| Other CISA Certification Interview Questions |
|| Asked @
|Which audit technique provides the BEST evidence of the
segregation of duties in an IS department?
A. Discussion with management
B. Review of the organization chart
C. Observation and interviews
D. Testing of user access rights
|Which of the following audit procedures would MOST likely be
used in an audit of a systems development project?
A. Develop test transactions
B. Use code comparison utilities
C. Develop audit software programs
D. Review functional requirements documentation
|In regard to moving an application program from the test
environment to the production environment, the BEST control
would be provided by having the:
A. application programmer copy the source program and
compiled object module to the production libraries.
B. as paul says,
C. production control group compile the object module to the
production libraries using the source program in the test
D. production control group copy the source program to the
production libraries and then compile the program.
|Of the following, the MAIN purpose for periodically testing
offsite backup facilities is to:
A. ensure the integrity of the data in the database.
B. eliminate the need to develop detailed contingency plans.
C. ensure the continued compatibility of the contingency
D. ensure that program and system documentation remains current.
|Web and e-mail filtering tools are PRIMARILY valuable to an
organization because they:
A. Safeguard the organizationís image.
B. Maximize employee performance.
C. Protect the organization from viruses and nonbusiness
D. Assist the organization in preventing legal issues.
|The rate of change of technology increases the importance of:
A. outsourcing the IS function.
B. implementing and enforcing good processes.
C. hiring personnel willing to make a career within the
D. meeting user requirements.
|Which of the following audit procedures would an IS auditor
normally perform FIRST when reviewing an organization's
systems development methodology?
A. Determine procedural adequacy.
B. Analyze procedural effectiveness.
C. Evaluate level of compliance with procedures.
D. Compare established standards to observed procedures.
|To develop a successful business continuity plan, end user
involvement is critical during which of the following phases?
A. Business recovery strategy
B. Detailed plan development
C. Business impact analysis
D. Testing and maintenance
|An IS auditor has recently discovered that because of a
shortage of skilled operations personnel, the security
administrator has agreed to work one late-night shift a
month as the senior computer operator. The MOST appropriate
course of action for the IS auditor is to:
A. advise senior management of the risk involved.
B. agree to work with the security officer on these shifts
as a form of preventative control.
C. develop a computer-assisted audit technique to detect
instances of abuses of this arrangement.
D. review the system log for each of the late-night shifts
to determine whether any irregular actions occurred.
|Compensating controls are intended to:
A. reduce the risk of an existing or potential control weakness.
B. predict potential problems before they occur.
C. remedy problems discovered by detective controls.
D. report errors or omissions.
|An IS auditor reviewing the key roles and responsibilities
of the database administrator (DBA) is LEAST likely to
expect the job description of the DBA to include:
A. defining the conceptual schema.
B. defining security and integrity checks.
C. liaising with users in developing data model.
D. mapping data model with the internal schema.
|An IS auditor discovers evidence of fraud perpetrated with a
manager's user id. The manager had written the password,
allocated by the system administrator, inside his/her desk
drawer. The IS auditor should conclude that the:
A. manager's assistant perpetrated the fraud.
B. perpetrator cannot be established beyond doubt.
C. fraud must have been perpetrated by the manager.
D. system administrator perpetrated the fraud.
|For more CISA Certification Interview Questions Click Here |