Answers to Review Questions

1. C. A policy is signed by the person of highest authority to ensure compliance by the members of the organization. Compliance to policies, standards, and procedures is mandatory.

2. B. Accountants, auditors, and lawyers act on behalf of their client’s best interests unless doing so places them in violation of the law. It is the highest standard of duty implied by law for a trustee and guardian.

3. B. All of the audit types listed are valid except procedural, SAS-74, verification, and regulatory. The valid audit types are financial, operational (SAS-70), integrated (SAS-94), compliance, administrative, forensic, and information systems. A forensic audit is used to discover information about a possible crime.

4. D. ...

Get CISA® Certified Information Systems Auditor®: Study Guide, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.