CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 139
1. The use of statistical sampling procedures helps minimize:
A) Detection risk
B) Business risk
C) Controls risk
D) Compliance risk
2. What type of risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist?
A) Business risk
B) Detection risk
C) Residual risk
D) Inherent risk
3. A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
A) can identify high-risk areas that might need a detailed review later.
B) allows IS auditors to independently assess risk.
C) can be used as a replacement for traditional audits.
D) allows management to relinquish responsibility for control.
4. What type of approach to the development of organizational policies is often driven by risk assessment?
A) Bottom-up
B) Top-down
C) Comprehensive
D) Integrated
5. Who is accountable for maintaining appropriate security measures over information assets?
A) Data and systems owners
B) Data and systems users
C) Data and systems custodians
D) Data and systems auditors
A) Detection risk
B) Business risk
C) Controls risk
D) Compliance risk
2. What type of risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist?
A) Business risk
B) Detection risk
C) Residual risk
D) Inherent risk
3. A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
A) can identify high-risk areas that might need a detailed review later.
B) allows IS auditors to independently assess risk.
C) can be used as a replacement for traditional audits.
D) allows management to relinquish responsibility for control.
4. What type of approach to the development of organizational policies is often driven by risk assessment?
A) Bottom-up
B) Top-down
C) Comprehensive
D) Integrated
5. Who is accountable for maintaining appropriate security measures over information assets?
A) Data and systems owners
B) Data and systems users
C) Data and systems custodians
D) Data and systems auditors
1. Right Answer: A
Explanation: The use of statistical sampling procedures helps minimize detection risk.
2. Right Answer: B
Explanation: Detection risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist.
3. Right Answer: A
Explanation: CSA is predicated on the review of high-risk areas that either need immediate attention or a more thorough review at a later date. Choice B is incorrect, becauseCSA requires the involvement of auditors and line management. What occurs is that the internal audit function shifts some of the control monitoring responsibilities to the functional areas. Choice C is incorrect because CSA is not a replacement for traditional audits. CSA is not intended to replace audit's responsibilities, but to enhance them. Choice D is incorrect, because CSA does not allow management to relinquish its responsibility for control.
4. Right Answer: B
Explanation: A bottom-up approach to the development of organizational policies is often driven by risk assessment.
5. Right Answer: A
Explanation: Data and systems owners are accountable for maintaining appropriate security measures over information assets.
Explanation: The use of statistical sampling procedures helps minimize detection risk.
2. Right Answer: B
Explanation: Detection risk results when an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when errors actually exist.
3. Right Answer: A
Explanation: CSA is predicated on the review of high-risk areas that either need immediate attention or a more thorough review at a later date. Choice B is incorrect, becauseCSA requires the involvement of auditors and line management. What occurs is that the internal audit function shifts some of the control monitoring responsibilities to the functional areas. Choice C is incorrect because CSA is not a replacement for traditional audits. CSA is not intended to replace audit's responsibilities, but to enhance them. Choice D is incorrect, because CSA does not allow management to relinquish its responsibility for control.
4. Right Answer: B
Explanation: A bottom-up approach to the development of organizational policies is often driven by risk assessment.
5. Right Answer: A
Explanation: Data and systems owners are accountable for maintaining appropriate security measures over information assets.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment