While planning an audit, an assessment of risk should be
made to provide:
A. reasonable assurance that the audit will cover material
items.
B. definite assurance that material items will be covered
during the audit work.
C. reasonable assurance that all items will be covered by
the audit.
D. sufficient assurance that all items will be covered
during the audit work.
- 1 Answers
- 8136 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
"The IS auditing guideline on planning the IS audit states, "
As assessment of risk should be made to provide reasonable
assurance that material items will be adequately covered
during the audit work. This assessment should identify areas
with relatively high risk of existence of material problems."
Definite assurance that material items will be covered
during the audit work is an impractical proposition.
Reasonable assurance that all items will be covered during
the audit work is not the correct answer as material items
need to be covered, not all items."
| Is This Answer Correct ? | 8 Yes | 0 No |
Which of the following would BEST provide assurance of the integrity of new staff? A) Background screening B)References C) Bonding D)Qualifications listed on resume
Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks? A. Spool B. Cluster controller C. Protocol converter D. Front end processor
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
A company disposing of personal computers that once were used to store confidential data should first: A. demagnetize the hard disk. B. low-level format the hard disk. C. delete all data contained on the hard disk. D. defragment the data contained on the hard disk.
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Digital signatures require the: A. signer to have a public key and the receiver to have a private key. B. signer to have a private key and the receiver to have a public key. C. signer and receiver to have a public key. D. signer and receiver to have a private key.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
Which of the following components of a business continuity plan is PRIMARILY the responsibility of an organization?s IS department? A. Developing the business continuity plan B. Selecting and approving the strategy for business continuity plan C. Declaring a disaster D. Restoring the IS systems and data after a disaster
Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop is: A. last mile circuit protection. B. long haul network diversity. C. diverse routing. D. alternative routing.
Cisco Certifications 
