Sign Up Login


  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

In a risk-based audit approach, an IS auditor should FIRST
complete :

Question Posted / bbb

Answers were Sorted based on User's Feedback



In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / david

A. inherent risk assessment

Is This Answer Correct ?    15 Yes 2 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / bbb

A. inherent risk assessment.
B. control risk assessment.
C. test of control assessment.
D. substantive test assessment.

Is This Answer Correct ?    12 Yes 1 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / guest

Risk Assessment

Is This Answer Correct ?    4 Yes 2 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / antoine

RISK ASSSESMENT

Is This Answer Correct ?    4 Yes 2 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / guest

risk assessment

Is This Answer Correct ?    1 Yes 0 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / turki

A. inherent risk assessment.
B. control risk assessment.
C. test of control assessment.
D. substantive test assessment.

Is This Answer Correct ?    1 Yes 0 No

In a risk-based audit approach, an IS auditor should FIRST complete :..

Answer / ra

To gain undestanding of the business

Is This Answer Correct ?    0 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

The management of an organization has decided to establish a security awareness program. Which of the following would MOST likely be a part of the program? A. Utilization of an intrusion detection system to report incidents. B. Mandating the use of passwords to access all software. C. Installing an efficient user log system to track the actions of each user D. Provide training on a regular basis to all current and new employees.

1 Answers  

Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical system B. Vital system C. Sensitive system D. Non-critical system

1 Answers  

Which of the following statements relating to packet switching networks is CORRECT? A. Packets for a given message travel the same route. B. Passwords cannot be embedded within the packet. C. Packet lengths are variable and each packet contains the same amount of information. D. The cost charged for transmission is based on packet, not distance or route traveled.

1 Answers   Karura Community Chapel,

Detection risk refers to: A. concluding that material errors do not exist, when in fact they do. B. controls that fail to detect an error. C. controls that detect high-risk errors. D. detecting an error but failing to report it.

1 Answers  

In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.

1 Answers  




An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable? A. Electromagnetic interference (EMI) B. Cross talk C. Dispersion D.Attenuation

2 Answers  

Which of the following imaging technologies captures handwriting from a preprinted form and converts it into an electronic format? A. Magnetic ink character recognition (MICR) B. Intelligent voice recognition (IVR) C. Bar code recognition (BCR) D. Optical character recognition (OCR)

1 Answers  

Which of the following information valuation methods is LEAST likely to be used during a security review? A. Processing cost B. Replacement cost C. Unavailability cost D. Disclosure cost

1 Answers  

IS management has decided to rewrite a legacy customer relations system using fourth-generation languages (4GLs). Which of the following risks is MOST often associated with system development using 4GLs? A. Inadequate screen/report design facilities B. Complex programming language subsets C. Lack of portability across operating systems D. Inability to perform data intensive operations

1 Answers  

Which of the following is a measure of the size of an information system based on the number and complexity of a system?s inputs, outputs and files? A. Function point (FP) B. Program evaluation review technique (PERT) C. Rapid application design (RAD) D. Critical path method (CPM)

2 Answers  

The act that describes a computer intruder capturing a stream of data packets and inserting these packets into the network as if it were another genuine message stream is called: A. eavesdropping. B. message modification. C. a brute-force attack. D. packet replay.

1 Answers  

Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)