Certified Information Systems Auditor (CISA) Interview Preparation Guide
Prepare comprehensively for your CISA interview with our extensive list of 25 questions. Each question is crafted to challenge your understanding and proficiency in CISA. Suitable for all skill levels, these questions are essential for effective preparation. Download the free PDF to have all 25 questions at your fingertips. This resource is designed to boost your confidence and ensure youre interview-ready.25 CISA Questions and Answers:
1 :: As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following are necessary to restore these files?
1. The previous day's backup file and the current transaction tape
2. The previous day's transaction file and the current transaction tape
3. The current transaction tape and the current hard copy transaction log
4. The current hard copy transaction log and the previous day's transaction file
Answer: 1
2. The previous day's transaction file and the current transaction tape
3. The current transaction tape and the current hard copy transaction log
4. The current hard copy transaction log and the previous day's transaction file
Answer: 1
2 :: While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/backup at an offsite location would be:
1. shadow file processing.
2. electronic vaulting.
3. hard-disk mirroring.
4. hot-site provisioning.
Answer: 1
2. electronic vaulting.
3. hard-disk mirroring.
4. hot-site provisioning.
Answer: 1
3 :: Which of the following types of testing would determine whether a new or modified system can operate in its target environment without adversely impacting other existing systems?
1. Parallel testing
2. Pilot testing
3. Interface/integration testing
4. Sociability testing
Answer: 4
2. Pilot testing
3. Interface/integration testing
4. Sociability testing
Answer: 4
4 :: Which of the following risks could result from inadequate software baselining?
1. Scope creep
2. Sign-off delays
3. Software integrity violations
4. Inadequate controls
Answer: 1
2. Sign-off delays
3. Software integrity violations
4. Inadequate controls
Answer: 1
5 :: A programmer, using firecall IDs, as provided in the manufactures manual, gained access to the production environment and made an unauthorized change. Which of the following could have prevented this from happening?
1. Deactivation
2. Monitoring
3. Authorization
4. Resetting
Answer: 4
2. Monitoring
3. Authorization
4. Resetting
Answer: 4
6 :: Which of the following is a dynamic analysis tool for the purpose of testing software modules?
1. Black box test
2. Desk checking
3. Structured walk-through
4. Design and code
Answer: 1
2. Desk checking
3. Structured walk-through
4. Design and code
Answer: 1
7 :: Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is BEST ensured by:
1. database integrity checks.
2. validation checks.
3. input controls.
4. database commits and rollbacks.
Answer: 4
2. validation checks.
3. input controls.
4. database commits and rollbacks.
Answer: 4
8 :: A retail company recently installed data warehousing client software at geographically diverse sites. Due to time zone differences between the sites, updates to the warehouse are not synchronized. Which of the following will be affected the MOST?
1. Data availability
2. Data completeness
3. Data redundancy
4. Data inaccuracy
Answer: 2
2. Data completeness
3. Data redundancy
4. Data inaccuracy
Answer: 2
9 :: An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls?
1. Allow changes to be made only with the DBA user account.
2. Make changes to the database after granting access to a normal user account
3. Use the DBA user account to make changes, log the changes and review the change log the following day.
4. Use the normal user account to make changes, log the changes and review the change log the following day.
Answer: 3
2. Make changes to the database after granting access to a normal user account
3. Use the DBA user account to make changes, log the changes and review the change log the following day.
4. Use the normal user account to make changes, log the changes and review the change log the following day.
Answer: 3
10 :: Which of the following represents the GREATEST potential risk in an EDI environment?
1. Transaction authorization
2. Loss or duplication of EDI transmissions
3. Transmission delay
4. Deletion or manipulation of transactions prior to or after establishment of application controls
Answer: 1
2. Loss or duplication of EDI transmissions
3. Transmission delay
4. Deletion or manipulation of transactions prior to or after establishment of application controls
Answer: 1