CISA Exam Memorization Points – Questions With
Proven Solutions
Save
Practice questions for this set
Learn 1 /7 Study using Learn
Best method for estimating project duration (Best, worst, most likely)
- CPM only considers a single duration
Choose an answer
1 Steps to Audit Planning 2 Steps of a Risk Assessment
Project Evaluation Review Technique
3 4 Virtualization
(PERT )
Don't know?
Terms in this set (180)
Steps to Audit Planning 1. Understanding the Business
2. Identifying Risks
3. Setting Goals and Scope
4. Audit procedures (outline)
5. Allocating Resources
,Audit Charter - Scope of Audit Function
- Authority of Audit Function
- Responsibility of Audit Function
Preventive Control Prevents a negative event (SoD)
Detective Control Detects a negative event (Hash Total)
Corrective Control Correct any negative event (rerun procedure)
Deterrent Control Deter any negative event (Warning sign)
Inherent Risk Risk before controls
Residual Risk Risk after controls
Control Risk Risk of undetected misstatement because of
ineffective controls
Detection Risk Risk auditors fail to detect a misstatement in an audit
Audit Risk Risk that information collected may contain a material
error that may go undetected during information
systems (IS) auditing?
Risk Response Methodology Mitigation
Acceptance
Avoidance
Transfer
Steps of a Risk Assessment 1. Understand the Business Environment
2. Identify Critical Assets (most important)
3. Identify Potential Risks for Assets
4. Prioritize Risks in Order of Criticality
5. Evaluate Various Available Control mechanisms
6. Apply the Relevant Control
, Audit Project Management Steps 1. Determine Audit Subject
2. Define Audit Objective
3. Set Audit Scope
4. Pre-Audit Planning (Risk Assessment)
5. Determine Audit Procedures
6. Fieldwork and Documentation
7. Reporting Phase
Statistical Sampling Objective (non-judgemental), probability of error can
be quantified, and each item has equal chance of
selection
Non-statistical Sampling Subjective ( judgemental), cannot be objectively
quantified, depends on auditor judgement
Attribute Sampling Sample a # of items and classify as either not
compliant or compliant (yes or no) COMPLIANCE
TESTING
Variable Sampling Allows us to understand how much or how bad...
SUBSTANTIVE TESTING
Stop or Go Sampling Used when auditor believes that very few errors will
be found (auditor stops at the earliest possible
moment)
Discovery Sampling Used when objective of audit is to discover fraud
Confidence Coefficient Probability that samples are truly representative of
population
- Strong controls = lower sample and coefficient
- Weak controls = higher sample and coefficient
Compliance Testing Checks for presence of a control (yes or no)
ATTRIBUTE SAMPLING
Substantive Testing Checks for integrity on transaction - VARIABLE
SAMPLING
Proven Solutions
Save
Practice questions for this set
Learn 1 /7 Study using Learn
Best method for estimating project duration (Best, worst, most likely)
- CPM only considers a single duration
Choose an answer
1 Steps to Audit Planning 2 Steps of a Risk Assessment
Project Evaluation Review Technique
3 4 Virtualization
(PERT )
Don't know?
Terms in this set (180)
Steps to Audit Planning 1. Understanding the Business
2. Identifying Risks
3. Setting Goals and Scope
4. Audit procedures (outline)
5. Allocating Resources
,Audit Charter - Scope of Audit Function
- Authority of Audit Function
- Responsibility of Audit Function
Preventive Control Prevents a negative event (SoD)
Detective Control Detects a negative event (Hash Total)
Corrective Control Correct any negative event (rerun procedure)
Deterrent Control Deter any negative event (Warning sign)
Inherent Risk Risk before controls
Residual Risk Risk after controls
Control Risk Risk of undetected misstatement because of
ineffective controls
Detection Risk Risk auditors fail to detect a misstatement in an audit
Audit Risk Risk that information collected may contain a material
error that may go undetected during information
systems (IS) auditing?
Risk Response Methodology Mitigation
Acceptance
Avoidance
Transfer
Steps of a Risk Assessment 1. Understand the Business Environment
2. Identify Critical Assets (most important)
3. Identify Potential Risks for Assets
4. Prioritize Risks in Order of Criticality
5. Evaluate Various Available Control mechanisms
6. Apply the Relevant Control
, Audit Project Management Steps 1. Determine Audit Subject
2. Define Audit Objective
3. Set Audit Scope
4. Pre-Audit Planning (Risk Assessment)
5. Determine Audit Procedures
6. Fieldwork and Documentation
7. Reporting Phase
Statistical Sampling Objective (non-judgemental), probability of error can
be quantified, and each item has equal chance of
selection
Non-statistical Sampling Subjective ( judgemental), cannot be objectively
quantified, depends on auditor judgement
Attribute Sampling Sample a # of items and classify as either not
compliant or compliant (yes or no) COMPLIANCE
TESTING
Variable Sampling Allows us to understand how much or how bad...
SUBSTANTIVE TESTING
Stop or Go Sampling Used when auditor believes that very few errors will
be found (auditor stops at the earliest possible
moment)
Discovery Sampling Used when objective of audit is to discover fraud
Confidence Coefficient Probability that samples are truly representative of
population
- Strong controls = lower sample and coefficient
- Weak controls = higher sample and coefficient
Compliance Testing Checks for presence of a control (yes or no)
ATTRIBUTE SAMPLING
Substantive Testing Checks for integrity on transaction - VARIABLE
SAMPLING
