CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 236
1. A company has implemented a new client-server enterprise resource planning (ERP) system. Local branches transmit customer orders to a central manufacturing facility. Which of the following would BEST ensure that the orders are entered accurately and the corresponding products are produced?
A) Verifying production to customer orders
B) Logging all customer orders in the ERP system
C) Using hash totals in the order transmitting process
D) Approving (production supervisor) orders prior to production
2. When two or more systems are integrated, input/output controls must be reviewed by an IS auditor in the:
A) systems receiving the output of other systems.
B) systems sending output to other systems.
C) systems sending and receiving data.
D) interfaces between the two systems.
3. An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the:
A) EDI trading partner agreements.
B) physical controls for terminals.
C) authentication techniques for sending and receiving messages.
D) program change control procedures.
4. An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process wouldMOST likely:
A) check to ensure that the type of transaction is valid for the card type.
B) verify the format of the number entered then locate it on the database.
C) ensure that the transaction entered is within the cardholder's credit limit.
D) confirm that the card is not shown as lost or stolen on the master file.
5. A company has recently upgraded its purchase system to incorporate EDI transmissions. Which of the following controls should be implemented in the EDI interface to provide for efficient data mapping?
A) Key verification
B) One-for-one checking
C) Manual recalculations
D) Functional acknowledgements
A) Verifying production to customer orders
B) Logging all customer orders in the ERP system
C) Using hash totals in the order transmitting process
D) Approving (production supervisor) orders prior to production
2. When two or more systems are integrated, input/output controls must be reviewed by an IS auditor in the:
A) systems receiving the output of other systems.
B) systems sending output to other systems.
C) systems sending and receiving data.
D) interfaces between the two systems.
3. An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the:
A) EDI trading partner agreements.
B) physical controls for terminals.
C) authentication techniques for sending and receiving messages.
D) program change control procedures.
4. An IS auditor recommends that an initial validation control be programmed into a credit card transaction capture application. The initial validation process wouldMOST likely:
A) check to ensure that the type of transaction is valid for the card type.
B) verify the format of the number entered then locate it on the database.
C) ensure that the transaction entered is within the cardholder's credit limit.
D) confirm that the card is not shown as lost or stolen on the master file.
5. A company has recently upgraded its purchase system to incorporate EDI transmissions. Which of the following controls should be implemented in the EDI interface to provide for efficient data mapping?
A) Key verification
B) One-for-one checking
C) Manual recalculations
D) Functional acknowledgements
1. Right Answer: A
Explanation: Verification will ensure that production orders match customer orders. Logging can be used to detect inaccuracies, but does not in itself guarantee accurate processing. Hash totals will ensure accurate order transmission, but not accurate processing centrally. Production supervisory approval is a time consuming, manual process that does not guarantee proper control.
2. Right Answer: C
Explanation: Both of the systems must be reviewed for input/output controls, since the output for one system is the input for the other.
3. Right Answer: C
Explanation: Authentication techniques for sending and receiving messages play a key role in minimizing exposure to unauthorized transactions. The EDI trading partner agreements would minimize exposure to legal issues.
4. Right Answer: B
Explanation: The initial validation should confirm whether the card is valid. This validity is established through the card number and PIN entered by the user. Based on this initial validation, all other validations will proceed. A validation control in data capture will ensure that the data entered is valid (i.e., it can be processed by the system). If the data captured in the initial validation is not valid (if the card number or PIN do not match with the database), then the card will be rejected or captured per the controls in place. Once initial validation is completed, then other validations specific to the card and cardholder would be performed.
5. Right Answer: D
Explanation: Acting as an audit trail for EDI transactions, functional acknowledgements are one of the main controls used in data mapping. All the other choices are manual input controls, whereas data mapping deals with automatic integration of data in the receiving company.
Explanation: Verification will ensure that production orders match customer orders. Logging can be used to detect inaccuracies, but does not in itself guarantee accurate processing. Hash totals will ensure accurate order transmission, but not accurate processing centrally. Production supervisory approval is a time consuming, manual process that does not guarantee proper control.
2. Right Answer: C
Explanation: Both of the systems must be reviewed for input/output controls, since the output for one system is the input for the other.
3. Right Answer: C
Explanation: Authentication techniques for sending and receiving messages play a key role in minimizing exposure to unauthorized transactions. The EDI trading partner agreements would minimize exposure to legal issues.
4. Right Answer: B
Explanation: The initial validation should confirm whether the card is valid. This validity is established through the card number and PIN entered by the user. Based on this initial validation, all other validations will proceed. A validation control in data capture will ensure that the data entered is valid (i.e., it can be processed by the system). If the data captured in the initial validation is not valid (if the card number or PIN do not match with the database), then the card will be rejected or captured per the controls in place. Once initial validation is completed, then other validations specific to the card and cardholder would be performed.
5. Right Answer: D
Explanation: Acting as an audit trail for EDI transactions, functional acknowledgements are one of the main controls used in data mapping. All the other choices are manual input controls, whereas data mapping deals with automatic integration of data in the receiving company.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment