Are you studying for the CISA certification?
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
An IT Auditor has completed her initial review of the disaster recovery planning (DRP) process and has requested a meeting with management to discuss identified findings. What is the main purpose of this meeting?
Confirming factual accuracy of the findings
Assisting management in the scheduling and implementation of corrective actions
To issue the findings.
Obtaining management agreement of the corrective actions
Clarifying the scope and limitations of the audit
The goal of the meeting is to confirm the factual accuracy of the audit findings and present an opportunity for management to agree on corrective action. Management approval of the corrective actions is not required since this is not the role of the auditor. Implementation of corrective actions should be done after the factual accuracy of findings has been established, but the work of implementing corrective action is not typically assigned to the IS auditor since this would impair the auditor's independence. Clarifying the scope and limitations of the audit should be done during the entrance meeting, not during the exit meeting.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.