ISACA: Serving IT Governance Professionals

English
Chinese (Simplified)
Chinese (Traditional)
Deutsch
Espanol
Francais
Hebrew
Italiano
Japanese
Korean
Nederlands
Polski
Portuguese

Advanced Search

ABOUT
Membership
CERTIFICATION
Education
COBIT
Knowledge Center
Journal
Bookstore

What We Offer & Whom We Serve

@ISACA Newsletter

Licensing and Promotion

Volunteering

IT Governance
Institute

	Professional Membership
	Student Membership
	Academic Membership

	Local Chapter Information
	Join Today
	Professional Growth Global Community Advance Your Career


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

Why Certify

How to Earn CPE

Maintain Your Certification

Write an Exam Question

US DoD Information

Exam Registration

CONFERENCES

ONLINE LEARNING

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM

Call for Papers

Browse All Events

Exhibitors and Sponsors


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs

Browse Knowledge Center topics

Where networking and knowledge intersect.

	BMIS (Information Security)
	COBIT 5 \| COBIT 4.1
	ITAF (IT Assurance\Audit)
	Research (Deliverables\Projects)
	Risk IT (IT Risk Management)
	Standards (Assurance\Audit\Control)
	Val IT (Value Delivery)

Featured Resources

Career Centre

Legislative Reporting

Current Issue

Past Issues

Author Blog

CPE Quizzes

Submit an Article

COBIT Process Assessment Model (PAM): Using COBIT 5

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

Top Sellers

Security, Audit and Control Features SAP ERP, 3rd Edition

English: CISA Practice Question Database v12 (CD-ROM)

IT Project Management:30 Steps to Success

IT Governance: Policies & Procedures, 2012 Edition

The Operational Risk Handbook for Financial Companies

ISACA
My ISACA

Join ISACA
Feedback
Shopping Cart

Sign In

ISACA > Journal > Past Issues > 2004 > Volume 3 > Quiz 94

Quiz 94

Journal
- Current Issue
- JOnline
- Past Issues
  - 2013
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.

Alles, Kogan and Vasarhelyi Article
Sarup Article
Bek Article
Mookhey Article
Wakefield Article
Lanza Article

CPE Quiz # 94

Based on Information Systems Control Journal Volume 1, 2004

A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit

Your results will appear in a new window.

Enter your name below so it displays on the quiz results page:

Name:

Alles, Kogan and Vasarhelyi Article

1. Initially, most publicity was drawn to section 302 of the Sarbanes-Oxley legislation, which requires the CEO and CFO to personally sign off on the appropriateness of the firm's financial statements.
TrueFalse2. CFO Magazine's survey of Fortune 500 CFOs suggests that the cost of Sarbanes-Oxley section 404 compliance during the first year of implementation is US $7 billion.
TrueFalse3. The authors predict that tools for automated control mapping, evaluating online, real-time control functioning, and selecting alarms for auditor review will greatly facilitate 404 compliance.
TrueFalse4. Sarbanes-Oxley section 409 requires that material internal control deficiencies be disclosed on a real-time basis for the protection of investors and the public interest.
TrueFalse5. The authors suggest that Sarbanes-Oxley should be wholly effective in eliminating corporate malfeasance, in that its provisions would detect or prevent a majority of recent corporate malfeasances.
TrueFalse

Sarup Article

6. Issues that the audit profession needs to address, in the opinion of the author, include the need to be seen as clearly independent, the need for greater responsibility for detecting fraud and a need to remove the bias from the audit model.
TrueFalse7. The author describes a new model of auditing that inserts a neutral third party, such as a stock exchange, to play a pivotal role in monitoring the performance of the audit.
TrueFalse8. One element of the model described by the author is that audit fees would not be paid by the company being audited; instead, the audit fees would be paid by a special levy on stock trades.
TrueFalse

Bek Article

9. ZFPAudit is a market-leading commercial audit software for examining the security of Windows 98, Windows 2000 and Windows XP operating systems.
TrueFalse10. Complete source code is available for review and improvement with the license of ZFPAudit.
TrueFalse

Mookhey Article

11. Examples of open source vulnerability assessment tools identified by the author include Nessus and Satan. An advantage of Nessus is that it runs in client-server mode and, therefore, can be run on a laptop with limited capabilities.
TrueFalse12. Open source forensics tools include Lsof and The Coroner's Toolkit. A disadvantage of these tools is that they are designed primarily for UNIX systems and have limited benefits for Windows systems.
TrueFalse13. A recommended technique for auditing with open source tools is using a combination of tools for the same purpose. An advantage of open source tools is that they cannot cause a denial-of-service attack because of the small amount of source code.
TrueFalse

Wakefield Article

14. Monitoring employees through electronic surveillance is becoming more common. According to an AMA survey in 2001, the two most common types of surveillance are video recording job performance and storage and review of e-mail.
TrueFalse15. Employers seeking to monitor e-mail and Internet usage of employees should implement a clear policy that outlines monitoring intentions to minimize invasion of privacy claims. Clear policies should set boundaries, establish employees' expectations of privacy, and help set a workplace tone that conveys organizational responsibility and respect for others.
TrueFalse

Lanza Article

16. Fraud can be categorized into the following three areas: asset misappropriation, corruption and fraudulent financial statements. Most of the examples of computer-assisted audit techniques designed to protect against fraud identified by the author are primarily beneficial in identifying corruption.
TrueFalse

Your results will appear in a new window.

Please note: This quiz requires a JavaScript-enabled browser. If the quiz is not displayed above, you either do not have a browser which supports JavaScript or JavaScript support has been disabled.

© 2013 ISACA. All Rights Reserved

Site Map
Contact Us
Press Room
Terms of Use
ISACA PRIVACY POLICY – YOUR PRIVACY RIGHTS
IP Guidelines