8. A PRIMARY benefit derived for an organization employing control self-assessment techniques is that it:

Can identify high-risk areas that might need a detailed review later.

Allows IS auditors to independently assess risk

Can be used as a replacement for traditional audits

Allows management to relinquish responsibility for control

9. An IS audit department considers implementing continuous auditing techniques for a multinational retail enterprise that requires high availability of its key systems. A PRIMARY benefit of continuous auditing is that:

Fraud can be detected more quickly.

Effective preventive controls are enforced.

Errors can be corrected in a timely fashion.

10. Which of the following represents the GREATEST potential risk in an electronic data in (EDI) environment?

Lack of transaction authorizations

Loss or duplication of EDI transmissions

Deletion or manipulation of transactions prior to, or after, establishment of application controls

RoadtoCertificate Week1

Professional Development

Used 9+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

10 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

1. Which of the following is the PRIMARY purpose of a risk-based audit?

High-impact areas are addressed first.

Audit resources are allocated efficiently.

Material areas are addressed first.

Management concerns are prioritized.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

2. An IS auditor notes that failed login attempts to a core financial system are automatically logged and the logs are retained for a year by the organization. This logging is:

An effective preventive control.

A valid detective control.

Not an adequate control.

A corrective control.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

3. A centralized antivirus system determines whether each personal computer has the latest signature files and installs the latest signature files before allowing a PC to connect to the network. This is an example of a:

Directive control

Corrective control

Compensating control

Detective control

MULTIPLE CHOICE QUESTION

1 min • 1 pt

4. An IS auditor is reviewing a project risk assessment and notices that the overall residual risk level is high due to confidentiality requirements. Which of the following types of risk is normally high due to the number of unauthorized users the project may affect?

Control risk

Compliance risk

Inherent risk

Residual risk

MULTIPLE CHOICE QUESTION

1 min • 1 pt

5. An IS auditor is carrying out a system configuration review. Which of the following is the BEST evidence in support of the current system configuration settings?

System configuration values that are imported to a spreadsheet by the system administrator

Standard report with configuration values that are retrieved from the system by the IS auditor

Dated screenshot of the system configuration settings that are made available by the system administrator

Annual review of approved system configuration values by the business owner

MULTIPLE CHOICE QUESTION

1 min • 1 pt

6. In a risk-based IS audit, where both inherent and control risk have been assessed as high, an IS auditor would MOST likely compensate for this scenario by performing additional:

Stop-or-go sampling

Substantive testing

Compliance testing

Discovery sampling

MULTIPLE CHOICE QUESTION

1 min • 1 pt

7. Which of the following should be the FIRST action of an IS auditor during a dispute with a department manager over audit findings?

Retest the control to validate the finding

Engage a third party to validate the finding

Include the finding in the report with the department manager's comments

Revalidate the supporting evidence for the finding

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

12 questions

Maslow's theory test

Quiz

•

Professional Development

10 questions

Tools of KPI

Quiz

•

Professional Development

10 questions

Applied Networking

Quiz

•

Professional Development

13 questions

UF3 Lavandería industrial

Quiz

•

Professional Development

10 questions

FUTURES THINKING & SCENARIO PLANNING

Quiz

•

Professional Development

15 questions

Emerging Tech

Quiz

•

Professional Development

6 questions

About Dexcom

Quiz

•

Professional Development

15 questions

BJT - BASICS

Quiz

•

Professional Development

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Professional Development

44 questions

Would you rather...

Quiz

•

Professional Development

RoadtoCertificate Week1

1. Which of the following is the PRIMA﻿RY purpose of a risk-based audit?

2. An IS auditor notes that failed login attempts to a core financial system are automatically logged and the logs are retained for a year by the organization. This logging is:

3. A centralized antivirus system determines whether each personal computer has the latest signature files and installs the latest signature files before allowing a PC to connect to the network. This is an example of a:

4. An IS auditor is reviewing a project risk assessment and notices that the overall residual risk level is high due to confidentiality requirements. Which of the following types of risk is normally high due to the number of unauthorized users the project may affect?

5. An IS auditor is carrying out a system configuration review. Which of the following is the BEST evidence in support of the current system configuration settings?

6. In a risk-based IS audit, where both inherent and control risk have been assessed as high, an IS auditor would MOST likely compensate for this scenario by performing additional:

7. Which of the following should be the FIRST action of an IS auditor during a dispute with a department manager over audit findings?

8. A PRIMARY benefit derived for an organization employing control self-assessment techniques is that it:

9. An IS audit department considers implementing continuous auditing techniques for a multinational retail enterprise that requires high availability of its key systems. A PRIMARY benefit of continuous auditing is that:

10. Which of the following represents the GREATEST potential risk in an electronic data in (EDI) environment?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Professional Development

1. Which of the following is the PRIMARY purpose of a risk-based audit?