IS Audit Foundations — CISA Practice Questions

Learning

Loading practice session...

Loading certificate…

Ready to learn

Sample questions — IS Audit Foundations

1. What is the difference between a policy and a procedure?

A.Compliance to a policy is discretionary, and compliance to a procedure is mandatory.
B.A procedure provides discretionary advice to aid in decision making. The policy defines specific requirements to ensure compliance.
C.A policy is a high-level document signed by a person of authority, and compliance is mandatory. A procedure defines the mandatory steps to attain compliance.✓ Correct
D.A policy is a mid-level document issued to advise the reader of desired actions in the absence of a standard. The procedure describes suggested steps to use.

Explanation

Policies are high-level, issued by top authority, and mandatory; procedures detail required steps to comply.

2. Which of the following in a business organization will be held liable by the government for failures of internal controls?

A.President, vice presidents, and other true corporate officers✓ Correct
B.Board of directors, president, vice presidents, department directors, and managers
C.All members of management
D.Board of directors, CEO, CFO, CIO, and department directors

Explanation

Liability typically rests with true corporate officers (e.g., VP level and above).

3. What does fiduciary responsibility mean?

A.To use information gained for personal interests without breaching confidentiality of the client.
B.To act for the benefit of another person and place the responsibilities to be fair and honest ahead of your own interest.✓ Correct
C.To follow the desires of the client and maintain total confidentiality even if illegal acts are discovered. The auditor shall never disclose information from an audit in order to protect the client.
D.None of the above.

Explanation

Fiduciary duty requires placing the client's interests first while remaining lawful and honest.

4. What are the different types of audits?

A.Forensic, accounting, verification, regulatory
B.Integrated, operational, compliance, administrative✓ Correct
C.Financial, SAS-74, compliance, administrative
D.Information systems, SAS-70, regulatory, procedural

Explanation

Valid types include financial, operational, integrated, compliance, administrative, forensic, and IS; the listed correct set best fits.

5. What is the difference between the word should and shall when used in regulations?

A.Shall represents discretionary requirements, and should provides advice to the reader.
B.Should indicates mandatory actions, whereas shall provides advisory information recommending actions when appropriate
C.Should and shall are comparable in meaning. The difference is based on the individual circumstances faced by the audit.
D.Should indicates actions that are discretionary according to need, whereas shall means the action is mandatory regardless of financial impact.✓ Correct

Explanation

"Shall" indicates mandatory requirements; "should" is discretionary guidance.

Practice all 30+ questions in this domain

Start free practice →

Frequently asked questions

How many CISA practice questions are there for IS Audit Foundations?↓

AnyCert has 30 CISA practice questions specifically for the IS Audit Foundations domain, each with a detailed AI-tutored explanation.

Is IS Audit Foundations heavily tested on the CISA exam?↓

IS Audit Foundations is one of the core domains in the CISA exam blueprint. Mastering this domain is essential for passing. AnyCert's practice questions cover the full scope of testable topics in this domain.

How should I study the IS Audit Foundations domain for CISA?↓

Practice all 30 IS Audit Foundations questions in AnyCert, review every explanation for missed answers, and use the AI tutor to clarify any concept. Focus on understanding the reasoning behind each answer, not just memorizing the correct choice.

Sample questions — IS Audit Foundations

1. What is the difference between a policy and a procedure?

A.Compliance to a policy is discretionary, and compliance to a procedure is mandatory.
B.A procedure provides discretionary advice to aid in decision making. The policy defines specific requirements to ensure compliance.
C.A policy is a high-level document signed by a person of authority, and compliance is mandatory. A procedure defines the mandatory steps to attain compliance.✓ Correct
D.A policy is a mid-level document issued to advise the reader of desired actions in the absence of a standard. The procedure describes suggested steps to use.

Explanation

Policies are high-level, issued by top authority, and mandatory; procedures detail required steps to comply.

2. Which of the following in a business organization will be held liable by the government for failures of internal controls?

A.President, vice presidents, and other true corporate officers✓ Correct
B.Board of directors, president, vice presidents, department directors, and managers
C.All members of management
D.Board of directors, CEO, CFO, CIO, and department directors

Explanation

Liability typically rests with true corporate officers (e.g., VP level and above).

3. What does fiduciary responsibility mean?

A.To use information gained for personal interests without breaching confidentiality of the client.
B.To act for the benefit of another person and place the responsibilities to be fair and honest ahead of your own interest.✓ Correct
C.To follow the desires of the client and maintain total confidentiality even if illegal acts are discovered. The auditor shall never disclose information from an audit in order to protect the client.
D.None of the above.

Explanation

Fiduciary duty requires placing the client's interests first while remaining lawful and honest.

4. What are the different types of audits?

A.Forensic, accounting, verification, regulatory
B.Integrated, operational, compliance, administrative✓ Correct
C.Financial, SAS-74, compliance, administrative
D.Information systems, SAS-70, regulatory, procedural

Explanation

Valid types include financial, operational, integrated, compliance, administrative, forensic, and IS; the listed correct set best fits.

5. What is the difference between the word should and shall when used in regulations?

A.Shall represents discretionary requirements, and should provides advice to the reader.
B.Should indicates mandatory actions, whereas shall provides advisory information recommending actions when appropriate
C.Should and shall are comparable in meaning. The difference is based on the individual circumstances faced by the audit.
D.Should indicates actions that are discretionary according to need, whereas shall means the action is mandatory regardless of financial impact.✓ Correct

Explanation

"Shall" indicates mandatory requirements; "should" is discretionary guidance.

Practice all 30+ questions in this domain

Start free practice →

Frequently asked questions

How many CISA practice questions are there for IS Audit Foundations?↓

AnyCert has 30 CISA practice questions specifically for the IS Audit Foundations domain, each with a detailed AI-tutored explanation.

Is IS Audit Foundations heavily tested on the CISA exam?↓

How should I study the IS Audit Foundations domain for CISA?↓