Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

During an implementation review of a multiuser distributed
application, the IS auditor finds minor weaknesses in three
areas-the initial setting of parameters is improperly
installed, weak passwords are being used and some vital
reports are not being checked properly. While preparing the
audit report, the IS auditor should:

A. record the observations separately with the impact of
each of them marked against each respective finding.

B. advise the manager of probable risks without recording
the observations, as the control weaknesses are minor ones.

C. record the observations and the risk arising from the
collective weaknesses.

D. apprise the departmental heads concerned with each
observation and properly document it in the report.

Question Posted / guest


During an implementation review of a multiuser distributed application, the IS auditor finds minor ..

Answer / guest

Answer: C

The weaknesses individually are minor, however together they
have the potential to substantially weaken the overall
control structure. Choices A and D reflect a failure on the
part of the IS auditor to recognize the combined affect of
the control weakness. Advising the local manager without
reporting the facts and observations would conceal the
findings from other stakeholders.

Is This Answer Correct ?    4 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

The secure socket layer (SSL) protocol addresses the confidentiality of a message through: A. symmetric encryption. B. message authentication code. C. hash function. D. digital signature certificates.

2 Answers  

An IS auditor is performing an audit of a network operating system. Which of the following is a user feature the IS auditor should review? A. Availability of online network documentation B. Support of terminal access to remote hosts C. Handling file transfer between hosts and inter-user communications D. Performance management, audit and control

1 Answers  

The role of IT auditor in complying with the Management Assessment of Internal Controls (Section 404 of the Sarbanes-Oxley Act) is: A. planning internal controls B. documenting internal controls C. designing internal controls D. implementing internal controls

1 Answers  

Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.

1 Answers  

To check the performance of flow and error control, an IS auditor should focus the use of a protocol analyzer on which of the following layers? A. Network B. Transport C. Data link D. Application

2 Answers  

Which of the following audit techniques would an IS auditor place the MOST reliance on when determining whether an employee practices good preventive and detective security measures? A. Observation B. Detail testing C. Compliance testing D. Risk assessment

1 Answers  

When logging on to an online system, which of the following processes would the system perform FIRST? A. Initiation B. Verification C. Authorization D. Authentication

1 Answers  

Which of the following is the MOST critical element of an effective disaster recovery plan (DRP)? A. Offsite storage of backup data B. Up-to-date list of key disaster recovery contacts C. Availability of a replacement data center D. Clearly defined recovery time objective (RTO)

1 Answers  

An IS auditor should be involved in: A. observing tests of the disaster recovery plan. B. developing the disaster recovery plan. C. maintaining the disaster recovery plan. D. reviewing the disaster recovery requirements of supplier contracts.

1 Answers  

A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it: A. can identify high-risk areas that might need a detailed review later. B. allows IS auditors to independently assess risk. C. can be used as a replacement for traditional audits. D. allows management to relinquish responsibility for control.

1 Answers  

In an EDI process, the device which transmits and receives electronic documents is the: A. communications handler. B. EDI translator. C. application interface. D. EDI interface.

1 Answers  

An IS auditor who is participating in a systems development project should: A. recommend appropriate control mechanisms regardless of cost. B. obtain and read project team meeting minutes to determine the status of the project. C. ensure that adequate and complete documentation exists for all project phases. D. not worry about his/her own ability to meet target dates since work will progress regardless.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)