




















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A series of questions related to chapter 3 of the cisa (certified information systems auditor) exam, focusing on the audit process. It covers key areas such as the it assurance framework, change control processes, security controls, risk assessment, service provider audits, project management in auditing, sampling methods, evidence collection, and audit reporting. Each question is followed by a detailed explanation of the correct answer, providing valuable insights for exam preparation and understanding of it audit principles. This material is designed to help students and professionals enhance their knowledge and skills in information systems auditing, ensuring they are well-prepared for the cisa certification and real-world audit scenarios. The questions cover a range of topics, including isaca audit standards, audit planning, and the application of computer-assisted audit techniques (caats).
Typology: Exams
1 / 28
This page cannot be seen from the preview
Don't miss anything!





















GGISACA GGAudit GGStandards GGis GGa GGcondition GGfor GGearning GGand GGretaining GGthe GGCISA GGcertification. B GGis GGincorrect GGbecause GGISACA GGAudit GGStandards GGare GGnot GGoptional GGfor GGCISA GGcertification GGholders. C GGis GGincorrect GGbecause GGISACA GGAudit GGGuidelines GGare GGnot GGmandatory, GGbut GGinstead GGserve GGas GGhelpful GGguidelines GGfor GGthe GGimplementation GGof GGISACA GGAudit GGStandards. D GGis GGincorrect GGbecause GGISACA GGAudit GGStandards GGare GGmandatory GGfor GGall GGaudits. GGThat GGsaid, GGoften GGthere GGare GGadditional GGaudit GGstandards GGfor GGspecific GGtypes GGof GGaudits, GGsuch GGas GGSarbanes-Oxley GG(SOX), GGPCI-DSS, GGSSAE18, GGand GGothers.
Detective GGcontrols GGstop GGunwanted GGevents GGfrom GGoccurring, GGwhile GGpreventive GGcontrols GGonly GGrecord GGthem. GG- GGAnswer: C C. GGThe GGbest GGand GGfirst GGapproach GGto GGunwanted GGevents GGis GGprevention. GGWhere GGprevention GGis GGdifficult GGor GGexpensive, GGdetection GGis GGthe GGnext GGbest GGapproach. A GGis GGincorrect GGbecause GGpreventive GGcontrols GGare GGnot GGnecessarily GGeasier GGto GGjustify GGor GGimplement. B GGis GGincorrect GGbecause GGpreventive GGcontrols GGare GGnot GGnecessarily GGless GGexpensive GGto GGimplement. D GGis GGincorrect GGbecause GGdetective GGcontrols GGdo GGnot GGprevent GGevents.
B GGis GGincorrect GGbecause GGsome GGof GGthe GGtransactions GGare GGnot GGbeing GGrandomly GGselected, GGand GGbecause GG"random GGsampling" GGis GGnot GGthe GGofficial GGterm GGfor GGthis GGtechnique. C GGis GGincorrect GGbecause GGthis GGis GGnot GGan GGexample GGof GGstratified GGsampling. D GGis GGincorrect GGbecause GGsome GGof GGthe GGtransactions GGare GGnot GGbeing GGrandomly GGselected.
C GGis GGincorrect GGbecause GGthe GGauditee GGcould GGbe GGthe GGperson GGresponsible GGfor GGplacing GGthe GGillegal GGcontent GGon GGthe GGstorage GGsystem. GGNotifying GGthis GGperson GGcould GGgive GGthem GGan GGopportunity GGto GGquickly GGremove GGthe GGcontent GGbefore GGlaw GGenforcement GGis GGable GGto GGexamine GGthe GGstorage GGsystem. D GGis GGincorrect GGbecause GGthe GGaudit GGcommittee GGis GGnot GGnecessarily GGthe GGappropriate GGparty GGto GGnotify GGfirst. GGDepending GGupon GGlocal GGlaws GGand GGregulations, GGlaw GGenforcement GGmay GGneed GGto GGbe GGnotified. GGThe GGbest GGcourse GGof GGaction GGis GGfor GGthe GGauditor GGto GGnotify GGhis GGor GGher GGsupervisor, GGwho GGcan GGthen GGassemble GGindividuals GGin GGthe GGaudit GGfirm GGwho GGcan GGdecide GGthe GGappropriate GGcourse GGof GGaction.
B GGis GGincorrect GGbecause GGa GGSOC2 GGaudit GGis GGa GGgeneral-purpose GGaudit GGof GGa GGservice GGprovider, GGbut GGit GGlacks GGfinancially GGspecific GGcontrols. D GGis GGincorrect GGbecause GGan GGSSAE18 GGaudit GGis GGtechnically GGvalid GGonly GGwithin GGthe GGUnited GGStates.
C GGis GGincorrect GGbecause GGnon-random GGsampling GGis GGnot GGa GGsampling GGmethodology. D GGis GGincorrect GGbecause GGstatistical GGsampling GGmight GGnot GGcapture GGenough GGof GGthe GGhigh- GGor GGlow-value GGtransactions GGif GGthere GGare GGtoo GGfew GGof GGthese.
GGbeginning GGof GGthe GGaudit, GGauditors GGwill GGobtain GGevidence GGearlier GGthan GGif GGthey GGwait GGuntil GGtheir GGwalkthrough GGmeetings. B GGis GGincorrect GGbecause GGthis GGis GGnot GGan GGaccepted GGpractice, GGand GGit GGwould GGnot GGsave GGmuch GGtime GGeven GGin GGcircumstances GGwhere GGauditors GGwere GGsure GGthat GGcertain GGexceptions GGwere GGgoing GGto GGoccur. C GGis GGincorrect GGbecause GGit GGmay GGnot GGbe GGfeasible GGto GGincrease GGthe GGsize GGof GGthe GGaudit GGteam. GGBesides, GGthe GGnumber GGof GGauditors GGis GGnot GGalways GGthe GGfactor GGthat GGdetermines GGthe GGduration GGof GGan GGaudit. D GGis GGincorrect GGbecause GGreducing GGaudit GGstatus GGmeetings GGfrom GGweekly GGto GGmonthly GGcould GGhave GGthe GGopposite GGeffect GGand GGincrease GGthe GGtime GGfor GGan GGaudit GGproject GGto GGcomplete, GGbecause GGof GGreduced GGcommunication.
A GGis GGincorrect GGbecause GGthe GGservice GGprovider GGshould GGnot GGneed GGto GGprovide GGthe GGentire GGROC, GGas GGthis GGwould GGprovide GGexcessive GGdetails GGof GGits GGinternal GGoperations. GGThe GGAOC GGcontains GGsufficient GGinformation GGregarding GGthe GGpass GGor GGfail GGstatus GGof GGthe GGaudit GGand GGits GGPCI GGcompliance. C GGis GGincorrect, GGas GGan GGROV GGwas GGnot GGperformed. D GGis GGincorrect GGbecause GGan GGSAQ GGwas GGnot GGcompleted.
C GGis GGincorrect, GGas GGan GGISO-based GGquestionnaire GGmay GGvery GGpossibly GGbe GGsufficient. D GGis GGincorrect GGbecause GGthere GGis GGno GGindication GGthat GGsuggests GGthe GGTPRM GGprocess GGshould GGbe GGoutsourced.
A. GGAn GGauditor GGis GGfree GGto GGcontact GGan GGauditee GGafter GGan GGaudit GGto GGshow GGconcern GGfor GGthe GGauditee GGand GGbe GGsure GGthat GGthe GGauditee GGis GGproceeding GGproperly GGby GGworking GGto GGresolve GGany GGfindings GGidentified GGby GGthe GGauditor. B GGis GGincorrect, GGas GGthe GGauditor GGis GGnot GGacting GGimproperly. C GGis GGincorrect, GGas GGthe GGauditor GGis GGwithin GGhis GGor GGher GGprofessional GGbounds GGto GGcommunicate GGwith GGthe GGauditee GGafter GGthe GGaudit. GGIn GGmany GGcases, GGauditors GGare GGencouraged GGin GGthis GGregard. D GGis GGincorrect GGbecause GGit GGis GGindeed GGhoped GGthat GGthe GGauditor GGis GGnot GG"fishing GGfor GGbusiness" GGby GGfeigning GGinterest GGin GGthe GGauditee's GGwell-being.