Other Areas (other 25%)

Question 1

Users delegated to run the internal audit department to make decisions regarding the audit process

Answer 1

Audit Administrators

Question 2

Users with the responsibility to plan, conduct, and manage audit engagements

Answer 2

Audit Managers

Question 3

Those users that conduct Control Tests and other tasks on behalf of an audit engagement

Answer 3

Internal Auditors

Question 4

Four types of child tasks of an Engagement

Answer 4

Walkthrough
Control Test
Interview
Activity

Question 5

Can an Audit activity generate tasks?

Answer 5

Yes

Question 6

Performs a Design and/or operation test to determine overall effectiveness of a control

Answer 6

Control Test

Question 7

Data gathering task often used by auditors to learn a process or find and corroborate audit evidence

Answer 7

Interview

Question 8

Establishes the reliability of an organization’s internal control over a procedure or process.

Answer 8

Walkthrough

Question 9

A generic task to track other activities that occur during Engagements

Answer 9

Activity

Question 10

Subtask of an audit task

Answer 10

Activity

Question 11

Three interview types

Answer 11

Structured
Unstructured
Mixed

Question 12

Application used to track audit

Answer 12

Audit Engagement Workbench

Question 13

Generic audit test that applies to Control Objectives

Answer 13

Test Template

Question 14

Specific audit test that applies to a control

Answer 14

Test Plan

Question 15

Engagement Lifecycle

Answer 15

Scope
Validate
Fieldwork
Awaiting Approval
Follow-up
Closed

Question 16

A __________ is a specific audit test of the design and operating effectiveness of a single control

Answer 16

Test Plan

Test plans are used to generate Control Tests during engagements

Question 17

Control test lifecycle

Answer 17

Open
Work in Progress
Review
Close

Question 18

What is true about Control Effectiveness

Answer 18

Both Design Effectiveness and Operation Effectiveness must be effective for Control Effectiveness to be marked Effective

Question 19

Map authoritative sources to policies, controls, and risks

Answer 19

P&C

Question 20

Automate and manage policy lifecycles

Answer 20

P&C

Question 21

Continuously monitor for compliance

Answer 21

P&C

Question 22

Internal goals and objectives

Answer 22

P&C

Question 23

external legislation and regulations

Answer 23

P&C

Question 24

establish controls and control owners

Answer 24

P&C

Question 25

Prepare attestations and indicators

Answer 25

P&C

Question 26

Continuously monitor risk exposure

Answer 26

Risk Management & Advanced Risk

Question 27

prioritize critical risks

Answer 27

Risk Management & Advanced Risk

Question 28

reduce mediation time

Answer 28

Risk Management & Advanced Risk

Question 29

develop risk assessments and response procedures

Answer 29

Risk Management & Advanced Risk

Question 30

measure risk exposure and improvements

Answer 30

Risk Management & Advanced Risk

Question 31

Page 16 for frameworks

Answer 31

Page 16 for frameworks

Question 32

GRC: Profiles (Terms)

Answer 32

Entity
Indicator
Issue

Question 33

Alternative Names: Control Objective

Answer 33

Control

Control Template

Question 34

Alternative Names: Entity

Answer 34

Scope Definition
Scope Object
Target
Profile

Question 35

Alternative Names: Entity Type

Answer 35

Entity Group

Question 36

Alternative Names: Control

Answer 36

Control Instance

Question 37

Alternative Names: Risk Statement

Answer 37

Risk Template

Question 38

Alternative Names: Issue

Answer 38

Finding

Question 39

Page 23 - Application Menus and Modules

Answer 39

Application Menus and Modules

Question 40

Page 24 - Store Apps and Plugins

Answer 40

Store Apps and Plugins

Question 41

What’s included with SOX content pack

Answer 41

SOX Policies
Pre-defined entities and entity types
COs and Risk Statements
Controls & Risks
Test Templates and Test Plans
SOX Audit and Audit Tasks
Indicators
SOX Control Attestation Templates
Reports & dashboards