O'Reilly logo

CISA® Certified Information Systems Auditor®: Study Guide, Third Edition by David Cannon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Review Questions

1. What is the difference between a policy and a procedure?

A. Compliance to a policy is discretionary, and compliance to a procedure is mandatory.

B. A procedure provides discretionary advice to aid in decision making. The policy defines specific requirements to ensure compliance.

C. A policy is a high-level document signed by a person of authority, and compliance is mandatory. A procedure defines the mandatory steps to attain compliance.

D. A policy is a mid-level document issued to advise the reader of desired actions in the absence of a standard. The procedure describes suggested steps to use.

2. What does fiduciary responsibility mean?

A. To use information gained for personal interests without breaching confidentiality ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required