Interested to Buy Any Domain ? << Click Here >> for more details...
To meet pre-defined criteria, which of the following
continuous audit techniques would BEST identify transactions
to audit?
A. Systems Control Audit Review File and Embedded Audit
Modules (SCARF/EAM)
B. Continuous and Intermittent Simulation (CIS)
C. Integrated Test Facilities (ITF)
D. Audit hooks
- 2 Answers
- 9319 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
Continuous and Intermittent Simulation (CIS) is a moderately
complex set of programs that during a process run of a
transaction, simulates the instruction execution of its
application. As each transaction is entered, the simulator
decides whether the transaction meets certain predetermined
criteria and if so, audits the transaction. If not, the
simulator waits until it encounters the next transaction
that meets the criteria. Audits hooks which are of low
complexity focus on specific conditions instead of detailed
criteria in identifying transactions for review. ITF is
incorrect because its focus is on test versus live data. And
SCARF/EAM focus is on controls versus data.
| Is This Answer Correct ? | 6 Yes | 3 No |
Answer / antoine
B. Continuous and Intermittent Simulation (CIS)
| Is This Answer Correct ? | 4 Yes | 2 No |
The most common reason for the failure of information systems to meet the needs of users is that: A. user needs are constantly changing. B. the growth of user requirements was forecast inaccurately. C. the hardware system limits the number of concurrent users. D. user participation in defining the system's requirements was inadequate.
Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? A. IT planning documents with deliverables and performance results B. Policies and procedures relating to planning, managing, monitoring and reporting on performance C. Prior audit reports D. Reports of IT functional activities
Creation of an electronic signature: A. encrypts the message. B. verifies where the message came from. C. cannot be compromised when using a private key. D. cannot be used with e-mail systems.
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
The initial step in establishing an information security program is the: A. development and implementation of an information security standards manual. B. performance of a comprehensive security control review by the IS auditor. C. adoption of a corporate information security policy statement. D. purchase of security access control software.
In planning an audit, the MOST critical step is the identification of the:
When two or more systems are integrated, input/output controls must be reviewed by the IS auditor in the: A. systems receiving the output of other systems. B. systems sending output to other systems. C. systems sending and receiving data. D. interfaces between the two systems.
The primary purpose of an audit charter is to: A. document the audit process used by the enterprise. B. formally document the audit department's plan of action. C. document a code of professional conduct for the auditor. D. describe the authority and responsibilities of the audit department.
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? A. Maintaining system software parameters B. Ensuring periodic dumps of transaction logs C. Ensuring grandfather-father-son file backups D. Maintaining important data at an off-site location
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
Cisco Certifications 
