CISA : Certified Information Systems Auditor : Part 37

CISA : Certified Information Systems Auditor : Part 37

1. Following an acquisition, it was decided that legacy applications subject to compliance requirements will continue to be used until they can be phased out. The IS auditor needs to determine where there are control redundancies and where gaps may exist. Which of the following activities would be MOST helpful in making this determination?

   • Control self-assessments 
   • Risk assessment
   • Control testing
   • Control mapping

2. A region where an organization conducts business has announced changes in privacy legislation. Which of the following should an IS auditor do FIRST to prepare for the changes?

   • Perform a gap analysis with current privacy procedures. 
   • Provide suggested updates to the organization’s privacy procedures.
   • Communicate the changes in privacy legislation to the legal department.
   • Design compensating controls to be in compliance with new privacy legislation.

3. Which of the following is the MOST effective way for an IS auditor to identify unauthorized changes to the production state of a critical business application?

   • Run an automated scan of the production environment to detect missing software patches.
   • Compare a list of production system changes with the configuration management database (CMDB).
   • Review recently approved changes to application programming interfaces (API) in the production environment.
   • Review recent updates in the configuration management database (CMDB) for compliance with IT policies.

4. When creating a new risk management program, it is CRITICAL to consider:

   • the risk appetite.
   • compliance measures. 
   • risk mitigation techniques.
   • resource utilization.

5. Which of the following is the BEST way to increase end-user compliance with information security policies?

   • Regular awareness training 
   • Periodic audit and review
   • Use of monitoring software
   • Establishing a whistle-blower policy

6. An audit report that specifies responsibility for the closure of noncompliance issues is BEST enhanced by including:

   • detailed mitigating steps. 
   • a list of audit staff who will oversee remediation.
   • cost estimates for remediation.
   • target dates for remediation.

7. An IS auditor is assigned to review the IS department’s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards. Which of the following should be the auditor’s NEXT action?

   • Finalize the audit and report the finding.
   • Make recommendations to IS management as to appropriate quality standards.
   • Postpone the audit until IS management implements written standards.
   • Document and test compliance with the informal standards.

8. Which function in the purchasing module of an enterprise resource planning (ERP) system ensures payments are not issued for incorrect invoices?

   • Sequential payment numbers
   • Three-way match 
   • Purchasing authority levels
   • Management workflow approval

9. Which of the following is the BEST way for an IT forensics investigator to detect evidence of steganography?

   • Compare file hashes between original and modified image files. 
   • Identify and analyze emergent properties within a file system’s metadata.
   • Recover deleted files from a suspected hard drive utilizing forensics software.
   • Scan computer operating systems using administrative tools.

10. Which of the following controls MOST efficiently ensures that orders transmitted from a sales office to a production warehouse are received accurately and completely?

    • Transaction totals and record counts should be sent and reconciled before transaction processing.
    • Parity checking should be incorporated into all data transmissions. 
    • Data should be sent back to the originating site and compared to what was sent to production.
    • Continuity of numerical sequences for all sales orders should be checked.

11. Which of the following should an IS auditor use when verifying a three-way match has occurred in an enterprise resource planning (ERP) system?

    • Goods delivery notification
    • Purchase requisition
    • Bank confirmation
    • Purchase order

12. Which of the following poses the GREATEST risk to the enforceability of networking policies in a virtualized environment?

    • Transmission of data on public networks
    • Lack of encryption for data at rest
    • Use of a public key infrastructure
    • Lack of visibility into the networks

13. Which of the following is MOST helpful when establishing the authenticity of digital evidence collected from a hard disk?

    • Bit-by-bit image of the hard disk 
    • Hash of the files on the hard disk
    • Chain of custody documentation
    • Confirmation by witnesses

14. Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

    • Network segmentation
    • Software as a Service (SaaS) provider 
    • Dynamic localization
    • Infrastructure as a Service (IaaS) provider

15. The IS department is evaluated monthly on its cost-revenue ratio, user satisfaction rate, and computer downtime. This can BEST be characterized as an application of:

    • control self-assessment (CSA).
    • balanced scorecard. 
    • value chain analysis.
    • risk control framework.

16. What is the BEST way to control updates to the vendor master file in an accounts payable system?

    • Using prenumbered and authorized request forms 
    • Having only one person updating the master file
    • Periodically reviewing the entire vendor master file
    • Comparing updates against authorization

17. During an investigation of transactions in a core banking system, fraudulent transactions are discovered that will require the involvement of law enforcement. Which of the following should be done FIRST?

    • Ensure evidence is preserved.
    • Initiate incident response procedures. 
    • Evaluate the business impact.
    • Notify internal audit management.

18. An organization has outsourced its data processing function to a service provider. Which of the following would BEST determine whether the service provider continues to meet the organization’s objectives?

    • Periodic audits of controls by an independent auditor 
    • Adequacy of the service provider’s insurance
    • Assessment of the personnel training processes of the provider
    • Review of performance against service level agreements (SLAs)

19. Which of the following would BEST facilitate the successful implementation of an IT-related framework?

    • Aligning the framework to industry best practices
    • Involving appropriate business representation within the framework 
    • Establishing committees to support and oversee framework activities
    • Documenting IT-related policies and procedures

20. The MAJOR reason for replacing checks with electronic funds transfer (EFT) systems in the accounts payable area is to:

    • increase organizational credibility.
    • decrease the risk of unauthorized changes to payment transactions.
    • decrease the number of paper-based payment forms.
    • increase the efficiency of the payment process.