Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISA 1.0 - ISACA > 1.4 : Control & Self Assessment (Doshi) > Flashcards

1.4 : Control & Self Assessment (Doshi) Flashcards

1
Q

What is a Control Self-Assessment (CSA)?

·

A

A technique that allows managers and work teams directly involved in business units, functions or processes to participate in assessing the organization’s risk management and control processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is important for teams to do during a CSA?

A

Team understands the business process, define the controls and generate an assessment of how well the controls are working

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the (3) objectives of a CSA?

A

(1) To leverage the internal audit function by shifting some of the control monitoring responsibilities to the functional areas.
(2) To concentrate on areas of high risk.
(3) To enhance audit responsibilities (not replacement)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the benefits of a CSA?

A

1- Early detection of Risk
2-More effective and improved internal controls
3- Assurance provided to stakeholders and customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the disadvantages of a CSA?

A

It could be mistaken as an audit function replacement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the purpose of CSA?

A

(1) Enhance the audit responsibilities (and not audit replacement)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name the PRIMARY success factor of a CSA?

A

Involvement of line management in control monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the traditional approach to assessment?

A

Primary responsibility on analyzing and reporting on internal control and risk is assigned with the auditors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the CSA approach?

A

Staff at all level are responsible for primary controls and risk analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An IS auditor is evaluating control self-assessment program in an organization. What is MAIN objective for implementing control self-assessment (CSA) program?

A. To replace audit responsibilities
B. To enhance employee’s capabilities
C. To comply with regulatory requirements
D. To concentrates on high risk area

A

D. To concentrates on high risk area

Explanation: In any given scenario, objective of control self assessment is to concentrate on areas of
high risk. CSA involves education of line management in control responsibility and monitoring and concentration by all on areas of high risk. The objectives of CSA programs include the enhancement of audit responsibilities, not replacement of audit responsibilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

An IS Auditor has been asked by the management to support its CSA program. The role of an IS auditor in a control self-assessment (CSA) should be that of:

A. program incharge
B. program manager
C.program partner
D. program facilitator

A

D. program facilitator

Role of IS auditor is to facilitate the control self assessment program. During a CSA workshop, they should lead and guide the clients in assessing their risks and relevant controls. Choices A, B and C should not be roles of the IS auditor. These roles are to be assumed by the client staff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

For successful control self-assessment (CSA) program, it is essential to:

A. design stringent control policy
B. have auditors take responsibility for control monitoring
C. have line managers take responsibility for control monitoring
D. implement stringent control policy

A

C. have line managers take responsibility for control monitoring

One of the success factors for effective CSA program is involvement of line management in control monitoring. The success of a control self-assessment (CSA) program depends on the degree to which line managers assume responsibility for controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An IS auditor has been asked to participate in implementation of control self-assessment program. The auditor should participate PRIMARILY as a:

A. Team leader
B. The auditor should not participate as it would create a potential conflict of interest.
C. Facilitator
D. Project Controller

A

C. Facilitator

The traditional role of an IS auditor in a control self-assessment (CSA) should be that of a facilitator.
During a CSA workshop, auditor should guide the clients in assessing their risks and relevant controls. Choices A, B and D should not be roles of the IS auditor. These roles are to be assumed by the client staff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An IS auditor has been asked to facilitate a control self-assessment (CSA) program. Which of the following is an MAIN objective of a CSA program?

A. Replacement of audit responsibilities
B. Enhancement of audit responsibilities
C. To evaluate risk management program
D. To provide audit train

A

B. Enhancement of audit responsibilities

Following are the major objectives of CSA program:
(1) To concentrate on area of high risk
(2) To enhance audit responsibilities
Choice C and D are the means to achieve the CSA objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following the BEST time to perform a control self-assessment involving all concerned parties?

A. post issuance of audit report
B. during preliminary survey
C. during compliance test
D. preparation of the audit report

A

B. during preliminary survey

Control self-assessment (CSA) is a technique that allows managers and work teams directly involved in business units, functions or processes to participate in assessing the organization’s risk management and control processes. Team understand the business process, define the controls and generate an assessment of how well the controls are working. This is best achieved during preliminary survey phase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

MAIN objective of a control self-assessment (CSA) program is to:

A. substitute audit program
B. substitute risk management program
C. support regulatory requirements
D. enhance audit responsibilities

A

D. enhance audit responsibilities

An objective associated with a CSA program is the enhancement of audit responsibilities (not a replacement). Process owner define the controls and generate an assessment of how well the controls are working. This supports the audit objec

17
Q

A PRIMARY advantage of control self-assessment (CSA) techniques is that:

A. it ascertains high-risk areas that might need a detailed review later
B. risk can be assessed independently by IS auditors
C. it replaces audit activities
D. it allows management to delegate responsibility for control

A

A. it ascertains high-risk areas that might need a detailed review later

CSA helps to identify high risk area that need to be reviewed and controlled. Risk need to be assessed jointly with business staff. CSA enhances audit responsibilities (and do not replaces audit activities). Accountability for controls remains with management.

18
Q

IS auditor is facilitating a CSA program. Which of the following is the MOST important requirement for a successful CSA?

A. Ability of auditor to act as a workshop facilitator
B. Simplicity of the CSA program.
C. Frequency of CSA program.
D. Involvement of line managers

A

D. Involvement of line managers

Key to the success of a control self-assessment program is the support and involvement of the management and staff responsible for the process being assessed. All other options are essential for CSA to be successful, however in the absence of active involvement from those responsible, the other choices will not result in a successful CSA.

19
Q

Which of the following is an objective of a control self-assessment (CSA) program?

A. Concentration on areas of high risk
B. Conducting training and workshop
C. To increase risk awareness
D. To replace risk management program.

A

A. Concentration on areas of high risk

In any given scenario, objective of control self assessment is to concentrate on areas of high risk and
to enhance control monitoring by functional staff. The objectives of CSA programs include education for line management in control responsibility and monitoring and concentration by all on areas of high risk.

20
Q

An organization has implemented CSA programme. What is the advantage of CSA over a traditional audit?

A. Early identification of risk
B.Reduction in audit workload
C.Increase in cost of control
B.Reduction in audit resources

A

A. Early identification of risk

Control self-assessment (CSA) is a technique that allows managers and work teams directly involved in business units, functions or processes to participate in assessing the organization’s risk management and control processes. Team understand the business process, define the controls and generate an assessment of how well the controls are working. This helps in early identification of risks.

21
Q

What is the auditor’s role in CSA?

A

the facilitator

22
Q

In any given scenario, objective of control self assessment is to

A

concentrate on areas of high risk and to enhance control monitoring by functional staff.

23
Q

In any given scenario, role of an IS auditor in a control self-assessment (CSA) should be that

A

of facilitator.

24
Q

In any given scenario, most important success factor for CSA is

A

involvement of line management.

25
Q

In any given scenario, purpose of CSA is to

A

enhance the audit responsibilities (and not audit replacement).

CISA 1.0 - ISACA (51 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions