Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

An IS auditor should be involved in:

A. observing tests of the disaster recovery plan.

B. developing the disaster recovery plan.

C. maintaining the disaster recovery plan.

D. reviewing the disaster recovery requirements of supplier
contracts.

Question Posted / guest


An IS auditor should be involved in: A. observing tests of the disaster recovery plan. B. deve..

Answer / guest

Answer: A

The IS auditor should always be present when disaster
recovery plans are tested, to ensure that the test meets the
required targets for restoration and recovery procedures are
effective and efficient, reporting on the results as
appropriate. IS auditors may be involved in overseeing plan
development, but they are unlikely to be involved in the
actual development process. Similarly, an audit of plan
maintenance may be conducted, but the IS auditor would not
normally have any responsibility for the actual maintenance.
An IS auditor may be asked to comment upon various elements
of a supplier contract but, again, this is not always the case.

Is This Answer Correct ?    8 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Antivirus software should be used as a: A. detective control. B. preventive control. C. corrective control. D. compensating control.

1 Answers  

An IS auditor performing a review of an application's controls would evaluate the: A. efficiency of the application in meeting the business processes. B. impact of any exposures discovered. C. business processes served by the application. D. the application's optimization.

1 Answers  

Which of the following independent duties is traditionally performed by the data control group? A. Access to data B. Authorization tables C. Custody of assets D. Reconciliation

1 Answers  

To meet pre-defined criteria, which of the following continuous audit techniques would BEST identify transactions to audit? A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM) B. Continuous and Intermittent Simulation (CIS) C. Integrated Test Facilities (ITF) D. Audit hooks

2 Answers  

Which of the following is an objective of a control self-assessment (CSA) program? A. Concentration on areas of high risk B. Replacement of audit responsibilities C. Completion of control questionnaires D. Collaborative facilitative workshops

1 Answers  

Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network? A. The use of diskless workstations B. Periodic checking of hard drives C. The use of current antivirus software D. Policies that result in instant dismissal if violated

1 Answers  

Which of the following integrity tests examines the accuracy, completeness, consistency and authorization of data? A. Data B. Relational C. Domain D. Referential

1 Answers  

During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.

1 Answers  

The interface that allows access to lower or higher level network services is called: A. firmware. B. middleware. C. X.25 interface. D. utilities.

1 Answers  

Which of the following is a substantive test?

3 Answers  

An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? A. There are a growing number of emergency changes. B. There were instances when some jobs were not completed on time. C. There were instances when some jobs were overridden by computer operators. D. Evidence shows that only scheduled jobs were run.

1 Answers  

An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)