Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ag-CISA 3.0 - ISACA > Main Questions > Flashcards

Main Questions Flashcards

1
Q

Above almost all other concerns, what often results in the greatest negative impact on the implementation of new application software?

A. Failing to perform user acceptance testing
B. Lack of user training for the new system
C. Lack of software documentation and run manuals
D. Insufficient unit, module, and systems testing

A

A. Failure to perform user acceptance testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An advantage of a continuous audit approach is that it can improve system security when
used in time-sharing environments that process a large number of transactions. True or false?

A. True
B. False

A

A. True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

After an IS auditor has identified threats and potential impacts, the auditor should:

A. Identify and evaluate the existing controls
B. Conduct a business impact analysis (BIA)
C. Report on existing controls
D. Propose new controls

A

A. Identify and evaluate the exisiting controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

After identifying potential security vulnerabilities, what should be the IS auditor’s next step?

A. To evaluate potential countermeasures and compensatory controls
B. To implement effective countermeasures and compensatory controls
C. To perform a business impact analysis of the threats that would exploit the
vulnerabilities
D. To immediately advise senior management of the findings

A

C. To perform a business impact analysis of the threats that would exploit the vulnerablitiies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Allowing application programmers to directly patch or change code in production programs increases risk of fraud. True or false?

A. True
B. False

A

A. True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Although BCP and DRP are often implemented and tested by middle management and end
users, the ultimate responsibility and accountability for the plans remain with executive management, such as the _______________. (fill-in-the-blank)

A. Security administrator
B. Systems auditor
C. Board of directors
D. Financial auditor

A

C. Board of directors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Any changes in systems assets, such as replacement of hardware, should be immediately recorded within the assets inventory of which of the following? Choose the BEST answer.

A. IT strategic plan
B. Business continuity plan
C. Business impact analysis
D. Incident response plan

A

B. Business continuity plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

As compared to understanding an organization’s IT process from evidence directly collected, how valuable are prior audit reports as evidence?

A. The same value.
B. Greater value.
C. Lesser value.
D. Prior audit reports are not relevant.

A

C. Lesser Value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Atomicity enforces data integrity by ensuring that a transaction is either completed in its entirely or not at all. Atomicity is part of the ACID test reference for transaction processing. True or false?

A. True
B. False

A

A. True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Authentication techniques for sending and receiving data between EDI systems is crucial to prevent which of the following? Choose the BEST answer.

A. Unsynchronized transactions
B. Unauthorized transactions
C. Inaccurate transactions
D. Incomplete transactions

A

B. Unauthorized transactions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ag-CISA 3.0 - ISACA (43 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions