You've Got This! Now take the CISA exam.

REGISTER TODAY

An audit charter should:

A.be dynamic and change to coincide with the changing
nature of technology and the audit profession.

B.clearly state audit objectives for, and the delegation of,

authority to the maintenance and review of internal
controls.

C.document the audit procedures designed to achieve

the planned audit objectives.

D.outline the overall authority, scope and responsibilities

of the audit function.

1
An audit charter should:
YOUR ANSWER: D. outline the overall authority, scope and
responsibilities of the audit function.
EXPLANATION: An audit charter should state management’s objectives
for and delegation of authority to IS auditors.

An IS auditor finds a small number of user

access requests that had not been authorized by
managers through the normal predefined
workflow steps and escalation rules. The IS
auditor should:
A.perform an additional analysis.

B.report the problem to the audit committee.

C.conduct a security risk assessment.

 D.recommend that the owner of the identity
management (IDM) system fix the workflow issues.

An IS auditor finds a small number of user access requests that

had not been authorized by managers through the normal
predefined workflow steps and escalation rules. The IS auditor
should:
YOUR ANSWER: A. perform an additional analysis.
EXPLANATION: The IS auditor needs to perform substantive testing and
additional analysis to determine why the approval and workflow processes
are not working as intended. Before making any recommendation, the IS
auditor should gain a good understanding of the scope of the problem and
what factors caused this incident. The IS auditor should identify whether
the issue was caused by managers not following procedures, by a problem
with the workflow of the automated system or a combination of the two.
3
An IS auditor observes that an enterprise has outsourced software
development to a third party that is a startup company. To ensure
that the enterprise’s investment in software is protected, which
of the following should be recommended by the IS auditor?
YOUR ANSWER: C. There should be a source code escrow
agreement in place.
EXPLANATION: A source code escrow agreement is primarily
recommended to help protect the enterprise’s investment in software
because the source code will be available through a trusted third party
and can be retrieved if the start-up vendor goes out of business.

An enterprise’s risk appetite is BEST established

by:
A.the chief legal officer.

B.security management.

C.the audit committee.

D.the steering committee.

 4
An enterprise’s risk appetite is BEST established by:
YOUR ANSWER: D. the steering committee.
EXPLANATION: The steering committee is best suited to determine the
enterprise’s risk appetite because the committee draws its representation
from senior management.

When identifying an earlier project completion

time, which is to be obtained by paying a
premium for early completion, the activities that
should be selected are those:
A.whose sum of activity time is the shortest.

B.that have zero slack time.

C.that give the longest possible completion time.

D.whose sum of slack time is the shortest.

5
When identifying an earlier project completion time, which is to
be obtained by paying a premium for early completion, the
activities that should be selected are those:
YOUR ANSWER: D. whose sum of slack time is the shortest.
CORRECT ANSWER: B. that have zero slack time.
EXPLANATION: A task on the critical path has no slack time.

An IS auditor is assigned to audit a software

development project, which is more than 80
percent complete, but has already overrun time
by 10 percent and costs by 25 percent. Which of
the following actions should the IS auditor take?
 A.Report that the organization does not have effective
project management.

B.Recommend the project manager be changed.

C.Review the IT governance structure.

D.Review the conduct of the project and the

business case.

A programmer maliciously modified a production

program to change data and then restored the
original code. Which of the following
would MOST effectively detect the malicious
activity?
A.Comparing source code

B.Reviewing system log files

C.Comparing object code

D.Reviewing executable and source code integrity

6
An IS auditor is assigned to audit a software development project,
which is more than 80 percent complete, but has already overrun
time by 10 percent and costs by 25 percent. Which of the
following actions should the IS auditor take?
YOUR ANSWER: D. Review the conduct of the project and the
business case.
EXPLANATION: Before making any recommendations, an IS auditor
needs to understand the project and the factors that have contributed to
bringing the project over budget and over schedule.
7
 A programmer maliciously modified a production program to
change data and then restored the original code. Which of the
following would MOST effectively detect the malicious activity?
YOUR ANSWER: D. Reviewing executable and source code
integrity
CORRECT ANSWER: B. Reviewing system log files
EXPLANATION: Reviewing executable and source code integrity is an
ineffective control, because the source code was changed back to the
original and will agree with the current executable.
Which of the following would BEST ensure
continuity of a wide area network (WAN) across
the organization?
A.Built-in alternative routing

B.Complete full system backup daily

C.A repair contract with a service provider

D.A duplicate machine alongside each server

An IS auditor is reviewing the physical security

controls of a data center and notices several
areas for concern. Which of the following areas is
the MOST important?
A.The emergency power off button cover is missing.

B.Scheduled maintenance of the fire suppression system

was not performed.

C.There are no security cameras inside the data center.

D.The emergency exit door is blocked.

8
Which of the following would BEST ensure continuity of a wide
area network (WAN) across the organization?
YOUR ANSWER: A. Built-in alternative routing
EXPLANATION: Alternative routing would ensure that the network would
continue if a communication device fails or if a link is severed because
message rerouting could be automatic.

9
An IS auditor is reviewing the physical security controls of a data
center and notices several areas for concern. Which of the
following areas is the MOST important?
YOUR ANSWER: D. The emergency exit door is blocked.
EXPLANATION: Life safety is always the highest priority; therefore, the
blocking of the emergency exit is the most serious problem.

Which of the following choices BEST helps

information owners to properly classify data?
A.Understanding of technical controls that protect data

B.Training on organizational policies and standards

C.Use of an automated data leak prevention (DLP) tool

D.Understanding which people need to access the data

10
Which of the following choices BEST helps information owners to
properly classify data?
YOUR ANSWER: B. Training on organizational policies and
standards
EXPLANATION: While implementing data classification, it is most
essential that organizational policies and standards, including the data
classification schema, are understood by the owner or custodian of the
data so they can be properly classified.