1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

The responsibility, authority and accountability of the IS
audit function is documented appropriately in an audit
charter and MUST be:

A. approved by the highest level of management.

B. approved by audit department management.

C. approved by user department management.

D. changed every year before commencement of IS audits.

Question Posted / guest


The responsibility, authority and accountability of the IS audit function is documented appropriate..

Answer / guest

Answer: A

"The standard on responsibility, authority and
accountability states, "

The responsibility, authority and accountability of the
information systems audit function are to be appropriately
documented in an audit charter or engagement letter."

Choice B and C are incorrect because the audit charter
should be approved by the highest level of management, not
merely by the information systems audit department, or the
user department. The resulting planning methodologies should
be reviewed and approved by senior management and by the
audit committee. Choice D is incorrect because the audit
charter, once established, is not routinely revised and
should be changed only if change can be, and is, throughly
justified."

Is This Answer Correct ?    4 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

During an audit of a telecommunications system the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is: A. encryption. B. callback modems. C. message authentication. D. dedicated leased lines.

2 Answers  

Which of the following describes a difference between unit testing and system testing? A. Unit testing is more comprehensive. B. Programmers are not involved in system testing. C. System testing relates to interfaces between programs. D. System testing proves user requirements are complete.

2 Answers   IBM,

A validation which ensures that input data are matched to predetermined reasonable limits or occurrence rates, is known as: A. Reasonableness check. B. Validity check. C. Existence check. D. Limit check.

2 Answers  

An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning

2 Answers  

The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.

1 Answers  




Which of the following systems-based approaches would a financial processing company employ to monitor spending patterns to identify abnormal patterns and report them? A. A neural network B. Database management software C. Management information systems D. Computer assisted audit techniques

2 Answers  

Which of the following is the MOST critical for the successful implementation and maintenance of a security policy? A. Assimilation of the framework and intent of a written security policy by all appropriate parties B. Management support and approval for the implementation and maintenance of a security policy C. Enforcement of security rules by providing punitive actions for any violation of security rules D. Stringent implementation, monitoring and enforcing of rules by the security officer through access control software

1 Answers  

The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.

1 Answers  

A referential integrity constraint consists of: A. ensuring the integrity of transaction processing. B. ensuring that data are updated through triggers. C. ensuring controlled user updates to database. D. rules for designing tables and queries.

1 Answers  

Birth date and marriage date items were switched while entering data. Which of the following data validation checks could detect this? A. Logical relationship B. Sequence C. Reasonableness D. Validity

1 Answers  

Antivirus software should be used as a: A. detective control. B. preventive control. C. corrective control. D. compensating control.

1 Answers  

Which of the following is a management technique that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality? A. Function point analysis B. Critical path methodology C. Rapid application development D. Program evaluation review technique

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)