Isaca CISA Quiz 598 Topic 4 Questions 2986-2990

Question: 1

An IS auditor has completed an audit of an organization's accounts payable system. Which of the following should be rated as the HIGHEST risk in the audit report and requires immediate remediation?

ALack of segregation of duty controls for removal of vendor records

BLack of segregation of duty controls for reconciliation of payment transactions

CLack of segregation of duty controls for reversing payment transactions

DLack of segregation of duty controls for updating the vendor master file

Show Answer

Question: 2

What would be of GREATEST concern to an IS auditor observing shared key cards being utilized to access an organization's data center?

AThe lack of a multi-factor authentication system

BThe lack of enforcement of organizational policy and procedures

CThe inability to identify who has entered the data center

DThe inability to track the number of misplaced cards

Show Answer

Question: 3

Which of the following is MOST likely to be included in computer operating procedures in a large data center?

AGuidance on setting security parameters

BProcedures for resequencing source code

CProcedures for utility configuration

DInstructions for job scheduling

Show Answer

Question: 4

An IS auditor wants to understand the collective effect of the preventive, detective, and corrective controls for a specific business process. Which of the following should the auditor focus on FIRST?

AThe formal documentation of the process and how adherence is measured

BWhether the existence of preventive controls causes corrective controls to become unnecessary

CWhether segregation of duties is in place when two controls are applied simultaneously

DThe various points in the process where controls are exercised

Show Answer

Question: 5

An internal audit department recently established a quality assurance (QA) program. Which of the following activities is MOST important to include as part of the OA program requirements?

APeriodic external assessments of the program

BAnalysis of user satisfaction reports from business lines

CLong-term internal audit resource planning for the program

DFeedback from internal audit staff

Show Answer

Isaca CISA Quiz:598 Topic:4 Questions:2986-2990