Domain 1 Flashcards
Risk that an activity would pose if no controls were in place (Risk BEFORE controls)
Inherent Risk
Role of IS Auditor in CSA process
Facilitator
Is hash totals a preventative or detective control
Detective
Role of IS audit function is established by?
audit charter
An audit charter is approved by
senior management
When is it appropriate for an audit charter to change?
only if it can be thoroughly justified; It is not meant to change
What type of testing requires gathering evidence to evaluate the integrity of data, transaction, or other information?
Substantive Testing
Compliance testing sampling method that is more effective (attribute vs variable)
Attribute sampling
most important success factor for CSA
line management involvement
Risk assessment is (subjective or objective)
subjective
Overarching document that covers the entire scope of activities in an entity
audit charter
focused on a particular audit exercise that is sought to be initiated by an organization
engagement letter
backup procedures are which type of control (preventative or corrective)
corrective
Probability of an event occurring
and
its consequences
Risk
describe the authority and responsibilities of the audit department
audit charter