthrough and typically occurs at a later stage in the audit, while planning for substantive testing is performed at a later stage in the audit.
4. Right Answer: A
Explanation: An IS auditor has an objective, independent and relatively complete assurance of program changes because the source code comparison will identify changes.Choice B is incorrect, because the changes made since the acquisition of the copy are not included in the copy of the software. Choice C is incorrect, as an IS auditor will have to gain this assurance separately.Choice D is incorrect, because any changes made between the time the control copy was acquired and the source code comparison is made will not be detected.
5. Right Answer: B
Explanation: The primary purpose for meeting with auditees prior to formally closing a review is to gain agreement on the findings. The other choices, though related to the formal closure of an audit, are of secondary importance.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment