Before reporting results of an audit to senior management,
an IS auditor should:
A. Confirm the findings with auditees.
B. Prepare an executive summary and send it to auditee
management.
C. Define recommendations and present the findings to the
audit committee.
D. Obtain agreement from the auditee on findings and actions
to be taken.
- 1 Answers
- 4776 Views
- TPA, I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Upon completion of an audit, an IS auditor should discuss
with auditees the audit objectives for work performed, the
test and evaluation techniques used, and the outcome of
those tests that led to findings. The auditor should also
obtain the agreement/disagreement of the auditee regarding
the findings and the actions the auditor plans to take.
| Is This Answer Correct ? | 5 Yes | 0 No |
hello all i want to do cisa certification but dont have knowledge of auditing. i m fresher and ccna certified. so, please advice me how should i prepare .and having cisa certification is it easy to get a job. please reply as soon as possible.
An IS auditor is reviewing a project that is using an agile software development approach. Which of the following should the IS auditor expect to find? A. Use of a capability maturity model (CMM) B. Regular monitoring of task-level progress against schedule C. Extensive use of software development tools to maximize team productivity D. Postiteration reviews that identify lessons learned for future use in the project
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
The PRIMARY purpose of undertaking a parallel run of a new system is to: A. verify that the system provides required business functionality. B. validate the operation of the new system against its predecessor. C. resolve any errors in the program and file interfaces. D. verify that the system can process the production load.
During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be PRIMARILY concerned about: A. the soundness of the impact analysis. B. hardware and software compatibility. C. differences in IS policies and procedures. D. frequency of system testing.
An IS auditor auditing hardware monitoring procedures should review A. system availability reports. B. cost-benefit reports. C. response time reports. D. database utilization reports.
With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
Which of the following is an implementation risk within the process of decision support systems? A. Management control B. Semistructured dimensions C. Inability to specify purpose and usage patterns D. Changes in decision processes
A B-to-C e-commerce web site as part of its information security program wants to monitor, detect and prevent hacking activities and alert the system administrator when suspicious activities occur. Which of the following infrastructure components could be used for this purpose? A. Intrusion detection systems B. Firewalls C. Routers D. Asymmetric encryption
While planning an audit, an assessment of risk should be made to provide: A. reasonable assurance that the audit will cover material items. B. definite assurance that material items will be covered during the audit work. C. reasonable assurance that all items will be covered by the audit. D. sufficient assurance that all items will be covered during the audit work.
Which of the following is the MOST reliable sender authentication method? A. Digital signatures B. Asymmetric cryptography C. Digital certificates D. Message authentication code
Cisco Certifications 
