CISA Exam– Questions With Verified Solutions
Save
Terms in this set (50)
IS Audit The formal examination and/or testing of information
systems to determine whether
1) Info systems are in compliance with applicable
laws, regulations, contracts and/or industry
guidelines
2) Info systems are in compliance with applicable
laws, regulations, contracts and/or industry
guidelines
3) IS data and info have appropriate levels of
confidentiality , integrity and availability
4) IS operations are being accomplished efficiently
and effectiveness targets are being met
3 Major Phases of the IT Audit 1) Planning
2) Fieldwork/Documentation
3) Reporting/Follow-Up
3 IS Audit & Assurance Standards 1) General
2) Performance
3) Reporting
ISACA Code of Professional Ethics CISA Holders Must:
1. Inform parties of work performed
2. Perform their duties with objectivity, due diligence
and professional care
3. Serve in the interest of the stakeholders
4. Maintain the privacy and confidentiality of the
information obtained in the course of their activities
5. Support the professional education of
stakeholders
, Business Process An interrelated set of cross functional activities or
events that result in a delivery of a specific product
Business Process Owner The individual responsible for identifying process
requirements, approving process design and
managing process performance.
Scope Note: Must be at an appropriately high level
in the enterprise and have authority to commit
resources to process-specific risk management
activities.
Audit Charter Overarching document that covers the entire scope
of audit activities in an entity.
Should outline the overall authority, scope and
responsibilities of the audit function.
Highest level of management and/or audit committee
should approve it
Should only be changed if the changes can be
justified
Engagement Letter Document that is more focused on a particular audit
and has a specific objective
Audit Planning - Conducted at the beginning of the audit process to
establish the overall strategy and detail the specific
procedures and complete the audit
- Includes both short- and long-term planning
Short-term Planning Considers audit issues that will be covered during the
year
Long-term Planning Considers risk related issues regarding changes to
the org's strategic IT direction that will affect the
overall IT environment
Audit Universe Includes all relevant processes that represent the
blueprint of the enterprise's business
Save
Terms in this set (50)
IS Audit The formal examination and/or testing of information
systems to determine whether
1) Info systems are in compliance with applicable
laws, regulations, contracts and/or industry
guidelines
2) Info systems are in compliance with applicable
laws, regulations, contracts and/or industry
guidelines
3) IS data and info have appropriate levels of
confidentiality , integrity and availability
4) IS operations are being accomplished efficiently
and effectiveness targets are being met
3 Major Phases of the IT Audit 1) Planning
2) Fieldwork/Documentation
3) Reporting/Follow-Up
3 IS Audit & Assurance Standards 1) General
2) Performance
3) Reporting
ISACA Code of Professional Ethics CISA Holders Must:
1. Inform parties of work performed
2. Perform their duties with objectivity, due diligence
and professional care
3. Serve in the interest of the stakeholders
4. Maintain the privacy and confidentiality of the
information obtained in the course of their activities
5. Support the professional education of
stakeholders
, Business Process An interrelated set of cross functional activities or
events that result in a delivery of a specific product
Business Process Owner The individual responsible for identifying process
requirements, approving process design and
managing process performance.
Scope Note: Must be at an appropriately high level
in the enterprise and have authority to commit
resources to process-specific risk management
activities.
Audit Charter Overarching document that covers the entire scope
of audit activities in an entity.
Should outline the overall authority, scope and
responsibilities of the audit function.
Highest level of management and/or audit committee
should approve it
Should only be changed if the changes can be
justified
Engagement Letter Document that is more focused on a particular audit
and has a specific objective
Audit Planning - Conducted at the beginning of the audit process to
establish the overall strategy and detail the specific
procedures and complete the audit
- Includes both short- and long-term planning
Short-term Planning Considers audit issues that will be covered during the
year
Long-term Planning Considers risk related issues regarding changes to
the org's strategic IT direction that will affect the
overall IT environment
Audit Universe Includes all relevant processes that represent the
blueprint of the enterprise's business
