CISA Exam-Test 4 0% 528 Sorry, Your time is over CISA Exam-Test 4 1 / 30 1. Which of the following BEST demonstrates the degree of alignment between IT and business strategy? Number of IT policies that refer directly to business goals Number of IT projects driven by business requirements Percentage of users aware of information security policies Percentage of IT value drivers mapped to business value drivers 2 / 30 2. Which of the following is the BEST way to demonstrate to senior management that organizational security practices comply with industry standards? Existence of an industry-accepted framework Results of an independent assessment - Up-to-date policy and procedures documentation A report on the maturity of controls 3 / 30 3. IT plan Develop a new IT strategic plan that encompasses the new legislation a detailed business case was formally approved prior to the purchase. the procurement project invited tenders from at least three different suppliers. security parameters are set in accordance with the organizations policies security parameters are set in accordance with the manufacturer's standards 4 / 30 4. An IS auditor wants to analyze audit trails on critical servers to discover potential anomalies in user or system behavior. Which of the following is the MOST suitable for performing that task? Computer-aided software engineering (CASE) tools Heuristic scanning tools Trend/variance detection tools Embedded data collection tools Trend/variance detection tools look for anomalies in user or system behavior, such as invoices with increasing invoice numbers. 5 / 30 5. An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing. Which of the following is the auditor's BEST course of action? Notify the service provider of the discrepancies. An IS auditor has assessed a payroll service provider's security policy and finds significant topics are missing. Which of the following is the auditor's BEST course of action? Recommend replacement of the service provider Report the risk to internal management 6 / 30 6. During a compliance audit of a small bank, the IS auditor notes that both the IT and accounting functions are being performed by the same user of the financial system. Which of the following reviews conducted by the user's supervisor would represent the BEST compensating control? A daily report with the total numbers and dollar amounts of each transaction User account administration Audit trails that show the date and time of the transaction Computer log files that show individual transactions Computer logs will record the activities of individuals during their access to a computer system or data file and will record any abnormal activities, such as the modification or deletion of financial data. 7 / 30 7. Which of the following audit techniques would BEST help an IS auditor in determining whether there have been unauthorized program changes since the last authorized program update? Code review Test data run Automated code comparison Review of code migration procedures An automated code comparison is the process of comparing two versions of the same program to determine whether the two correspond. It is an efficient technique because it is an automated procedure. 8 / 30 8. An organization developed a comprehensive three-year IT strategic plan Halfway into the plan a major legislative change impacting the organization is enacted Which oi the following should be management's NEXT course of action? IT plan Develop a new IT strategic plan that encompasses the new legislation Perform a risk assessment of the legislative changes Assess the legislation to determine whether changes are required to the strategic Develop specific procedural documentation related to the changed legislation 9 / 30 9. When using an integrated test facility (ITF), an IS auditor should ensure that: a test data generator is used. production data are used for testing. master files are updated with the test data. test data are isolated from production data. An ITF creates a fictitious file in the database, allowing for test transactions to be processed simultaneously with live data. The test data must be kept separate from production data. 10 / 30 10. An enterprise is developing a strategy to upgrade to a newer version of its database software. Which of the following tasks can an IS auditor perform without compromising the objectivity of the IS audit function? Recommend to the project manager how to improve the efficiency of the migration. Review the acceptance test case documentation before the tests are carried out. Advise on the adoption of application controls to the new database software. Provide future estimates of the licensing expenses to the project team. The review of the test cases will facilitate the objective of a successful migration and ensure that proper testing is conducted. An IS auditor can advise as to the completeness of the test cases. 11 / 30 11. An IS auditor is testing employee access to a large financial system, and the IS auditor selected a sample from the current employee list provided by the auditee. Which of the following evidence is the MOST reliable to support the testing? Human resources (HR) access documents signed by employees' managers A list of accounts with access levels generated by the system Observations performed onsite in the presence of a system administrator A spreadsheet provided by the system administrator The access list generated by the system is the most reliable because it is the most objective evidence to perform a comparison against the samples selected. The evidence is objective because it was generated by the system rather than by an individual. 12 / 30 12. Which of the following sampling methods would be the MOST effective to determine whether purchase orders issued to vendors have been authorized as per the authorization matrix? Unstratified mean per unit Attribute sampling Stratified mean per unit Variable sampling Attribute sampling is the method used for compliance testing. In this scenario, the operation of a control is being evaluated, and therefore, the attribute of whether each purchase order was correctly authorized would be used to determine compliance with the control. 13 / 30 13. During a review of the IT strategic plan, an IS auditor finds several IT initiatives focused on delivering new systems and technology are not aligned with the organization's strategy.Wch of the following would be the IS auditor’s BEST recommendation? Reassess IT initiatives that do not map business strategies Reassess the return on investment for the IT initiatives Utilize a balanced scorecard to align IT initiatives to business strategies - Modify IT initiatives that do not map to business strategies 14 / 30 14. While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the: confidentiality of the work papers. access rights to the work papers. approval of the audit phases. audit trail of the versioning of the work papers. Encryption provides confidentiality for the electronic work papers. 15 / 30 15. Although management has stated otherwise, an IS auditor has reasons to believe that the organization is using software that is not licensed. In this situation, the IS auditor should FIRST: include the statement from management in the audit report. include the item in the audit report. discuss the issue with senior management because it could have a negative impact on the organization. verify the software is in use through testing. When there is an indication that an organization might be using unlicensed software, the IS auditor should obtain sufficient evidence before including it in report. 16 / 30 16. An IS auditor assessing the controls within a newly implemented call center would FIRST evaluate the operational risk associated with the call center. gather information from the customers regarding response times and quality of service. review the manual and automated controls in the call center. test the technical infrastructure at the call center. 17 / 30 17. During the collection of forensic evidence, which of the following actions would MOST likely result in the destruction or corruption of evidence on a compromised system? Rebooting the system Removing the system from the network Generating disk images of the compromised system Dumping the memory content to a file Rebooting the system may result in a change in the system state and the loss of files and important evidence stored in memory. 18 / 30 18. An IS auditor who was involved in designing an organization's business continuity plan (BCP) has been assigned to audit the plan. The IS auditor should: communicate the possibility of conflict of interest to audit management prior to starting the assignment. inform the BCP team of the possible conflict of interest prior to beginning the assignment. inform management of the possible conflict of interest after completing the audit assignment. decline the assignment. A possible conflict of interest, likely to affect the IS auditor's independence, should be brought to the attention of management prior to starting the assignment. 19 / 30 19. The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to: perform the audit according to the defined scope ensure complete audit coverage. provide a basis for drawing reasonable conclusions. comply with regulatory requirements. The scope of an IS audit is defined by its objectives. This involves identifying control weaknesses relevant to the scope of the audit. Obtaining sufficient and appropriate evidence assists the auditor in not only identifying control weaknesses but also documenting and validating them. 20 / 30 20. An organization was severely impacted after an advanced persistent threat (APT) attack. Afterwards, it was found that the initial breach happened a month prior to the attack. Management’s GREATEST concern should be: results of the past internal penetration test the effectiveness of monitoring processes external firewall policies the installation of critical security patches 21 / 30 21. In the process of evaluating program change controls, an IS auditor would use source code comparison software to: detect a source program change made between acquiring a copy of the source and the comparison run. confirm that the control copy is the current version of the production program. examine source program changes without information from IS personnel. ensure that all changes made in the current source copy are tested. When an IS auditor uses a source code comparison to examine source program changes without information from IS personnel, the IS auditor has an objective, independent and relatively complete assurance of program changes because the source code comparison will identify the changes. 22 / 30 22. An IS auditor is validating a control that involves a review of system-generated exception reports. Which of the following is the BEST evidence of the effectiveness of the control? Walk-through with the reviewer of the operation of the control Management's confirmation of the effectiveness of the control for the review period A sample system-generated exception report for the review period, with follow-up action items noted by the reviewer System-generated exception reports for the review period with the reviewer's sign-off A sample of a system-generated report with evidence that the reviewer followed up on the exception represents the best possible evidence of the effective operation of the control because there is documented evidence that the reviewer has reviewed and taken actions based on the exception report. 23 / 30 23. After initial investigation, an IS auditor has reasons to believe that fraud may be present. The IS auditor should: report the possibility of fraud to management. consult with external legal counsel to determine the course of action to be taken. expand activities to determine whether an investigation is warranted. report the matter to the audit committee. An IS auditor's responsibilities for detecting fraud include evaluating fraud indicators and deciding whether any additional action is necessary or whether an investigation should be recommended. 24 / 30 24. Which of the following observations noted during a review of the organization’s social media practices should be of MOST concern to the IS auditor? Not all employees using social media have attended the security awareness program More than one employee is authorized to publish on social media on behalf of the organization The organization does not require approval for social media posts. The organization does not have a documented social media policy 25 / 30 25. An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? Evidence shows that only scheduled jobs were run. There are a growing number of emergency changes. There were instances when some jobs were overridden by computer operators. There were instances when some jobs were not completed on time. The overriding of computer processing jobs by computer operators could lead to unauthorized changes to data or programs. This is a control concern; thus, it is always critical. 26 / 30 26. Which of the following would an IS auditor use to determine if unauthorized modifications were made to production programs? System log analysis Compliance testing Analytical review Forensic analysis Determining that only authorized modifications are made to production programs would require the change management process be reviewed to evaluate the existence of a trail of documentary evidence. Compliance testing would help to verify that the change management process has been applied consistently. 27 / 30 27. Which of the following will MOST successfully identify overlapping key controls in business application systems? Submitting test transactions through an integrated test facility (ITF) Replacing manual monitoring with an automated auditing solution Testing controls to validate that they are effective Reviewing system functionalities that are attached to complex business processes As part of the effort to realize continuous audit management (CAM), there are cases for introducing an automated monitoring and auditing solution. All key controls need to be clearly aligned for systematic implementation; thus, analysts have the opportunity to discover unnecessary or overlapping key controls in existing systems. 28 / 30 28. When reviewing business continuity plan (BCP) test results, it is MOST important for the IS auditor to determine whether the test: considers changes to the systems environment. assesses the capability to retrieve vital records follows up on activities that occurred since the previous test. verifies the ability to resume key business operations. 29 / 30 29. An IS auditor is carrying out a system configuration review. Which of the following would be the BEST evidence in support of the current system configuration settings? Standard report with configuration values retrieved from the system by the IS auditor Dated screenshot of the system configuration settings made available by the system administrator System configuration values imported to a spreadsheet by the system administrator Annual review of approved system configuration values by the business owner Evidence obtained directly from the source by an IS auditor is more reliable than information provided by a system administrator or a business owner because the IS auditor does not have a vested interest in the outcome of the audit. 30 / 30 30. Which of the following should an IS auditor use to detect duplicate invoice records within an invoice master file? Compliance testing Integrated test facility (ITF) Attribute sampling Computer-assisted audit techniques (CAATs) Computer-assisted audit techniques (CAATs) would enable the IS auditor to review the entire invoice file to look for those items that meet the selection criteria. Your score is LinkedIn Facebook Twitter Exit