Here is a sampling of questions in the format of the CISA exam. These questions are related to business process evaluation and risk management, and will help test your understanding of this subject. Answers with explanations are provided in Appendix A.
Corporate governance can best be described as
A formal process of implementing controls across the system
A process that ensures that all risks have controls associated with them
The guiding principles and policies of the organization
The process for ensuring that all risks and accountabilities are managed within a business
When reviewing a corporate governance system, an IS auditor would be most? concerned to find which of the following deficiencies in the process?
Gaps in the handing down of the authority necessary to carry out the responsibilities given to unit management
Lack of an enforcement and disciplinary process for ensuring that governance and direction is in effect
Unit level goals that do not tie directly to the overall mission of the business
Incomplete measurement processes for ensuring that the governance direction is carried out
What is the most important thing to keep in mind when reviewing a business process for best practice design?
The state of the art solutions that are available in the market to perform these business functions
The current business model and its overall performance metrics
The requirements, business goals, and core competencies defined by the business model
What the competition is ...