ISACA Review Flashcards

1
Q

An audit charter should:

A

B. clearly state audit objectives for, and the delegation of, authority to the maintenance and review of internal controls.

CORRECT ANSWER: D. outline the overall authority, scope and responsibilities of the audit function.

EXPLANATION: An audit charter will state the authority and reporting requirements for the audit but not the details of maintenance of internal controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An IS auditor finds a small number of user access requests that had not been authorized by managers through the normal predefined workflow steps and escalation rules. The IS auditor should:

A

A. perform an additional analysis.

EXPLANATION: The IS auditor needs to perform substantive testing and additional analysis to determine why the approval and workflow processes are not working as intended. Before making any recommendation, the IS auditor should gain a good understanding of the scope of the problem and what factors caused this incident. The IS auditor should identify whether the issue was caused by managers not following procedures, by a problem with the workflow of the automated system or a combination of the two.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly