Isaca CISA Quiz 33 Topic 1 Questions 161-165

Question: 1

Due to system limitations, segregation of duties (SoD) cannot be enforced in an accounts payable system. Which of the following is the IS auditor s BEST recommendation for a compensating control?

ARestrict payment authorization to senior staff members

BReview payment transaction history.

CRequire written authorization for all payment transactions.

DReconcile payment transactions with invoices.

Show Answer

Question: 2

Which of the following is the GREATEST risk associated with conducting penetration testing on a business-critical application production environment?

ASystem owners may not be informed in advance

BResults may differ from those obtained in the test environment

CData integrity may become compromised

DThis type of testing may not adhere to audit standards

Show Answer

Question: 3

Which of the following is an example of a corrective control?

AGenerating automated batch job failure notifications

BEmploying only qualified personnel to execute tasks

CRestoring system information from data backups

DUtilizing processes that enforce segregation of duties

Show Answer

Question: 4

An IS auditor is analysing a sample of assesses recorded on the system log of an application. The auditor intends to launch an intensive investigation if one exception is found. Which sampling method would be appropriate?

AStratified sampling

BVariable sampling

CJudgemental sampling

DDiscovery sampling

Show Answer

Question: 5

Which of the following would BEST help to ensure the availability of data stored with a cloud provider?

ARequiring the provider to conduct daily backups

BDefining service level agreements (SLAs) in the contract

CDefining the reporting process and format

DConfirming the cloud provider has a disaster recovery site

Show Answer

Isaca CISA Quiz:33 Topic:1 Questions:161-165