| Other CISA Certification Interview Questions |
|| Asked @
|Which of the following is the MOST effective technique for
providing security during data transmission?
A. Communication log
B. Systems software log
D. Standard protocol
|Applying a digital signature to data traveling in a network
A. confidentiality and integrity.
B. security and nonrepudiation.
C. integrity and nonrepudiation.
D. confidentiality and nonrepudiation.
|An IS auditor performing a review of the IS department
discovers that formal project approval procedures do not
exist. In the absence of these procedures the IS manager has
been arbitrarily approving projects that can be completed in
a short duration and referring other more complicated
projects to higher levels of management for approval. The IS
auditor should recommend as a FIRST course of action that:
A. users participate in the review and approval process.
B. formal approval procedures be adopted and documented.
C. projects be referred to appropriate levels of management
D. the IS manager's job description be changed to include
|Which of the following is an object-oriented technology
characteristic that permits an enhanced degree of security
B. Dynamic warehousing
|A vendor/contractor?s performance against service level
agreements must be evaluated by the:
D. contractor?s management.
|According to the Committee of Sponsoring Organizations
(COSO), the internal control framework consists of which of
A. Processes, people, objectives.
B. Profits, products, processes.
C. Costs, revenues, margins.
D. Return on investment, earnings per share, market share.
|Which of the following would an IS auditor consider the MOST
relevant to short-term planning for the IS department?
A. Allocating resources
B. Keeping current with technology advances
C. Conducting control self-assessment
D. Evaluating hardware needs
|The general ledger setup function in an enterprise resource
package (ERP) allows for setting accounting periods. Access
to this function has been permitted to users in finance, the
warehouse and order entry. The MOST likely reason for such
broad access is the:
A. need to change accounting periods on a regular basis..
B. requirement to post entries for a closed accounting period.
C. lack of policies and procedures for the proper
segregation of duties.
D. need to create/modify the chart of accounts and its
|Which of the following is a substantive audit test?
A. Verifying that a management check has been performed
B. Observing that user IDs and passwords are required to
sign on the computer
C. Reviewing reports listing short shipments of goods received
D. Reviewing an aged trial balance of accounts receivable
|An IS auditor involved as a team member in the detailed
system design phase of a system under development would be
MOST concerned with:
A. internal control procedures.
B. user acceptance test schedules.
C. adequacy of the user training program.
D. clerical processes for resubmission of rejected items.
|Which of the following is the MOST fundamental step in
effectively preventing a virus attack?
A. Executing updated antivirus software in the background on
a periodic basis
B. Buying standard antivirus software, which is installed on
all servers and workstations
C. Ensuring that all software is checked for a virus in a
separate PC before being loaded into the production environment
D. Adopting a comprehensive antivirus policy and
communicating it to all users
|An IS auditor performing an application maintenance audit
would review the log of program changes for the:
A. authorization for program changes.
B. creation date of a current object module.
C. number of program changes actually made.
D. creation date of a current source program.
|For more CISA Certification Interview Questions Click Here |