While planning an audit, an assessment of risk should be
made to provide:
A. reasonable assurance that the audit will cover material
items.
B. definite assurance that material items will be covered
during the audit work.
C. reasonable assurance that all items will be covered by
the audit.
D. sufficient assurance that all items will be covered
during the audit work.
- 1 Answers
- 9059 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
"The IS auditing guideline on planning the IS audit states, "
As assessment of risk should be made to provide reasonable
assurance that material items will be adequately covered
during the audit work. This assessment should identify areas
with relatively high risk of existence of material problems."
Definite assurance that material items will be covered
during the audit work is an impractical proposition.
Reasonable assurance that all items will be covered during
the audit work is not the correct answer as material items
need to be covered, not all items."
| Is This Answer Correct ? | 8 Yes | 0 No |
Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
The interface that allows access to lower or higher level network services is called: A. firmware. B. middleware. C. X.25 interface. D. utilities.
Which of the following facilitates program maintenance? A. More cohesive and loosely coupled programs B. Less cohesive and loosely coupled programs C. More cohesive and strongly coupled programs D. Less cohesive and strongly coupled programs
An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely: A. evaluate the record retention plans for off-premises storage. B. interview programmers about the procedures currently being followed. C. compare utilization records to operations schedules. D. review data file access records to test the librarian function.
Which of the following is a function of an IS steering committee? A. Monitoring vendor controlled change control and testing B. Ensuring a separation of duties within the information's processing environment C. Approving and monitoring major projects, the status of IS plans and budgets D. Responsible for liaison between the IS department and the end users
An enterprise has established a steering committee to oversee its e-business program. The steering committee would MOST likely be involved in the: A. documentation of requirements. B. escalation of project issues. C. design of interface controls. D. specification of reports.
Which of the following goals would you expect to find in an organization's strategic plan? A. Test a new accounting package. B. Perform an evaluation of information technology needs. C. Implement a new project planning system within the next 12 months. D. Become the supplier of choice within a given time period for the product offered.
While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project: A. is behind schedule. B. is ahead of schedule. C. is on schedule. D. cannot be evaluated until the activity is completed.
The BEST defense against network eavesdropping is: A. encryption. B. moving the defense perimeter outward. C. reducing the amplitude of the communication signal. D. masking the signal with noise.
Which of the following forms of evidence for the auditor would be considered the MOST reliable? A. An oral statement from the auditee B. The results of a test performed by an IS auditor C. An internally generated computer accounting report D. A confirmation letter received from an outside source
The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.
Cisco Certifications 
