CISA EXAM Questions and Answers
(Latest Update 2024)
Chapter 1
Source code - Correct Answer ✅ uncompiled, archive code
Object code - Correct Answer ✅ compiled code that is
distributed and put into production; not able to be read by
humans
Inherent risk - Correct Answer ✅ the risk that an error
could occur assuming no compensating control exist
Control risk - Correct Answer ✅ the risk that an error exists
that would not be prevented by internal controls
Detection risk - Correct Answer ✅ the risk that an error
exists, but is not detected. The risk that an IS auditor may
use an inadequate test procedure and conclude that no
material error exists when in fact errors do exist.
,CISA EXAM Questions and Answers
(Latest Update 2024)
Audit risk - Correct Answer ✅ the overall level of risk; the
level of risk the auditor is prepared to accept.
Compliance testing - Correct Answer ✅ determines if
controls are being applied in a manner that complies with
mgmt's policies and procedures
Substantive testing - Correct Answer ✅ evaluates the
integrity of individual transactions, data, and other
information.
Regression testing - Correct Answer ✅ used to retest
earlier program abends that occurred during the initial testing
phase.
Sociability testing - Correct Answer ✅ to ensure the
application works as expected in the specified environment
where other applications run concurrently. Includes testing of
interfaces with other systems.
,CISA EXAM Questions and Answers
(Latest Update 2024)
Parallel testing - Correct Answer ✅ Feeding test data into
two systems and comparing the results.
White box testing - Correct Answer ✅ test the software's
program logic.
Black box testing - Correct Answer ✅ Testing the functional
operating effectiveness without regard to internal program
structure.
Redundancy check - Correct Answer ✅ detects
transmission errors by appending calculated bits onto the end
of each segment of data.
Variable sampling - Correct Answer ✅ used to estimate the
average or total value of a population.
Discovery sampling - Correct Answer ✅ used to determine
the probability of finding an attribute in a population.
, CISA EXAM Questions and Answers
(Latest Update 2024)
Attribute sampling - Correct Answer ✅ selecting items from
a population based on a common attribute. Used for
compliance testing.
Chapter 2 - Correct Answer ✅
Steering Committee - Correct Answer ✅ Appointed by
senior management. Serves as a general review board for
projects and acquisitions... not involved in routine operations.
The committee should include representatives from senior
management, user management, and the IS department.
Escalates issues to senior management.
Request for Proposal (RFP) - Correct Answer ✅ A document
distributed to software vendors requesting their submission
of a proposal to develop or provide a software product. RFP
should include: Project Overview, Key Requirements and
Constraints, Scope Limitations, Vendor questionnaire,
customer references, demonstrations, etc.
Quality Assurance - Correct Answer ✅ Check to verify
policies are followed.
(Latest Update 2024)
Chapter 1
Source code - Correct Answer ✅ uncompiled, archive code
Object code - Correct Answer ✅ compiled code that is
distributed and put into production; not able to be read by
humans
Inherent risk - Correct Answer ✅ the risk that an error
could occur assuming no compensating control exist
Control risk - Correct Answer ✅ the risk that an error exists
that would not be prevented by internal controls
Detection risk - Correct Answer ✅ the risk that an error
exists, but is not detected. The risk that an IS auditor may
use an inadequate test procedure and conclude that no
material error exists when in fact errors do exist.
,CISA EXAM Questions and Answers
(Latest Update 2024)
Audit risk - Correct Answer ✅ the overall level of risk; the
level of risk the auditor is prepared to accept.
Compliance testing - Correct Answer ✅ determines if
controls are being applied in a manner that complies with
mgmt's policies and procedures
Substantive testing - Correct Answer ✅ evaluates the
integrity of individual transactions, data, and other
information.
Regression testing - Correct Answer ✅ used to retest
earlier program abends that occurred during the initial testing
phase.
Sociability testing - Correct Answer ✅ to ensure the
application works as expected in the specified environment
where other applications run concurrently. Includes testing of
interfaces with other systems.
,CISA EXAM Questions and Answers
(Latest Update 2024)
Parallel testing - Correct Answer ✅ Feeding test data into
two systems and comparing the results.
White box testing - Correct Answer ✅ test the software's
program logic.
Black box testing - Correct Answer ✅ Testing the functional
operating effectiveness without regard to internal program
structure.
Redundancy check - Correct Answer ✅ detects
transmission errors by appending calculated bits onto the end
of each segment of data.
Variable sampling - Correct Answer ✅ used to estimate the
average or total value of a population.
Discovery sampling - Correct Answer ✅ used to determine
the probability of finding an attribute in a population.
, CISA EXAM Questions and Answers
(Latest Update 2024)
Attribute sampling - Correct Answer ✅ selecting items from
a population based on a common attribute. Used for
compliance testing.
Chapter 2 - Correct Answer ✅
Steering Committee - Correct Answer ✅ Appointed by
senior management. Serves as a general review board for
projects and acquisitions... not involved in routine operations.
The committee should include representatives from senior
management, user management, and the IS department.
Escalates issues to senior management.
Request for Proposal (RFP) - Correct Answer ✅ A document
distributed to software vendors requesting their submission
of a proposal to develop or provide a software product. RFP
should include: Project Overview, Key Requirements and
Constraints, Scope Limitations, Vendor questionnaire,
customer references, demonstrations, etc.
Quality Assurance - Correct Answer ✅ Check to verify
policies are followed.
