[Vivid] CISA Isaca sample question 1-10 (Jun 2016)

Proper study guides for Regenerate Isaca Isaca CISA certified begins with Isaca CISA preparation products which designed to deliver the High quality CISA questions by making you pass the CISA test at your first time. Try the free CISA demo right now.

2016 Jun CISA Study Guide Questions:

Q1. – (Topic 4) 

While evaluating software development practices in an organization, an IS auditor notes that the quality assurance (QA) function reports to project management. The MOST important concern for an IS auditor is the: 

A. effectiveness of the QA function because it should interact between project management and user management 

B. efficiency of the QA function because it should interact with the project implementation team. 

C. effectiveness of the project manager because the project manager should interact with the QA function. 

D. efficiency of the project manager because the QA function will need to communicate with the project implementation team. 

Answer: A 

Explanation: 

To be effective the quality assurance (QA) function should be independent of project management. The QA function should never interact with the project implementation team since this can impact effectiveness. The project manager does not interact with the QA function, which should not impact the effectiveness of the project manager. The QA function does not interact with the project implementation team, which should not impact the efficiency of the project manager. 

Q2. – (Topic 1) 

________________ (fill in the blank) is/are are ultimately accountable for the functionality, reliability, and security within IT governance. Choose the BEST answer. 

A. Data custodians 

B. The board of directors and executive officers 

C. IT security administration 

D. Business unit managers 

Answer: B 

Explanation: The board of directors and executive officers are ultimately accountable for the functionality, reliability, and security within IT governance. 

Q3. – (Topic 4) 

An IS auditor has been asked to participate in project initiation meetings for a critical project. The IS auditor's MAIN concern should be that the: 

A. complexity and risks associated with the project have been analyzed. 

B. resources needed throughout the project have been determined. 

C. project deliverables have been identified. 

D. a contract for external parties involved in the project has been completed. 

Answer: A 

Explanation: 

Understanding complexity and risk, and actively managing these throughout a project are critical to a successful outcome. The other choices, while important during the course of the project, cannot be fully determined at the time the project is initiated, and are often contingent upon the risk and complexity of the project. 

CISA  study guide

Up to the minute CISA exam question:

Q4. – (Topic 2) 

In the course of performing a risk analysis, an IS auditor has identified threats and 

potential impacts. Next, the IS auditor should: 

A. identify and assess the risk assessment process used by management. 

B. identify information assets and the underlying systems. 

C. disclose the threats and impacts to management. 

D. identify and evaluate the existing controls. 

Answer: D 

Explanation: 

It is important for an IS auditor to identify and evaluate the existing controls and security once the potential threats and possible impacts are identified. Upon completion of an audit an IS auditor should describe and discuss with management the threats and potential impacts on the assets. 

Q5. – (Topic 2) 

An IS auditor reviews an organizational chart PRIMARILY for: 

A. an understanding of workflows. 

B. investigating various communication channels. 

C. understanding the responsibilities and authority of individuals. 

D. investigating the network connected to different employees. 

Answer: C 

Explanation: 

An organizational chart provides information about the responsibilities and authority of individuals in the organization. This helps an IS auditor to know if there is a proper segregation of functions. A workflow chart would provide information aboutthe roles of different employees. A network diagram will provide information about the usage of various communication channels and will indicate the connection of users to the network. 

Q6. – (Topic 1) 

What is an effective countermeasure for the vulnerability of data entry operators potentially leaving their computers without logging off? Choose the BEST answer. 

A. Employee security awareness training 

B. Administrator alerts 

C. Screensaver passwords 

D. Close supervision 

Answer: C 

Explanation: Screensaver passwords are an effective control to implement as a countermeasure for the vulnerability of data entry operators potentially leaving their computers without logging off. 

CISA  study guide

Accurate CISA free demo:

Q7. – (Topic 1) 

Which of the following are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem? Choose the BEST answer. 

A. Expert systems 

B. Neural networks 

C. Integrated synchronized systems 

D. Multitasking applications 

Answer: B 

Explanation: Neural networks are effective in detecting fraud because they have the capability to consider a large number of variables when trying to resolve a problem. 

Q8. – (Topic 1) 

When participating in a systems-development project, an IS auditor should focus on system controls rather than ensuring that adequate and complete documentation exists for all projects. True or false? 

A. True 

B. False 

Answer: B 

Explanation: When participating in a systems-development project, an IS auditor should also strive to ensure that adequate and complete documentation exists for all projects. 

Q9. – (Topic 4) 

The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure: 

A. integrity. 

B. authenticity. 

C. authorization. 

D. nonrepudiation. 

Answer: A 

Explanation: 

A checksum calculated on an amount field and included in the EDI communication can be used to identify unauthorized modifications. Authenticity and authorization cannot be established by a checksum alone and need other controls. Nonrepudiation can beensured by using digital signatures. 

Q10. – (Topic 2) 

While planning an audit, an assessment of risk should be made to provide: 

A. reasonable assurance that the audit will cover material items. 

B. definite assurance that material items will be covered during the audit work. 

C. reasonable assurance that all items will be covered by the audit. 

D. sufficient assurance that all items will be covered during the audit work. 

Answer: A 

Explanation: 

The ISACA IS Auditing Guideline G15 on planning the IS audit states, 'An assessment of risk should be made to provide reasonable assurance that material items will be adequately covered during the audit work. This assessment should identify areas with a relatively high risk of the existence of material problems.' Definite assurance that material items will be covered during the audit work is an impractical proposition. Reasonable assurance that all items will be covered during the audit work is not the correct answer, as material items need to be covered, not all items. 

About CISA Information: CISA Dumps

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.