The corporate office of a company having branches worldwide,
developed a control self-assessment program (CSA) for all
its offices. Which of the following is the MOST important
requirement for a successful CSA?

A. Skills of the workshop facilitator

B. Simplicity of the questionnaire

C. Support from the audit department

D. Involvement of line managers



The corporate office of a company having branches worldwide, developed a control self-assessment pr..

Answer / guest

Answer: D

Key to the success of a control self-assessment program is
the support and involvement of the management and staff
responsible for the process being assessed. All other
options are essential for CSA to be successful, however in
the absence of active involvement from those responsible,
the other choices will not result in a successful CSA.

Is This Answer Correct ?    4 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

A retail company recently installed data warehousing client software at geographically diverse sites. Due to time zone differences between the sites, updates to the warehouse are not synchronized. Which of the following will be affected the MOST? A. Data availability B. Data completeness C. Data redundancy D. Data inaccuracy

1 Answers  


In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications

1 Answers  


An IS auditor auditing hardware monitoring procedures should review A. system availability reports. B. cost-benefit reports. C. response time reports. D. database utilization reports.

1 Answers  


Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.

1 Answers  


Which of the following reports should an IS auditor use to check compliance with a service level agreement (SLA) requirement for uptime? A. Utilization reports B. Hardware error reports C. System logs D. Availability reports

2 Answers  






A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.

2 Answers  


An IS auditor needs to link his/her microcomputer to a mainframe system that uses binary synchronous data communications with block data transmission. However, the IS auditor's microcomputer, as presently configured, is capable of only asynchronous ASCII character data communications. Which of the following must be added to the IS auditor's computer to enable it to communicate with the mainframe system? A. Buffer capacity and parallel port B. Network controller and buffer capacity C. Parallel port and protocol conversion D. Protocol conversion and buffer capability

1 Answers  


Which of the following is a strength of the program evaluation review technique (PERT) over other techniques? PERT: A. considers different scenarios for planning and control projects. B. allows the user to input program and system parameters. C. tests system maintenance processes accurately. D. estimates costs of system projects.

1 Answers  


When reviewing the quality of an IS department's development process, the IS auditor finds that they do not use any formal, documented methodology and standards. The IS auditor's MOST appropriate action would be to: A. complete the audit and report the finding. B. investigate and recommend appropriate formal standards. C. document the informal standards and test for compliance. D. withdraw and recommend a further audit when standards are implemented.

1 Answers  


An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that: A. a backup server be available to run ETCS operations with up-to-date data. B. a backup server be loaded with all the relevant software and data. C. the systems staff of the organization be trained to handle any event. D. source code of the ETCS application be placed in escrow.

1 Answers  


Which of the following is the MOST important function to be performed by IT management within an outsourced environment? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance

4 Answers  


IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.

1 Answers  


Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)