CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 19
1. An IS auditor conducting audit follow-up activities learns that some previously agreed-upon corrective actions have not been taken and that the associated risk has been accepted by senior management. If the auditor disagrees with management's decision, what is the BEST way to address the situation?
A) Repeat the audit with audit scope only covering areas with accepted risks
B) Report the issue to the chief audit executive for resolution
C) Recommend new corrective actions to mitigate the accepted risk
D) Take no action since management's decision has been made
2. During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?
A) Inherent risk
B) Sampling risk
C) Control risk
D) Detection risk
3. An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?
A) Computer-assisted technique
B) Stop-and-go testing
C) Statistical sampling
D) Judgmental sampling
4. The MAIN benefit of using an integrated test facility (ITF) as an online auditing technique is that it enables:
A) a cost-effective approach to application controls audit
B) auditors to investigate fraudulent transactions
C) auditors to test without impacting production data
D) the integration of financial and audit tests
5. When evaluating the ability of a disaster recovery plan to enable the recovery of IT processing capabilities, it is MOST important for the IS auditor to verify the plan is:
A) stored at an offsite location
B) communicated to department heads
C) regularly reviewed
D) periodically tested
A) Repeat the audit with audit scope only covering areas with accepted risks
B) Report the issue to the chief audit executive for resolution
C) Recommend new corrective actions to mitigate the accepted risk
D) Take no action since management's decision has been made
2. During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?
A) Inherent risk
B) Sampling risk
C) Control risk
D) Detection risk
3. An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?
A) Computer-assisted technique
B) Stop-and-go testing
C) Statistical sampling
D) Judgmental sampling
4. The MAIN benefit of using an integrated test facility (ITF) as an online auditing technique is that it enables:
A) a cost-effective approach to application controls audit
B) auditors to investigate fraudulent transactions
C) auditors to test without impacting production data
D) the integration of financial and audit tests
5. When evaluating the ability of a disaster recovery plan to enable the recovery of IT processing capabilities, it is MOST important for the IS auditor to verify the plan is:
A) stored at an offsite location
B) communicated to department heads
C) regularly reviewed
D) periodically tested
1. Right Answer: B
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: D
Explanation:
3. Right Answer: A
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment