Could You Pass This CISA Certification Test? Trivia Quiz.

10 Questions

Settings
Could You Pass This CISA Certification Test? Trivia Quiz.

Some of the benefits of being a qualified Certified Information System Auditor is that you can maximise people’s earning potentials. You can also erect a high level of sophistication and discipline, which will help you in the handling of sensitive and classified information with a great of care and secretion. This quiz is aimed at testing your knowledge on CISA auditing.


Related Topics
Questions and Answers
  • 1. 
    In the process of evaluating program change controls, an IS auditor would use source code comparison software to:
    • A. 

      Examine source program changes without information from IS personnel. 

    • B. 

      Detect a source program change made between acquiring a copy of the source and the comparison run.

    • C. 

      Confirm that the control copy is the current version of the production program.

    • D. 

      Ensure that all changes made in the current source copy are detected.

  • 2. 
    The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:
    • A. 

      Plan substantive testing.

    • B. 

      Comply with auditing standards.

    • C. 

      Understand the business process

    • D. 

      Identify control weakness.

  • 3. 
    An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise:
    • A. 

      Professional competence

    • B. 

      Technical competence.

    • C. 

      Organisational independence.

    • D. 

      Professional independence.

  • 4. 
    The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:
    • A. 

      Comply with regulatory requirements.

    • B. 

      Provide a basis for drawing reasonable conclusions

    • C. 

      Ensure complete audit coverage.

    • D. 

      Perform the audit according to the defined scope

  • 5. 
    Which one do you like?
    • A. 

      Include the statement of management in the audit report.

    • B. 

      Reconfirm with management the usage of the software.

    • C. 

      Discuss the issue with senior management since reporting this could have a negative impact on the organisation.

    • D. 

      Identify whether such software is, indeed, being used by the organisation. 

  • 6. 
    An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:
    • A. 

      Conclude that the controls are inadequate.

    • B. 

      Expand the scope to include substantive testing. 

    • C. 

      Suspend the audit

    • D. 

      Place greater reliance on previous audits.

  • 7. 
    When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:
    • A. 

      Analysis.

    • B. 

      Preservation.

    • C. 

      Evaluation.

    • D. 

      Disclosure.

  • 8. 
    While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the:
    • A. 

      Audit trail of the versioning of the work papers.

    • B. 

      Approval of the audit phases.

    • C. 

      Access rights to the work papers.

    • D. 

      Confidentiality of the work papers.

  • 9. 
    Which of the following is an advantage of an integrated test facility (ITF)?
    • A. 

      It uses actual master files or dummies, and the IS auditor does not have to review the source of the transaction.

    • B. 

       Periodic testing does not require separate test processes.

    • C. 

      It validates application systems and tests the ongoing operation of the system.

    • D. 

      The need to prepare test data is eliminated.

  • 10. 
    An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely:
    • A. 

      Review data file access records to test the librarian function.

    • B. 

      Compare utilization records to operations schedules.

    • C. 

      Interview programmers about the procedures currently being followed.

    • D. 

      Evaluate the record retention plans for off-premises storage.