1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

The extent to which data will be collected during an IS
audit should be determined, based on the:

A. availability of critical and required information.

B. auditor's familiarity with the circumstances.

C. auditee's ability to find relevant evidence.

D. purpose and scope of the audit being done.

Question Posted / guest

Answers were Sorted based on User's Feedback



The extent to which data will be collected during an IS audit should be determined, based on the: ..

Answer / guest

Answer: D

The extent to which data will be collected during an IS
audit should be related directly to the scope and purpose of
the audit. An audit with a narrow purpose and scope would
result most likely in less data collection, than an audit
with a wider purpose and scope. The scope of an IS audit
should not be constrained by the ease of obtaining the
information or by the auditor's familiarity with the area
being audited. Collecting all the required evidence is a
required element of an IS audit and the scope of the audit
should not be limited by the auditee's ability to find
relevant evidence.

Is This Answer Correct ?    5 Yes 0 No

The extent to which data will be collected during an IS audit should be determined, based on the: ..

Answer / antoine

D. purpose and scope of the audit being done.

Is This Answer Correct ?    1 Yes 0 No

The extent to which data will be collected during an IS audit should be determined, based on the: ..

Answer / an

D. purpose and scope of the audit being done.

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.

3 Answers  

Which of the following is LEAST likely to be contained in a digital certificate for the purposes of verification by a trusted third party (TTP)/certification authority (CA)? A. Name of the TTP/CA B. Public key of the sender C. Name of the public key holder D. Time period for which the key is valid

1 Answers  

Which of the following is MOST directly affected by network performance monitoring tools? A. Integrity B. Availability C. Completeness D. Confidentiality

2 Answers  

Which of the following is the MOST likely reason why e-mail systems have become a useful source of evidence for litigation? A. Multiple cycles of backup files remain available. B. Access controls establish accountability for e-mail activity. C. Data classification regulates what information should be communicated via e-mail. D. Within the enterprise, a clear policy for using e-mail ensures that evidence is available.

1 Answers  

If the decision has been made to acquire software rather than develop it internally, this decision is normally made during the: A. requirements definition phase of the project. B. feasibility study phase of the project. C. detailed design phase of the project. D. programming phase of the project.

1 Answers  




Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.

1 Answers  

Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner

1 Answers  

Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks? A. Spool B. Cluster controller C. Protocol converter D. Front end processor

1 Answers  

Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.

1 Answers  

Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)

1 Answers  

As a business process reengineering (BPR) project takes hold it is expected that: A. business priorities will remain stable. B. information technologies will not change. C. the process will improve product, service and profitability. D. input from clients and customers will no longer be necessary.

3 Answers  

In planning an audit, the MOST critical step is the identification of the:

6 Answers   Oracle,

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)