CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 352
1. A successful risk-based IT audit program should be based on:
A) an effective scoring system.
B) an effective PERT diagram.
C) an effective departmental brainstorm session.
D) an effective organization-wide brainstorm session.
E) an effective yearly budget.
F) None of the choices.
2. The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through:
A) the use of risk controls.
B) the use of computer assisted functions.
C) using computer assisted audit technology tools.
D) the development of written guidelines.
E) None of the choices.
3. Which of the following correctly describes the purpose of an Electronic data processing audit?
A) to collect and evaluate evidence of an organization's information systems, practices, and operations.
B) to ensure document validity.
C) to verify data accuracy.
D) to collect and evaluate benefits brought by an organization's information systems to its bottom line.
E) None of the choices.
4. What should be done to determine the appropriate level of audit coverage for an organization's IT environment?
A) determine the company's quarterly budget requirement.
B) define an effective assessment methodology.
C) calculate the company's yearly budget requirement.
D) define an effective system upgrade methodology.
E) define an effective network implementation methodology.
5. IS audits should be selected through a risk analysis process to concentrate on:
A) those areas of greatest risk and opportunity for improvements.
B) those areas of least risk and opportunity for improvements.
C) those areas of the greatest financial value.
D) areas led by the key people of the organization.
E) random events.
F) irregular events.
A) an effective scoring system.
B) an effective PERT diagram.
C) an effective departmental brainstorm session.
D) an effective organization-wide brainstorm session.
E) an effective yearly budget.
F) None of the choices.
2. The use of risk assessment tools for classifying risk factors should be formalized in your IT audit effort through:
A) the use of risk controls.
B) the use of computer assisted functions.
C) using computer assisted audit technology tools.
D) the development of written guidelines.
E) None of the choices.
3. Which of the following correctly describes the purpose of an Electronic data processing audit?
A) to collect and evaluate evidence of an organization's information systems, practices, and operations.
B) to ensure document validity.
C) to verify data accuracy.
D) to collect and evaluate benefits brought by an organization's information systems to its bottom line.
E) None of the choices.
4. What should be done to determine the appropriate level of audit coverage for an organization's IT environment?
A) determine the company's quarterly budget requirement.
B) define an effective assessment methodology.
C) calculate the company's yearly budget requirement.
D) define an effective system upgrade methodology.
E) define an effective network implementation methodology.
5. IS audits should be selected through a risk analysis process to concentrate on:
A) those areas of greatest risk and opportunity for improvements.
B) those areas of least risk and opportunity for improvements.
C) those areas of the greatest financial value.
D) areas led by the key people of the organization.
E) random events.
F) irregular events.
1. Right Answer: A
Explanation: A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.
2. Right Answer: D
Explanation: A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.
3. Right Answer: A
Explanation: An Electronic data processing (EDP) audit is an IT audit. It is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations.
4. Right Answer: B
Explanation: To determine the appropriate level of audit coverage for the organization's IT environment, you must define an effective assessment methodology and provide objective information to prioritize the allocation of audit resources properly.
5. Right Answer: A
Explanation: Audits are typically selected through a risk analysis process to concentrate on those areas of greatest risk and opportunity for improvements.Audit topics are supposed to be chosen based on potential for cost savings and service improvements.
Explanation: A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.
2. Right Answer: D
Explanation: A successful risk-based IT audit program could be based on an effective scoring system. In establishing a scoring system, management should consider all relevant risk factors and avoid subjectivity. Auditors should develop written guidelines on the use of risk assessment tools and risk factors and review these guidelines with the audit committee.
3. Right Answer: A
Explanation: An Electronic data processing (EDP) audit is an IT audit. It is the process of collecting and evaluating evidence of an organization's information systems, practices, and operations.
4. Right Answer: B
Explanation: To determine the appropriate level of audit coverage for the organization's IT environment, you must define an effective assessment methodology and provide objective information to prioritize the allocation of audit resources properly.
5. Right Answer: A
Explanation: Audits are typically selected through a risk analysis process to concentrate on those areas of greatest risk and opportunity for improvements.Audit topics are supposed to be chosen based on potential for cost savings and service improvements.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment