CISA Exam Review: Key Concepts and Definitions, Exams of Business Informatics

A concise review of key concepts for the isaca cisa (certified information systems auditor) exam. It covers essential topics such as audit principles, risk management, internal controls, and various it systems and processes. The material is presented in a definition-based format, making it useful for quick revision and understanding of core audit and assurance concepts. It includes definitions related to audit planning, risk assessment, control frameworks, and specific it systems like edi, email, and electronic banking. This document serves as a valuable resource for individuals preparing for the cisa exam or seeking a refresher on it audit fundamentals.

Typology: Exams

2024/2025

Available from 05/23/2025

locaz-turus-1
locaz-turus-1 🇺🇸

5

(1)

13K documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ISACA CISA Exam Review
Audit correct answer Formal examination of information systems to ensure compliance and
effectiveness.
Assurance correct answer Confirmation of compliance with laws, regulations, and policies.
Information assets correct answer Valuable data and information within an organization.
Control framework correct answer Structure of controls used to manage and mitigate risks.
Evidence correct answer Information used to support audit conclusions.
Audit report correct answer Document presenting weaknesses and recommendations for remediation.
Audit charter correct answer Document outlining the scope and responsibilities of the audit function.
Audit planning correct answer Process of establishing audit strategy and specific procedures.
Audit universe correct answer Comprehensive list of processes considered for audit.
Short-term planning correct answer Consideration of audit issues to be covered within the year.
Long-term planning correct answer Consideration of risk-related issues and changes in IT strategic
direction.
EDI correct answer Electronic Data Interchange - electronic transfer of documents between trading
partners.
VAN correct answer Value-Added Network - proprietary network used for EDI.
pf3
pf4

Partial preview of the text

Download CISA Exam Review: Key Concepts and Definitions and more Exams Business Informatics in PDF only on Docsity!

ISACA CISA Exam Review

Audit correct answer Formal examination of information systems to ensure compliance and effectiveness. Assurance correct answer Confirmation of compliance with laws, regulations, and policies. Information assets correct answer Valuable data and information within an organization. Control framework correct answer Structure of controls used to manage and mitigate risks. Evidence correct answer Information used to support audit conclusions. Audit report correct answer Document presenting weaknesses and recommendations for remediation. Audit charter correct answer Document outlining the scope and responsibilities of the audit function. Audit planning correct answer Process of establishing audit strategy and specific procedures. Audit universe correct answer Comprehensive list of processes considered for audit. Short-term planning correct answer Consideration of audit issues to be covered within the year. Long-term planning correct answer Consideration of risk-related issues and changes in IT strategic direction. EDI correct answer Electronic Data Interchange - electronic transfer of documents between trading partners. VAN correct answer Value-Added Network - proprietary network used for EDI.

EDI risks correct answer Loss of confidentiality, unauthorized access, loss or duplication of transmissions. EDI process controls correct answer Standards, encryption, authentication, and message validation. Email correct answer Process of sending and receiving electronic messages. Mail servers correct answer Hosts that deliver, forward, and store email messages. Clients correct answer Interfaces allowing users to read, compose, and send email messages. Email protocols correct answer SMTP, POP, IMAP, HTTP, MAPI. Point of Sale Systems correct answer Systems used for processing sales transactions. Cardholder data correct answer Sensitive information such as PANs and PINs. Electronic banking correct answer Banking services conducted electronically. EFT correct answer Electronic Funds Transfer - electronic transfer of funds between buyers and sellers. EFT security correct answer Encryption, authentication, and data protection measures. Industrial Control Systems correct answer Systems used to control industrial processes. ICS risks correct answer Blocked information flow, unauthorized changes, inaccurate information, system interference. ICS controls correct answer Access restrictions, physical security, protection against attacks.

Audit process correct answer Planning, fieldwork, documentation, reporting, follow-up. Control Self Assessments correct answer Assessments of controls made by staff and management. Integrated auditing correct answer Combining IT and business control reviews. Quality control correct answer Leadership, ethical requirements, engagement performance, monitoring.