CISA exam

An IT balanced scorecard is the MOST effective means of monitoring:A . governance of enterprise IT.B . control effectiveness.C . return on investment (ROI).D . change management effectiveness.View AnswerAnswer: A Explanation: An IT balanced scorecard is a strategic management tool that aligns IT objectives with business goals and measures the...

An IS auditor is examining a front-end subledger and a main ledger. Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?A . Double-posting of a single journal entryB . Inability to support new business transactionsC . Unauthorized...

An IS auditor is planning an audit of an organization's accounts payable processes. Which of the following controls is MOST important to assess in the audit?A . Segregation of duties between issuing purchase orders and making payments.B . Segregation of duties between receiving invoices and setting authorization limitsC . Management...

An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged. The IS auditor's FIRST action should be to:A . recommend that the...

An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?A . Implement a process to actively monitor postings on social networking sites.B . Adjust budget for network usage...

The PRIMARY advantage of object-oriented technology is enhanced:A . efficiency due to the re-use of elements of logic.B . management of sequential program execution for data access.C . grouping of objects into methods for data access.D . management of a restricted variety of data types for a data object.View AnswerAnswer:...

Which of the following is the BEST way to mitigate the impact of ransomware attacks?A . Invoking the disaster recovery plan (DRP)B . Backing up data frequentlyC . Paying the ransomD . Requiring password changes for administrative accountsView AnswerAnswer: B Explanation: Ransomware is a type of malicious software that encrypts...

During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRSTA . perform a business impact analysis (BIA).B . issue an intermediate report to management.C . evaluate the impact on current disaster recovery capability.D . conduct additional compliance...

An organization has recently acquired and implemented intelligent-agent software for granting loans to customers. During the post-implementation review, which of the following is the MOST important procedure for the IS auditor to perform?A . Review system and error logs to verify transaction accuracy.B . Review input and output control reports...

A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization. Which of the following is MOST effective in detecting such an intrusion?A . Periodically reviewing log filesB . Configuring the router as a firewallC . Using smart cards with one-time...