Domain 1: The Process of Auditing Information Systems - PART 1 B

Question 1

After identifying the findings, the IS auditor should FIRST:

Answer 1

gain agreement on the findings.

Question 2

After initial investigation, an IS auditor has reasons to believe that fraud may be present. The IS auditor should:

Answer 2

expand activities to determine whether an investigation is warranted.

Question 3

After reviewing the disaster recovery planning process of an organization, an IS auditor requests a meeting with organization management to discuss the findings. Which of the following BEST describes the main goal of this meeting?

Answer 3

Confirming factual accuracy of the findings

Question 4

An auditee disagrees with an audit finding. Which of the following is the BEST course of action for the IT auditor to take?

Answer 4

Discuss the finding with the IT auditor’s manager.

Question 5

The BEST method of confirming the accuracy of a system tax calculation is by:

Answer 5

preparing simulated transactions for processing and comparing the results to predetermined results.

Question 6

Corrective action has been taken by an auditee immediately after the identification of a reportable finding. The auditor should:

Answer 6

include the finding in the final report, because the IS auditor is responsible for an accurate report of all findings.

Question 7

The decisions and actions of an IS auditor are MOST likely to affect which of the following types of risk?

Answer 7

Detection

Question 8

During an audit, the IS auditor notes the application developer also performs quality assurance testing on another application. Which of the following is the MOST important course of action for the auditor?

Answer 8

Report the identified condition.

Question 9

During an IS audit, which is the BEST method for an IS auditor to evaluate the implementation of segregation of duties within an IT department?

Answer 9

Discuss it with the IT managers.

Question 10

During the course of an application software review, an IS auditor identified minor weaknesses in a relevant database environment that is out of scope for the audit. The BEST option is to:

Answer 10

report the weaknesses as observed.

Question 11

The effect of which of the following should have priority in planning the scope and objectives of an IS audit?

Answer 11

Applicable statutory requirements

Question 12

In a risk-based IS audit, where both inherent and control risk have been assessed as high, an IS auditor would MOST likely compensate for this scenario by performing additional:

Answer 12

substantive testing.

Question 13

The internal IS audit team is auditing controls over sales returns and is concerned about fraud. Which of the following sampling methods would BEST assist the IS auditors?

Answer 13

Discovery

Question 14

In the process of evaluating program change controls, an IS auditor would use source code comparison software to:

Answer 14

examine source program changes without information from IS personnel.

Question 15

An IS audit department is considering implementing continuous auditing techniques for a multinational retail enterprise that processes a large volume of transactions per day. A PRIMARY benefit of continuous auditing is that:

Answer 15

fraud can be detected more quickly.

Question 16

An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:
> The existing DRP was compiled two years earlier by a systems analyst in the organization’s IT department using transaction flow projections from the operations department.
> The DRP was presented to the deputy chief executive officer (CEO) for approval and formal issue, but it is still awaiting attention.
> The DRP has never been updated, tested or circulated to key management and staff, although interviews show that each would know what action to take for its area if a disruptive incident occurred.. The IS auditor’s report should recommend that:

Answer 16

a manager coordinates the creation of a new or revised plan within a defined time limit.

Question 17

An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take?

Answer 17

Report the use of the unauthorized software and the need to prevent recurrence.

Question 18

An IS auditor discovers a potential material finding. The BEST course of action is to:

Answer 18

perform additional testing.

Question 19

An IS auditor finds a small number of user access requests that were not authorized by managers through the normal predefined workflow steps and escalation rules. The IS auditor should:

Answer 19

perform an additional analysis.

Question 20

An IS auditor finds that a disaster recovery plan for critical business functions does not cover all systems. Which of the following is the MOST appropriate course of action for the IS auditor?

Answer 20

Alert management and evaluate the impact of not covering all systems.

Question 21

An IS auditor finds that the answers received during an interview with a payroll clerk do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should:

Answer 21

expand the scope to include substantive testing.

Question 22

An IS auditor is carrying out a system configuration review. Which of the following would be the BEST evidence in support of the current system configuration settings?

Answer 22

Standard report with configuration values retrieved from the system by the IS auditor

Question 23

An IS auditor is comparing equipment in production with inventory records. This type of testing is an example of:

Answer 23

substantive testing.

Question 24

An IS auditor is conducting a compliance test to determine whether controls support management policies and procedures. The test will assist the IS auditor to determine:

Answer 24

that the control is operating as designed.

Question 25

An IS auditor is determining the appropriate sample size for testing the existence of program change approvals. Previous audits did not indicate any exceptions, and management has confirmed that no exceptions have been reported for the review period. In this context, the IS auditor can adopt a:

Answer 25

lower confidence coefficient, resulting in a smaller sample size.

Question 26

An IS auditor is planning to evaluate the control design effectiveness related to an automated billing process. Which of the following is the MOST effective approach for the auditor to adopt?

Answer 26

Walk-through

Question 27

An IS auditor is reviewing access to an application to determine whether recently added accounts were appropriately authorized. This is an example of:

Answer 27

compliance testing.

Question 28

An IS auditor is reviewing security controls for a critical web-based system prior to implementation. The results of the penetration test are inconclusive, and the results will not be finalized prior to implementation. Which of the following is the BEST option for the IS auditor?

Answer 28

Publish a report based on the available information, highlighting the potential security weaknesses and the requirement for follow-up audit testing.

Question 29

An IS auditor is testing employee access to a large financial system, and the IS auditor selected a sample from the current employee list provided by the auditee. Which of the following evidence is the MOST reliable to support the testing?

Answer 29

A list of accounts with access levels generated by the system

Question 30

An IS auditor is validating a control that involves a review of system- generated exception reports. Which of the following is the BEST evidence of the effectiveness of the control?

Answer 30

A sample system- generated exception report for the review period, with follow- up action items noted by the reviewer

Question 31

An IS auditor notes daily reconciliation of visitor access card inventory is not aligned with the organization’s procedures. Which of the following is the auditor’s BEST course of action?

Answer 31

Report the lack of daily reconciliations.

Question 32

An IS auditor reviews one day of logs for a remotely managed server and finds one case where logging failed, and the backup restarts cannot be confirmed. What should the IS auditor do?

Answer 32

Expand the sample of logs reviewed.

Question 33

An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when:

Answer 33

the probability of error must be objectively quantified.

Question 34

An IS auditor uses computer- assisted audit techniques (CAATs) to collect and analyze data. Which of the following attributes of evidence is MOST affected by the use of CAATs?

Answer 34

Reliability

Question 35

An IS auditor wants to analyze audit trails on critical servers to discover potential anomalies in user or system behavior. Which of the following is the MOST suitable for performing that task?

Answer 35

Trend/variance detection tools

Question 36

An IS auditor wants to determine the effectiveness of managing user access to a server room. Which of the following is the BEST evidence of effectiveness?

Answer 36

Observation of a logged event

Question 37

An IS auditor wants to determine the number of purchase orders not appropriately approved. Which of the following sampling techniques should an IS auditor use to draw such conclusions?

Answer 37

Attribute

Question 38

An IS auditor who was involved in designing an organization’s business continuity plan (BCP) has been assigned to audit the plan. The IS auditor should:

Answer 38

communicate the possibility of conflict of interest to audit management prior to starting the assignment.

Question 39

The MAIN advantage of an IS auditor directly extracting data from a general ledger systems is:

Answer 39

greater assurance of data validity

Question 40

The MOST appropriate action for an IS auditor to take when shared user accounts are discovered is to:

Answer 40

document the finding and explain the risk of using shared IDs.

Question 41

The PRIMARY advantage of a continuous audit approach is that it:

Answer 41

allows the IS auditor to review and follow up on audit issues in a timely manner.

Question 42

The PRIMARY purpose for meeting with auditees prior to formally closing a review is to:

Answer 42

gain agreement on the findings.

Question 43

A substantive test to verify that tape library inventory records are accurate is:

Answer 43

conducting a physical count of the tape inventory.

Question 44

The vice president of human resources has requested an IS audit to identify payroll overpayments for the previous year. Which would be the BEST audit technique to use in this situation?

Answer 44

Generalized audit software

Question 45

What is the BEST course of action for an IS auditor to take when an outsourced monitoring process for remote access is inadequate and management disagrees because management stated that intrusion detection system (IDS) and firewall controls are in place?

Answer 45

Document the identified finding in the audit report.

Question 46

What is the PRIMARY requirement that a data mining and auditing software tool should meet? The software tool should:

Answer 46

accurately capture data from the organization’s systems without causing excessive performance problems.

Question 47

When preparing an audit report the IS auditor should ensure that the results are supported by:

Answer 47

sufficient and appropriate audit evidence.

Question 48

When selecting audit procedures, an IS auditor should use professional judgment to ensure that:

Answer 48

sufficient evidence will be collected.

Question 49

When testing program change requests for a remote system, an IS auditor finds that the number of changes available for sampling would not provide a reasonable level of assurance. What is the MOST appropriate action for the IS auditor to take?

Answer 49

Develop an alternate testing procedure.

Question 50

Which audit technique provides the BEST evidence of the segregation of duties in an IT department?

Answer 50

Observation and interviews

Question 51

Which of the following audit techniques would BEST help an IS auditor in determining whether there have been unauthorized program changes since the last authorized program update?

Answer 51

Automated code comparison

Question 52

Which of the following BEST describes the objective of an IS auditor discussing the audit findings with the auditee?

Answer 52

Confirm the findings and propose a course of corrective action.

Question 53

Which of the following BEST ensures the effectiveness of controls related to interest calculation for an accounting system?

Answer 53

Re- performance

Question 54

Which of the following forms of evidence would an IS auditor consider the MOST reliable?

Answer 54

The results of a test performed by an external IS auditor

Question 55

Which of the following is a PRIMARY objective of embedding an audit module while developing online application systems?

Answer 55

To collect evidence while transactions are processed

Question 56

Which of the following is MOST effective for monitoring transactions exceeding predetermined thresholds?

Answer 56

Generalized audit software

Question 57

Which of the following is MOST important to ensure before communicating the audit findings to top management during the closing meeting?

Answer 57

Findings are clearly tracked back to evidence.

Question 58

Which of the following is the BEST factor for determining the required extent of data collection during the planning phase of an IS compliance audit?

Answer 58

Purpose, objective and scope of the audit

Question 59

Which of the following is the MOST important skill that an IS auditor should develop to understand the constraints of conducting an audit?

Answer 59

Project management

Question 60

Which of the following sampling methods is MOST useful when testing for compliance?

Answer 60

Attribute sampling

Question 61

Which of the following sampling methods is the MOST appropriate for testing automated invoice authorization controls to ensure that exceptions are not made for specific users?

Answer 61

Stratified random sampling

Question 62

Which of the following sampling methods would be the MOST effective to determine whether purchase orders issued to vendors have been authorized as per the authorization matrix?

Answer 62

Attribute sampling

Question 63

Which of the following should an IS auditor use to detect duplicate invoice records within an invoice master file?

Answer 63

Computer- assisted audit techniques

Question 64

Which of the following should be the FIRST action of an IS auditor during a dispute with a department manager over audit findings?

Answer 64

Revalidate the supporting evidence for the finding.

Question 65

Which of the following will MOST successfully identify overlapping key controls in business application systems?

Answer 65

Replacing manual monitoring with an automated auditing solution

Question 66

Which of the following would be MOST useful for an IS auditor for accessing and analyzing digital data to collect relevant audit evidence from diverse software environments?

Answer 66

Computer- assisted auditing techniques

Question 67

Which of the following would impair the independence of a quality assurance team?

Answer 67

Correcting coding errors during the testing process

Question 68

Which of the following would normally be the MOST reliable evidence for an IS
auditor?

Answer 68

A confirmation letter received from a third party verifying an account balance

Question 69

Which technique would BEST test for the existence of dual control when auditing the wire transfer systems of a bank?

Answer 69

Observation

Question 70

While auditing a third-party IT service provider, an IS auditor discovered that access reviews were not being performed as required by the contract. The IS auditor should:

Answer 70

Report the issue to IT management