ISACA CISA Certified Information Systems Auditor Exam Questions and Answers – 9

The latest ISACA CISA (Certified Information Systems Auditor) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the ISACA CISA exam and earn ISACA CISA certification.

CISA Question 921

Question

Which of the following audit techniques would BEST aid an auditor in determining whether there have been unauthorized program changes since
the last authorized program update?

A. Test data run
B. Code review
C. Automated code comparison
D. Review of code migration procedures

Answer

C. Automated code comparison

Explanation

An automated code comparison is the process of comparing two versions of the same program to determine whether the two correspond. It is an efficient technique because it is an automated procedure. Test data runs permit the auditor to verify the processing of preselected transactions, but provide no evidence about unexercised portions of a program. Code review is the process of reading program source code listings to determine whether the code contains potential errors or inefficient statements. A code review can be used as a means of code comparison but it is inefficient. The review of code migration procedures would not detect program changes.

CISA Question 922

Question

The PRIMARY purpose for meeting with auditees prior to formally closing a review is to:

A. confirm that the auditors did not overlook any important issues.
B. gain agreement on the findings.
C. receive feedback on the adequacy of the audit procedures.
D. test the structure of the final presentation.

Answer

B. gain agreement on the findings.

Explanation

The primary purpose for meeting with auditees prior to formally closing a review is to gain agreement on the findings. The other choices, though related to the formal closure of an audit, are of secondary importance.

CISA Question 923

Question

In the process of evaluating program change controls, an IS auditor would use source code comparison software to:

A. examine source program changes without information from IS personnel.
B. detect a source program change made between acquiring a copy of the source and the comparison run.
C. confirm that the control copy is the current version of the production program.
D. ensure that all changes made in the current source copy are detected.

Answer

A. examine source program changes without information from IS personnel.

Explanation

An IS auditor has an objective, independent and relatively complete assurance of program changes because the source code comparison will identify changes.
Choice B is incorrect, because the changes made since the acquisition of the copy are not included in the copy of the software. Choice C is incorrect, as an IS auditor will have to gain this assurance separately.
Choice D is incorrect, because any changes made between the time the control copy was acquired and the source code comparison is made will not be detected.

CISA Question 924

Question

The PRIMARY reason an IS auditor performs a functional walkthrough during the preliminary phase of an audit assignment is to:

A. understand the business process.
B. comply with auditing standards.
C. identify control weakness.
D. plan substantive testing.

Answer

A. understand the business process.

Explanation

Understanding the business process is the first step an IS auditor needs to perform. Standards do not require an IS auditor to perform a process walkthrough.
Identifying control weaknesses is not the primary reason for the walkthrough and typically occurs at a later stage in the audit, while planning for substantive testing is performed at a later stage in the audit.

CISA Question 925

Question

An IS auditor issues an audit report pointing out the lack of firewall protection features at the perimeter network gateway and recommends a
vendor product to address this vulnerability. The IS auditor has failed to exercise:

A. professional independence
B. organizational independence.
C. technical competence.
D. professional competence.

Answer

A. professional independence

Explanation

When an IS auditor recommends a specific vendor, they compromise professional independence. Organizational independence has no relevance to the content of an audit report and should be considered at the time of accepting the engagement. Technical and professional competence is not relevant to the requirement of independence.

CISA Question 926

Question

An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these
circumstances, the IS auditor should:

A. conclude that the controls are inadequate.
B. expand the scope to include substantive testing
C. place greater reliance on previous audits.
D. suspend the audit.

Answer

B. expand the scope to include substantive testing

Explanation

If the answers provided to an IS auditor’s questions are not confirmed by documented procedures or job descriptions, the IS auditor should expand the scope of testing the controls and include additional substantive tests. There is no evidence that whatever controls might exist are either inadequate or adequate. Placing greater reliance on previous audits or suspending the audit are inappropriate actions as they provide no current knowledge of the adequacy of the existing controls.

CISA Question 927

Question

When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with:

A. analysis.
B. evaluation.
C. preservation.
D. disclosure.

Answer

C. preservation.

Explanation

Preservation and documentation of evidence for review by law enforcement and judicial authorities are of primary concern when conducting an investigation.
Failure to properly preserve the evidence could jeopardize the acceptance of the evidence in legal proceedings. Analysis, evaluation and disclosure are important but not of primary concern in a forensic investigation.

CISA Question 928

Question

A substantive test to verify that tape library inventory records are accurate is:

A. determining whether bar code readers are installed.
B. determining whether the movement of tapes is authorized.
C. conducting a physical count of the tape inventory.
D. checking if receipts and issues of tapes are accurately recorded.

Answer

C. conducting a physical count of the tape inventory.

Explanation

A substantive test includes gathering evidence to evaluate the integrity of individual transactions, data or other information. Conducting a physical count of the tape inventory is a substantive test. Choices A, B and D are compliance tests.

CISA Question 929

Question

While conducting an audit, an IS auditor detects the presence of a virus. What should be the IS auditor’s next step?

A. Observe the response mechanism.
B. Clear the virus from the network.
C. Inform appropriate personnel immediately.
D. Ensure deletion of the virus.

Answer

C. Inform appropriate personnel immediately.

Explanation

The first thing an IS auditor should do after detecting the virus is to alert the organization to its presence, then wait for their response. Choice A should be taken after choice C. This will enable an IS auditor to examine the actual workability and effectiveness of the response system. An IS auditor should not make changes to the system being audited, and ensuring the deletion of the virus is a management responsibility.

CISA Question 930

Question

When assessing the design of network monitoring controls, an IS auditor should FIRST review network:

A. topology diagrams.
B. bandwidth usage.
C. traffic analysis reports.
D. bottleneck locations.

Answer

A. topology diagrams.

Explanation

The first step in assessing network monitoring controls should be the review of the adequacy of network documentation, specifically topology diagrams. If this information is not up to date, then monitoring processes and the ability to diagnose problems will not be effective.