http://www.allinterview.com Top CISA Certification Interview Questions en-us http://www.allinterview.com/showanswers/14608.html Answer: A Line grabbing will enable eavesdropping, thus allowing unauthorized data access. It will not necessarily cause multiplexor dysfunction, excessive CPU usage or lockout of terminal polling. http://www.allinterview.com/showanswers/14991.html Answer: B Run-to-run totals provide the ability to verify data values through the stages of application processing. Run-to-run total verification ensures that data read into the computer was accepted and then applied to the updating process. http://www.allinterview.com/showanswers/14766.html Answer: A "The IS auditing guideline on the use of a risk assessment in audit planning states, " All risk assessment methodologies rely on subjective judgments at some point in the process (e.g., for assigning weightings to the var http://www.allinterview.com/showanswers/56206.html A. Specifications for planned hardware purchases B. Analysis of future business objectives C. Target dates for development projects D. Annual budgetary targets for the IS department http://www.allinterview.com/showanswers/14998.html Answer: D The most effective and necessary control that has to be in place first when a partnering arrangement is used is the contract. The other answers are all good techniques used to minimize/mitigate controls. However, these may not be enf http://www.allinterview.com/showanswers/23114.html D. Top management mediate between the imperatives of business and technology http://www.allinterview.com/showanswers/14996.html Answer: C The change/problem and quality control administrator are two compatible functions that would not compromise control or violate segregation of duties. The other functions listed, if combined, would result in compromising control. http://www.allinterview.com/showanswers/14732.html Answer: C The bottom-up approach to software testing begins with the testing of atomic units, such as programs and modules, and works upwards until a complete system testing has taken place. The advantages of using a bottom-up approach to soft http://www.allinterview.com/showanswers/14984.html Answer: A If before images are used, the last transaction in the dump will not have updated the database prior to the dump being taken. The last transaction will not have updated the database and must be reprocessed. Program checkpoints are ir http://www.allinterview.com/showanswers/14995.html Answer: B Application run manuals should include actions taken on reported errors that are essential for the operator to function properly. Source documents and source code are irrelevant to the operator. Although dataflow diagrams may be usef http://www.allinterview.com/showanswers/14997.html Answer: D In an outsourcing environment, the company is dependent on the performance of the service provider. Therefore it is critical to monitor the outsourcing provider's performance to ensure that it delivers services to the company as http://www.allinterview.com/showanswers/14536.html Answer: C Fiber-optic cables have proven to be more secure than the other media. Satellite transmission and copper wire can be violated with inexpensive equipment. Coaxial cable also can be violated more easily than other transmission media. http://www.allinterview.com/showanswers/14717.html Answer: D "Test date will be representative of live processing however, it is unlikely that all transaction types or error conditions will be tested in this way." http://www.allinterview.com/showanswers/14441.html Answer: D Batch control reconciliations are an example of compensating controls. Other examples of compensating controls are transaction logs, reasonableness tests, independent reviews and audit trails such as console logs, library logs and job http://www.allinterview.com/showanswers/14994.html Answer: B The role of application programming and data entry should not be combined since no compensating controls exist that can mitigate the segregation of duties risk. All other combined pairs of functions are acceptable.