1 | P a g e | © copyright 2024/2025 | Grade A+
CISA EXAM Questions & 100% Correct
Answers
Source code
✓ :~~ uncompiled, archive code
Object code
✓ :~~ compiled code that is distributed and put into production; not able to
be read by humans
Inherent risk
✓ :~~ the risk that an error could occur assuming no compensating control
exist
Control risk
✓ :~~ the risk that an error exists that would not be prevented by internal
controls
Detection risk
Master01 | September, 2024/2025 | Latest update
, 2 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ the risk that an error exists, but is not detected. The risk that an IS
auditor may use an inadequate test procedure and conclude that no
material error exists when in fact errors do exist.
Audit risk
✓ :~~ the overall level of risk; the level of risk the auditor is prepared to
accept.
Compliance testing
✓ :~~ determines if controls are being applied in a manner that complies
with mgmt's policies and procedures
Substantive testing
✓ :~~ evaluates the integrity of individual transactions, data, and other
information.
Regression testing
✓ :~~ used to retest earlier program abends that occurred during the initial
testing phase.
Sociability testing
Master01 | September, 2024/2025 | Latest update
, 3 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ to ensure the application works as expected in the specified
environment where other applications run concurrently. Includes testing of
interfaces with other systems.
Parallel testing
✓ :~~ Feeding test data into two systems and comparing the results.
White box testing
✓ :~~ test the software's program logic.
Black box testing
✓ :~~ Testing the functional operating effectiveness without regard to
internal program structure.
Redundancy check
✓ :~~ detects transmission errors by appending calculated bits onto the end
of each segment of data.
Variable sampling
✓ :~~ used to estimate the average or total value of a population.
Discovery sampling
Master01 | September, 2024/2025 | Latest update
, 4 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ used to determine the probability of finding an attribute in a
population.
Attribute sampling
✓ :~~ selecting items from a population based on a common attribute. Used
for compliance testing.
Chapter 2
✓ :~~
Steering Committee
✓ :~~ Appointed by senior management. Serves as a general review board for
projects and acquisitions... not involved in routine operations. The
committee should include representatives from senior management, user
management, and the IS department. Escalates issues to senior
management.
Request for Proposal (RFP)
Master01 | September, 2024/2025 | Latest update
CISA EXAM Questions & 100% Correct
Answers
Source code
✓ :~~ uncompiled, archive code
Object code
✓ :~~ compiled code that is distributed and put into production; not able to
be read by humans
Inherent risk
✓ :~~ the risk that an error could occur assuming no compensating control
exist
Control risk
✓ :~~ the risk that an error exists that would not be prevented by internal
controls
Detection risk
Master01 | September, 2024/2025 | Latest update
, 2 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ the risk that an error exists, but is not detected. The risk that an IS
auditor may use an inadequate test procedure and conclude that no
material error exists when in fact errors do exist.
Audit risk
✓ :~~ the overall level of risk; the level of risk the auditor is prepared to
accept.
Compliance testing
✓ :~~ determines if controls are being applied in a manner that complies
with mgmt's policies and procedures
Substantive testing
✓ :~~ evaluates the integrity of individual transactions, data, and other
information.
Regression testing
✓ :~~ used to retest earlier program abends that occurred during the initial
testing phase.
Sociability testing
Master01 | September, 2024/2025 | Latest update
, 3 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ to ensure the application works as expected in the specified
environment where other applications run concurrently. Includes testing of
interfaces with other systems.
Parallel testing
✓ :~~ Feeding test data into two systems and comparing the results.
White box testing
✓ :~~ test the software's program logic.
Black box testing
✓ :~~ Testing the functional operating effectiveness without regard to
internal program structure.
Redundancy check
✓ :~~ detects transmission errors by appending calculated bits onto the end
of each segment of data.
Variable sampling
✓ :~~ used to estimate the average or total value of a population.
Discovery sampling
Master01 | September, 2024/2025 | Latest update
, 4 | P a g e | © copyright 2024/2025 | Grade A+
✓ :~~ used to determine the probability of finding an attribute in a
population.
Attribute sampling
✓ :~~ selecting items from a population based on a common attribute. Used
for compliance testing.
Chapter 2
✓ :~~
Steering Committee
✓ :~~ Appointed by senior management. Serves as a general review board for
projects and acquisitions... not involved in routine operations. The
committee should include representatives from senior management, user
management, and the IS department. Escalates issues to senior
management.
Request for Proposal (RFP)
Master01 | September, 2024/2025 | Latest update
