Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CISA Doshi - Domain 1 - Auditing > 4 : Control & Self Assessment > Flashcards

4 : Control & Self Assessment Flashcards

1
Q

What is Control Self-Assessment (CSA)?

·

A

A technique that allows managers and work teams directly involved in business units, functions or processes to participate in assessing the organization’s risk management and control processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What teams should do

A

Team understands the business process, define the controls and generate an assessment of how well the controls are working

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Objectives of CSA

A

1- To leverage the internal audit function by shifting some of the control monitoring responsibilities to the functional areas.

2- To concentrate on areas of high risk.

3- To enhance audit responsibilities (not replacement)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Benefits of CSA

A

1- Early detection of Risk
2-More effective and improved internal controls
3- Assurance provided to stakeholders and customers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Disadvantages of CSA

A

It could be mistaken as an audit function replacement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

1-Purpose of CSA

2- Audito’s role in CSA

A

1- Enhance the audit responsibilities (and not audit replacement)
2- Facilitator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Success factor of CSA

A

Involvement of line management in control monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Traditional Approach

A

Primary responsibility on analyzing and reporting on internal control and risk is assigned with the auditors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CSA Approach

A

Staff at all level are responsible for primary controls and risk analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

(1) An IS auditor is evaluating control self-assessment program in an organization. What is MAIN
objective for implementing control self-assessment (CSA) program?

A. To replace audit responsibilities
B. To enhance employee’s capabilities
C. To comply with regulatory requirements
D. To concentrates on high risk area

A

Answer: D. To concentrates on high risk area

Explanation: In any given scenario, objective of control self assessment is to concentrate on areas of
high risk. CSA involves education of line management in control responsibility and monitoring and concentration by all on areas of high risk. The objectives of CSA programs include the enhancement
of audit responsibilities, not replacement of audit responsibilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

(2) An IS Auditor has been asked by the management to support its CSA program. The role of an IS
auditor in a control self-assessment (CSA) should be that of:

A. program incharge
B. program manager
C.program partner
D. program facilitator

A

Answer: D. program facilitator

Explanation:
Role of IS auditor is to facilitate the control self-assessment program. During a CSA workshop, they
should lead and guide the clients in assessing their risks and relevant controls. Choices A, B and C
should not be roles of the IS auditor. These roles are to be assumed by the client staff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

(3) For successful control self-assessment (CSA) program, it is essential to:

A. design stringent control policy
B. have auditors take responsibility for control monitoring
C. have line managers take responsibility for control monitoring
D. implement stringent control policy

A

Answer: C. have line managers take responsibility for control monitoring

Explanation:
One of the success factors for effective CSA program is involvement of line management in control
monitoring. The success of a control self-assessment (CSA) program depends on the degree to
which line managers assume responsibility for controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

(4) An IS auditor has been asked to participate in implementation of control self-assessment
program. The auditor should participate primarily as a:

A. Team leader
B. The auditor should not participate as it would create a potential conflict of interest.
C. Facilitator
D. Project Controller

A

Answer: C. Facilitator

The traditional role of an IS auditor in a control self-assessment (CSA) should be that of a facilitator.
During a CSA workshop, auditor should guide the clients in assessing their risks and relevant
controls. Choices A, B and D should not be roles of the IS auditor. These roles are to be assumed by
the client staff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

(5) An IS auditor has been asked to facilitate a control self-assessment (CSA) program. Which of
the following is an objective of a CSA program?

A. Replacement of audit responsibilities
B. Enhancement of audit responsibilities
C. To evaluate risk management program
D. To provide audit train

A

Answer: B. Enhancement of audit responsibilities

Explanation:
Following are the major objectives of CSA program:
(1) To concentrate on area of high risk
(2) To enhance audit responsibilities
Choice C & D are the means to achieve the CSA objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

(6) Which of the following the BEST time to perform a control self-assessment involving all concerned parties?

A. post issuance of audit report
B. during preliminary survey
C. during compliance test
D. preparation of the audit report

A

Answer: B. during preliminary survey

Explanation:
Control self-assessment (CSA) is a technique that allows managers and work teams directly involved
in business units, functions or processes to participate in assessing the organization’s risk
management and control processes. Team understand the business process, define the controls
and generate an assessment of how well the controls are working. This is best achieved during
preliminary survey phase.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

(7) Main objective of a control self-assessment (CSA) program is to:

A. substitute audit program
B. substitute risk management program
C. support regulatory requirements
D. enhance audit responsibilities

A

Answer: D. enhance audit responsibilities

Explanation:
An objective associated with a CSA program is the enhancement of audit responsibilities (not a
replacement). Process owner define the controls and generate an assessment of how well the
controls are working. This supports the audit objec

17
Q

(8)A PRIMARY advantage of control self-assessment (CSA) techniques is that:

A. it ascertains high-risk areas that might need a detailed review later
B. risk can be assessed independently by IS auditors
C. it replaces audit activities
D. it allows management to delegate responsibility for control

A

Answer: A. it ascertains high-risk areas that might need a detailed review later

Explanation:
CSA helps to identify high risk area that need to be reviewed and controlled. Risk need to be
assessed jointly with business staff. CSA enhances audit responsibilities (and do not replaces audit
activities). Accountability for controls remains with management.

18
Q

(9)IS auditor is facilitating a CSA program. Which of the following is the MOST important requirement for a successful CSA?

A. Ability of auditor to act as a workshop facilitator
B. Simplicity of the CSA program.
C. Frequency of CSA program.
D. Involvement of line managers

A

Answer: D. Involvement of line managers

Explanation:
Key to the success of a control self-assessment program is the support and involvement of the
management and staff responsible for the process being assessed. All other options are essential for
CSA to be successful, however in the absence of active involvement from those responsible, the
other choices will not result in a successful CSA.

19
Q

(10) Which of the following is an objective of a control self-assessment (CSA) program?

A. Concentration on areas of high risk
B. Conducting training and workshop
C. To increase risk awareness
D. To replace risk management program.

A

Answer: A. Concentration on areas of high risk

Explanation:
In any given scenario, objective of control self assessment is to concentrate on areas of high risk and
to enhance control monitoring by functional staff.
The objectives of CSA programs include education for line management in control responsibility
and monitoring and concentration by all on areas of high risk.

20
Q

(11)An organization has implemented CSA programme. What is the advantage of CSA over a traditional audit?

A. Early identification of risk
B.Reduction in audit workload
C.Increase in cost of control
B.Reduction in audit resources

A

Answer: A. Early identification of risk

Explanation:
Control self-assessment (CSA) is a technique that allows managers and work teams directly involved
in business units, functions or processes to participate in assessing the organization’s risk
management and control processes. Team understand the business process, define the controls
and generate an assessment of how well the controls are working. This helps in early identification
of risks.

CISA Doshi - Domain 1 - Auditing (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions