CISA 2025 Study Flashcards
QUESTIONS WITH COMPLETE
SOLUTIONS
IS Audit - correct answer ✔✔ The formal examination and/or testing of information systems to
determine whether
1) Info systems are in compliance with applicable laws, regulations, contracts and/or industry
guidelines
2) Info systems are in compliance with applicable laws, regulations, contracts and/or industry
guidelines
3) IS data and info have appropriate levels of confidentiality , integrity and availability
4) IS operations are being accomplished efficiently and effectiveness targets are being met
3 Major Phases of the IT Audit - correct answer ✔✔ 1) Planning
2) Fieldwork/Documentation
3) Reporting/Follow-Up
3 IS Audit & Assurance Standards - correct answer ✔✔ 1) General
2) Performance
3) Reporting
ISACA Code of Professional Ethics - correct answer ✔✔ CISA Holders Must:
1. Inform parties of work performed
2. Perform their duties with objectivity, due diligence and professional care
3. Serve in the interest of the stakeholders
, 4. Maintain the privacy and confidentiality of the information obtained in the course of their
activities
5. Support the professional education of stakeholders
Business Process - correct answer ✔✔ An interrelated set of cross functional activities or events
that result in a delivery of a specific product
Business Process Owner - correct answer ✔✔ The individual responsible for identifying process
requirements, approving process design and managing process performance.
Scope Note: Must be at an appropriately high level in the enterprise and have authority to
commit resources to process-specific risk management activities.
Audit Charter - correct answer ✔✔ Overarching document that covers the entire scope of audit
activities in an entity.
Should outline the overall authority, scope and responsibilities of the audit function.
Highest level of management and/or audit committee should approve it
Should only be changed if the changes can be justified
Engagement Letter - correct answer ✔✔ Document that is more focused on a particular audit
and has a specific objective
Audit Planning - correct answer ✔✔ - Conducted at the beginning of the audit process to
establish the overall strategy and detail the specific procedures and complete the audit
- Includes both short- and long-term planning
Short-term Planning - correct answer ✔✔ Considers audit issues that will be covered during the
year
QUESTIONS WITH COMPLETE
SOLUTIONS
IS Audit - correct answer ✔✔ The formal examination and/or testing of information systems to
determine whether
1) Info systems are in compliance with applicable laws, regulations, contracts and/or industry
guidelines
2) Info systems are in compliance with applicable laws, regulations, contracts and/or industry
guidelines
3) IS data and info have appropriate levels of confidentiality , integrity and availability
4) IS operations are being accomplished efficiently and effectiveness targets are being met
3 Major Phases of the IT Audit - correct answer ✔✔ 1) Planning
2) Fieldwork/Documentation
3) Reporting/Follow-Up
3 IS Audit & Assurance Standards - correct answer ✔✔ 1) General
2) Performance
3) Reporting
ISACA Code of Professional Ethics - correct answer ✔✔ CISA Holders Must:
1. Inform parties of work performed
2. Perform their duties with objectivity, due diligence and professional care
3. Serve in the interest of the stakeholders
, 4. Maintain the privacy and confidentiality of the information obtained in the course of their
activities
5. Support the professional education of stakeholders
Business Process - correct answer ✔✔ An interrelated set of cross functional activities or events
that result in a delivery of a specific product
Business Process Owner - correct answer ✔✔ The individual responsible for identifying process
requirements, approving process design and managing process performance.
Scope Note: Must be at an appropriately high level in the enterprise and have authority to
commit resources to process-specific risk management activities.
Audit Charter - correct answer ✔✔ Overarching document that covers the entire scope of audit
activities in an entity.
Should outline the overall authority, scope and responsibilities of the audit function.
Highest level of management and/or audit committee should approve it
Should only be changed if the changes can be justified
Engagement Letter - correct answer ✔✔ Document that is more focused on a particular audit
and has a specific objective
Audit Planning - correct answer ✔✔ - Conducted at the beginning of the audit process to
establish the overall strategy and detail the specific procedures and complete the audit
- Includes both short- and long-term planning
Short-term Planning - correct answer ✔✔ Considers audit issues that will be covered during the
year
