Domain 1 Practice Questions

Question 1

Which of the following outlines the overall authority to perform an IS audit?

Answer 1

the approved audit charter

Question 2

In performing a risk-based audit, which risk assessment is completed FIRST by an IS auditor?

Answer 2

inherent risk assessment

Question 3

Which of the following would an IS auditor MOST likely focus on when developing a risk-based audit program?

Answer 3

business processes

Question 4

Which of the following types of audit risk assumes an absence of compensating controls in the area being reviewed?

Answer 4

inherent risk

Question 5

An IS auditor performing a review of an application’s controls finds a weakness in system software that could materially impact the application. In this situation, an IS auditor should:

Answer 5

review the system software controls as relevant and recommend a detailed system software review

Question 6

Which of the following is the MOST important reason why an audit planning process should be reviewed at periodic intervals?

Answer 6

to consider changes to the risk environment

Question 7

Which of the following is MOST effective for implementing a control self-assessment within small business units?

Answer 7

facilitated workshops

Question 8

Which of the following would an IS auditor perform FIRST when planning an IS audit?

Answer 8

gain an understanding of the business’s objectives and purpose

Question 9

The approach an IS auditor should use to plan IS audit coverage should be based on:

Answer 9

risk

Question 10

An organization performs a daily backup of critical data and software files and stores the backup tapes at an offsite location. The backup tapes are used to restore the files in case of a disruption. This is an example of a:

Answer 10

corrective control