Could You Pass This CISA Certification Test? Trivia Quiz.

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By AdewumiKoju
A
AdewumiKoju
Community Contributor
Quizzes Created: 809 | Total Attempts: 1,195,838
| Attempts: 347
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/10 Questions

    An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:

    • Conclude that the controls are inadequate.
    • Expand the scope to include substantive testing. 
    • Suspend the audit
    • Place greater reliance on previous audits.
Please wait...
About This Quiz

Some of the benefits of being a qualified Certified Information System Auditor is that you can maximise people’s earning potentials. You can also erect a high level of sophistication and discipline, which will help you in the handling of sensitive and classified information with a great of care and secretion. This quiz is aimed at testing your knowledge on CISA auditing.

Could You Pass This CISA Certification Test? Trivia Quiz. - Quiz

Quiz Preview

  • 2. 
    While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the: - ProProfs

    While reviewing sensitive electronic work papers, the IS auditor noticed that they were not encrypted. This could compromise the:

    • Audit trail of the versioning of the work papers.

    • Approval of the audit phases.

    • Access rights to the work papers.

    • Confidentiality of the work papers.

    Correct Answer
    A. Confidentiality of the work papers.
    Explanation
    The fact that the sensitive electronic work papers were not encrypted means that they are vulnerable to unauthorized access. This lack of encryption compromises the confidentiality of the work papers, as anyone who gains access to them can view their contents. Encryption is an essential security measure to protect sensitive information and ensure that only authorized individuals can access it. Therefore, the correct answer is the confidentiality of the work papers.

    Rate this question:

  • 3. 
    The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to: - ProProfs

    The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:

    • Plan substantive testing.

    • Comply with auditing standards.

    • Understand the business process

    • Identify control weakness.

    Correct Answer
    A. Understand the business process
    Explanation
    During the preliminary phase of an audit assignment, an IS auditor performs a functional walkthrough primarily to understand the business process. This involves gaining a comprehensive understanding of how the system and its components operate, the flow of data, and the interdependencies between various processes. By conducting a functional walkthrough, the auditor can identify the key activities, controls, and potential risks associated with the business process, which in turn helps in planning the substantive testing and identifying any control weaknesses that may exist. Complying with auditing standards is important but not the primary reason for conducting a functional walkthrough.

    Rate this question:

  • 4. 
    When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with: - ProProfs

    When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:

    • Analysis.

    • Preservation.

    • Evaluation.

    • Disclosure.

    Correct Answer
    A. Preservation.
    Explanation
    In computer forensic investigations, preservation of evidence is of utmost importance. The IS auditor needs to ensure that the evidence collected is not tampered with, altered, or destroyed in any way. Preservation involves securing and protecting the evidence to maintain its integrity and authenticity. It includes taking proper measures to prevent unauthorized access, maintaining chain of custody, and creating backup copies of the evidence. By prioritizing preservation, the IS auditor can ensure that the evidence remains intact and can be effectively analyzed, evaluated, and disclosed as needed during the investigation process.

    Rate this question:

  • 5. 
    An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise: - ProProfs

    An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a vendor product to address this vulnerability. The IS auditor has failed to exercise:

    • Professional competence

    • Technical competence.

    • Organisational independence.

    • Professional independence.

    Correct Answer
    A. Professional independence.
    Explanation
    The IS auditor has failed to exercise professional independence. Professional independence refers to the ability of the auditor to maintain an unbiased and objective approach in their audit activities. In this scenario, the auditor recommends a specific vendor product to address the firewall protection features, which may indicate a lack of impartiality and independence. The auditor should have provided a more neutral recommendation, such as suggesting multiple vendor options or recommending a thorough evaluation of different products to address the vulnerability.

    Rate this question:

  • 6. 
    The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to: - ProProfs

    The MOST important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to:

    • Comply with regulatory requirements.

    • Provide a basis for drawing reasonable conclusions

    • Ensure complete audit coverage.

    • Perform the audit according to the defined scope

    Correct Answer
    A. Provide a basis for drawing reasonable conclusions
    Explanation
    The most important reason for an IS auditor to obtain sufficient and appropriate audit evidence is to provide a basis for drawing reasonable conclusions. This means that the auditor needs to gather enough evidence that is relevant and reliable in order to support their conclusions about the effectiveness and efficiency of the information systems being audited. Without sufficient and appropriate audit evidence, the auditor's conclusions may be unfounded or inaccurate, which could lead to incorrect assessments of risk and inadequate recommendations for improvement. Therefore, obtaining the right kind and amount of evidence is crucial for ensuring the credibility and validity of the audit process.

    Rate this question:

  • 7. 
    Which one do you like? - ProProfs

    Which one do you like?

    • Include the statement of management in the audit report.

    • Reconfirm with management the usage of the software.

    • Discuss the issue with senior management since reporting this could have a negative impact on the organisation.

    • Identify whether such software is, indeed, being used by the organisation. 

    Correct Answer
    A. Identify whether such software is, indeed, being used by the organisation. 
    Explanation
    The correct answer is "Identify whether such software is, indeed, being used by the organization." This answer is the most appropriate because it directly addresses the question of whether the software is being used by the organization. The other options involve actions such as including a statement in the audit report, reconfirming with management, or discussing the issue with senior management, which may be important steps but do not directly answer the question of whether the software is being used.

    Rate this question:

  • 8. 
    In the process of evaluating program change controls, an IS auditor would use source code comparison software to: - ProProfs

    In the process of evaluating program change controls, an IS auditor would use source code comparison software to:

    • Examine source program changes without information from IS personnel. 

    • Detect a source program change made between acquiring a copy of the source and the comparison run.

    • Confirm that the control copy is the current version of the production program.

    • Ensure that all changes made in the current source copy are detected.

    Correct Answer
    A. Examine source program changes without information from IS personnel. 
    Explanation
    Source code comparison software is used by an IS auditor to examine source program changes without relying on information from IS personnel. This software allows the auditor to compare the current version of the source code with a previous version, highlighting any changes that have been made. By using this software, the auditor can independently verify the accuracy and completeness of the program changes without relying on potentially biased or incomplete information from IS personnel.

    Rate this question:

  • 9. 
    Which of the following is an advantage of an integrated test facility (ITF)? - ProProfs

    Which of the following is an advantage of an integrated test facility (ITF)?

    • It uses actual master files or dummies, and the IS auditor does not have to review the source of the transaction.

    •  Periodic testing does not require separate test processes.

    • It validates application systems and tests the ongoing operation of the system.

    • The need to prepare test data is eliminated.

    Correct Answer
    A.  Periodic testing does not require separate test processes.
    Explanation
    An integrated test facility (ITF) is a testing environment that uses actual master files or dummies, eliminating the need for the IS auditor to review the source of the transaction. This allows for more accurate testing of the application systems and ongoing operation of the system. Additionally, the ITF also eliminates the need to prepare test data, making the testing process more efficient. However, the advantage mentioned in the correct answer is that periodic testing does not require separate test processes, which further enhances the efficiency of the testing process.

    Rate this question:

  • 10. 
    An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely: - ProProfs

    An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely:

    • Review data file access records to test the librarian function.

    • Compare utilization records to operations schedules.

    • Interview programmers about the procedures currently being followed.

    • Evaluate the record retention plans for off-premises storage.

    Correct Answer
    A. Interview programmers about the procedures currently being followed.
    Explanation
    To determine whether access to program documentation is restricted to authorized persons, the IS auditor would most likely interview programmers about the procedures currently being followed. By conducting interviews, the auditor can gather information about the existing processes and controls in place to restrict access to program documentation. This will help the auditor assess whether the procedures are effective in ensuring that only authorized individuals have access to the documentation. Reviewing data file access records, comparing utilization records to operations schedules, and evaluating record retention plans for off-premises storage are not directly related to determining access restrictions to program documentation.

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Jun 22, 2019
    Quiz Created by
    AdewumiKoju
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.