O'Reilly logo

CISA® Certified Information Systems Auditor®: Study Guide, Third Edition by David Cannon

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Answers to Assessment Test

1. D. The risk analysis does not ensure absolute safety. The purpose of using a risk-based audit strategy is to ensure that the audit adds value with meaningful information. For more information, see Chapter 3.

2. A. Authorization should be separate from all other activities. A second person should review changes before implementation. Authorization will be granted if the change is warranted and the level of risk is acceptable. For more information, see Chapter 3.

3. B. The purpose of the audit committee is to review and challenge assurances made and to maintain a positive working relationship with management and the auditors. For more information, see Chapters 2 and 3.

4. B. The first person on the scene is the incident ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required