CISA Exam-Test 4 0% 532 Sorry, Your time is over CISA Exam-Test 4 1 / 30 1. When reviewing business continuity plan (BCP) test results, it is MOST important for the IS auditor to determine whether the test: considers changes to the systems environment. assesses the capability to retrieve vital records verifies the ability to resume key business operations. follows up on activities that occurred since the previous test. 2 / 30 2. During a review of the IT strategic plan, an IS auditor finds several IT initiatives focused on delivering new systems and technology are not aligned with the organization's strategy.Wch of the following would be the IS auditor’s BEST recommendation? Reassess the return on investment for the IT initiatives Reassess IT initiatives that do not map business strategies Utilize a balanced scorecard to align IT initiatives to business strategies - Modify IT initiatives that do not map to business strategies 3 / 30 3. Which of the following should an IS auditor use to detect duplicate invoice records within an invoice master file? Integrated test facility (ITF) Computer-assisted audit techniques (CAATs) Attribute sampling Compliance testing Computer-assisted audit techniques (CAATs) would enable the IS auditor to review the entire invoice file to look for those items that meet the selection criteria. 4 / 30 4. Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs? Compliance testing Forensic analysis System log analysis Analytical review Determining that only authorized modifications are made to production programs would require the change management process be reviewed to evaluate the existence of a trail of documentary evidence. Compliance testing would help to verify that the change management process has been applied consistently. 5 / 30 5. An IS auditor assessing the controls within a newly implemented call center would FIRST evaluate the operational risk associated with the call center. test the technical infrastructure at the call center. review the manual and automated controls in the call center. gather information from the customers regarding response times and quality of service. 6 / 30 6. An IS auditor wants to analyze audit trails on critical servers to discover potential anomalies in user or system behavior. Which of the following is the MOST suitable for performing that task? Embedded data collection tools Heuristic scanning tools Computer-aided software engineering (CASE) tools Trend/variance detection tools Trend/variance detection tools look for anomalies in user or system behavior, such as invoices with increasing invoice numbers. 7 / 30 7. An organization was severely impacted after an advanced persistent threat (APT) attack. Afterwards, it was found that the initial breach happened a month prior to the attack. Management’s GREATEST concern should be: external firewall policies the installation of critical security patches results of the past internal penetration test the effectiveness of monitoring processes 8 / 30 8. After initial investigation, an IS auditor has reasons to believe that fraud may be present. The IS auditor should: report the matter to the audit committee. expand activities to determine whether an investigation is warranted. report the possibility of fraud to management. consult with external legal counsel to determine the course of action to be taken. An IS auditor's responsibilities for detecting fraud include evaluating fraud indicators and deciding whether any additional action is necessary or whether an investigation should be recommended. 9 / 30 9. Which of the following audit techniques would BEST help an IS auditor in determining whether there have been unauthorized program changes since the last authorized program update? Automated code comparison Test data run Review of code migration procedures Code review An automated code comparison is the process of comparing two versions of the same program to determine whether the two correspond. It is an efficient technique because it is an automated procedure. 10 / 30 10. Which of the following sampling methods would be the MOST effective to determine whether purchase orders issued to vendors have been authorized as per the authorization matrix? Attribute sampling Stratified mean per unit Variable sampling Unstratified mean per unit Attribute sampling is the method used for compliance testing. In this scenario, the operation of a control is being evaluated, and therefore, the attribute of whether each purchase order was correctly authorized would be used to determine compliance with the control. 11 / 30 11. An IS auditor is carrying out a system configuration review. Which of the following would be the BEST evidence in support of the current system configuration settings? Annual review of approved system configuration values by the business owner Dated screenshot of the system configuration settings made available by the system administrator Standard report with configuration values retrieved from the system by the IS auditor System configuration values imported to a spreadsheet by the system administrator Evidence obtained directly from the source by an IS auditor is more reliable than information provided by a system administrator or a business owner because the IS auditor does not have a vested interest in the outcome of the audit. 12 / 30 12. An organization developed a comprehensive three-year IT strategic plan Halfway into the plan a major legislative change impacting the organization is enacted Which oi the following should be management's NEXT course of action? Assess the legislation to determine whether changes are required to the strategic Perform a risk assessment of the legislative changes Develop specific procedural documentation related to the changed legislation IT plan Develop a new IT strategic plan that encompasses the new legislation 13 / 30 13. An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? There were instances when some jobs were overridden by computer operators. Evidence shows that only scheduled jobs were run. There are a growing number of emergency changes. There were instances when some jobs were not completed on time. The overriding of computer processing jobs by computer operators could lead to unauthorized changes to data or programs. This is a control concern; thus, it is always critical. 14 / 30 14. When using an integrated test facility (ITF), an IS auditor should ensure that: production data are used for testing. a test data generator is used. test data are isolated from production data. master files are updated with the test data. An ITF creates a fictitious file in the database, allowing for test transactions to be processed simultaneously with live data. The test data must be kept separate from production data. 15 / 30 15. During the collection of forensic evidence, which of the following actions would MOST likely result in the destruction or corruption of evidence on a compromised system? Removing the system from the network Rebooting the system Dumping the memory content to a file Generating disk images of the compromised system Rebooting the system may result in a change in the system state and the loss of files and important evidence stored in memory. 16 / 30 16. Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards? Existence of an industry-accepted framework A report on the maturity of controls - Up-to-date policy and procedures documentation Results of an independent assessment 17 / 30 17. Which of the following will MOST successfully identify overlapping key controls in business application systems? Replacing manual monitoring with an automated auditing solution Submitting test transactions through an integrated test facility (ITF) Testing controls to validate that they are effective Reviewing system functionalities that are attached to complex business processes As part of the effort to realize continuous audit management (CAM), there are cases for introducing an automated monitoring and auditing solution. All key controls need to be clearly aligned for systematic implementation; thus, analysts have the opportunity to discover unnecessary or overlapping key controls in existing systems. 18 / 30 18. Which of the following observations noted during a review of the organization’s social media practices should be of MOST concern to the IS auditor? Not all employees using social media have attended the security awareness program The organization does not require approval for social media posts. More than one employee is authorized to publish on social media on behalf of the organization The organization does not have a documented social media policy 19 / 30 19. In the process of evaluating program change controls, an IS auditor would use source code comparison software to: examine source program changes without information from IS personnel. ensure that all changes made in the current source copy are tested. confirm that the control copy is the current version of the production program. detect a source program change made between acquiring a copy of the source and the comparison run. When an IS auditor uses a source code comparison to examine source program changes without information from IS personnel, the IS auditor has an objective, independent and relatively complete assurance of program changes because the source code comparison will identify the changes. 20 / 30 20. An IS auditor is validating a control that involves a review of system-generated exception reports. Which of the following is the BEST evidence of the effectiveness of the control? Walk-through with the reviewer of the operation of the control System-generated exception reports for the review period with the reviewer's sign-off A sample system-generated exception report for the review period, with follow-up action items noted by the reviewer Management's confirmation of the effectiveness of the control for the review period A sample of a system-generated report with evidence that the reviewer followed up on the exception represents the best possible evidence of the effective operation of the control because there is documented evidence that the reviewer has reviewed and taken actions based on the exception report. 21 / 30 21. Which of the following BEST demonstrates the degree of alignment between IT and business strategy? Number of IT projects driven by business requirements Number of IT policies that refer directly to business goals Percentage of IT value drivers mapped to business value drivers Percentage of users aware of information security policies 22 / 30 22. Although management has stated otherwise, an IS auditor has reasons to believe that the organization is using software that is not licensed. In this situation, the IS auditor should FIRST: include the statement from management in the audit report. discuss the issue with senior management because it could have a negative impact on the organization. include the item in the audit report. verify the software is in use through testing. When there is an indication that an organization might be using unlicensed software, the IS auditor should obtain sufficient evidence before including it in report. 23 / 30 23. An enterprise is developing a strategy to upgrade to a newer version of its database software. Which of the following tasks can an IS auditor perform without compromising the objectivity of the IS audit function? Advise on the adoption of application controls to the new database software. Review the acceptance test case documentation before the tests are carried out. Provide future estimates of the licensing expenses to the project team. Recommend to the project manager how to improve the efficiency of the migration. The review of the test cases will facilitate the objective of a successful migration and ensure that proper testing is conducted. An IS auditor can advise as to the completeness of the test cases. 24 / 30 24. An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing. Which of the following is the auditor's BEST course of action? Notify the service provider of the discrepancies. Report the risk to internal management Recommend replacement of the service provider An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing. Which of the following is the auditor's BEST course of action? 25 / 30 25. While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the: approval of the audit phases. confidentiality of the work papers. audit trail of the versioning of the work papers. access rights to the work papers. Encryption provides confidentiality for the electronic work papers. 26 / 30 26. An IS auditor is testing employee access to a large financial system, and the IS auditor selected a sample from the current employee list provided by the auditee. Which of the following evidence is the MOST reliable to support the testing? Observations performed onsite in the presence of a system administrator Human resources (HR) access documents signed by employees' managers A list of accounts with access levels generated by the system A spreadsheet provided by the system administrator The access list generated by the system is the most reliable because it is the most objective evidence to perform a comparison against the samples selected. The evidence is objective because it was generated by the system rather than by an individual. 27 / 30 27. An IS auditor who was involved in designing an organization's business continuity plan (BCP) has been assigned to audit the plan. The IS auditor should: decline the assignment. inform the BCP team of the possible conflict of interest prior to beginning the assignment. inform management of the possible conflict of interest after completing the audit assignment. communicate the possibility of conflict of interest to audit management prior to starting the assignment. A possible conflict of interest, likely to affect the IS auditor's independence, should be brought to the attention of management prior to starting the assignment. 28 / 30 28. IT plan Develop a new IT strategic plan that encompasses the new legislation security parameters are set in accordance with the manufacturer's standards security parameters are set in accordance with the organizations policies the procurement project invited tenders from at least three different suppliers. a detailed business case was formally approved prior to the purchase. 29 / 30 29. The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to: ensure complete audit coverage. comply with regulatory requirements. perform the audit according to the defined scope provide a basis for drawing reasonable conclusions. The scope of an IS audit is defined by its objectives. This involves identifying control weaknesses relevant to the scope of the audit. Obtaining sufficient and appropriate evidence assists the auditor in not only identifying control weaknesses but also documenting and validating them. 30 / 30 30. During a compliance audit of a small bank, the IS auditor notes that both the IT and accounting functions are being performed by the same user of the financial system. Which of the following reviews conducted by the user's supervisor would represent the BEST compensating control? User account administration Computer log files that show individual transactions Audit trails that show the date and time of the transaction A daily report with the total numbers and dollar amounts of each transaction Computer logs will record the activities of individuals during their access to a computer system or data file and will record any abnormal activities, such as the modification or deletion of financial data. Your score is LinkedIn Facebook Twitter Exit