Appendix Answers to Review Questions

Chapter 1: Secrets of a Successful Auditor

  1. A. An assessment is less formal than an audit. The purpose of an assessment is to determine value based on relevance. Assessments have a lower value because they are not a regimented independent audit.
  2. C. The client sets the scope of the audit. The auditee is the target (subject) of the audit. The auditor designs the audit plan according to the client’s scope and then performs the audit in accordance with published audit standards and procedures.
  3. D. Policies should be signed, issued, and enforced by the highest level of management to ensure compliance by the organization. It is the responsibility of management (not the auditor) to implement internal controls. ...

Get CISA: Certified Information Systems Auditor Study Guide, 4th Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.