When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:

seenagapeApril 26, 2014

When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to
ensure that:

PrepAway - Latest Free Exam Questions & Answers

A.
controls needed to mitigate risks are in place.

B.
vulnerabilities and threats are identified.

C.
audit risks are considered.

D.
a gap analysis is appropriate.

Explanation:
In developing a risk-based audit strategy, it is critical that the risks and vulnerabilities be
understood. This will determine the areas to be audited and the extent of coverage. Understanding
whether appropriate controls required to mitigate risksare in place is a resultant effect of an audit.
Audit risks are inherent aspects of auditing, are directly related to the audit process and are not
relevant to the risk analysis of the environment to be audited. A gap analysis would normally be
doneto compare the actual state to an expected or desirable state.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:

Leave a Reply Cancel reply