1. An IS auditor is reviewing access to an application to determine whether the 10 most
recent "new user" forms were correctly authorized. This is an example of:
A. variable sampling.
B. substantive testing.
C. compliance testing.
D. stop-or-go sampling.
CISA Practice Questions from Exam Cram
1. If an organization chooses to implement a control self-assessment program, the
auditor should participate primarily as a:
C. Project leader
D. The auditor should not participate in the or
Latihan CISA Exam Chapter 2
1. An IS auditor should expect which of the following items to be included in the request for
(RFP) when IS is procuring services from an independent service provider (ISP)?
A References from other custom