ISC - CPA Exam Questions with
Complete Answers
What are the 7 components of Governance system? - ANSWER-1.) Processes -
varies
2.) Organizational structure
3.) Principles, policies, frameworks
4.) Information - needed to assess performance
5.) Culture, ethics, behaviour -
6.) People skills & Competencies
7.) Services, infrastructure & Application
P - O - PPF - I - CEB - PSC - SIA
What are the 11 design factors in COBIT? - ANSWER-1.) Enterprise strategy -
primary and secondary strategy (ex) - Growth or acquisition strategy
2.) Enterprise Goals - Balanced scorecard - FICA
3.) Risk Profile - Addresses risk exposure
4.) IT Issues -
5.) Threat Landscape - geo issues , economic issues
6.) Compliance requirements - Low/Medium/High
7.) Role of IT
-Support - not critical
-Factory - highly critical
-T/A - drives innovation but not critical (want)
-Strategic - Crucial for both innovation and business operations (Need)
8.) Sourcing Model for IT
-Outsourcing
-web based model
-Built in house
-Hybrid (Mix of sources)
9.) IT Implementation methods
-Agile system
-DevOps
-Waterfall
-Hybrid
10.) Technology adoption strategy
-First mover strategy - adopted asap
- Follower strategy -emerging IT adopted after they are proven
, - Slow adopter - Very late to adopt new tech
11.) Two enterprise sizes
- Large company - over 250 employees
- small / medium company 50-250 employees
What are the Focus areas for COBIT? - ANSWER-A focus area are governance
issues that can be solved using governance and management
(examples):
Cybersecurity
cloud computing
digital transformation
What are the 4 COBIT publications? - ANSWER-1.) 2019 COBIT Framework - Intro
& Methodology
2.) 2019 COBIT Framework - Governance & Mgmt. objetives
3.) Design guide
4.) Implementation guide
What is IT infrastructure? (Examples) - ANSWER-Multiple interconnected logical
components
(Hardware , Software, Authorized Personnel)
What is a SOC 2 engagement report ? - ANSWER-Used when a company uses
another company to manage there IT Infrastructure.
When a 3rd party evaluates the internal controls of a service provider as it relates to
the AICPA's 5 trusted services criteria:
1.) security
2.) availability
3.) Processing integrity
4.) confidentiality
5.) Privacy
What is the goal of a SOC 2 engagement report ? - ANSWER-provide reasonable
assurance that controls are accurate and effective
What are end-user devices(EUD's)? - ANSWER-any device that connects to a
human
(Laptops , desktops, Tablet, wearable)
What are non (EUD) devices ? - ANSWER-routers, switches, servers doesn't
interface with end user.
What are key components of internal computer hardware? - ANSWER-
Microprocessor (Brain)
Graphics card ( for monitor) and sound card (Speakers)
Hardrive (Permanent storage)
RAM ( Temporary storage)
power supply - runs on electricity
Complete Answers
What are the 7 components of Governance system? - ANSWER-1.) Processes -
varies
2.) Organizational structure
3.) Principles, policies, frameworks
4.) Information - needed to assess performance
5.) Culture, ethics, behaviour -
6.) People skills & Competencies
7.) Services, infrastructure & Application
P - O - PPF - I - CEB - PSC - SIA
What are the 11 design factors in COBIT? - ANSWER-1.) Enterprise strategy -
primary and secondary strategy (ex) - Growth or acquisition strategy
2.) Enterprise Goals - Balanced scorecard - FICA
3.) Risk Profile - Addresses risk exposure
4.) IT Issues -
5.) Threat Landscape - geo issues , economic issues
6.) Compliance requirements - Low/Medium/High
7.) Role of IT
-Support - not critical
-Factory - highly critical
-T/A - drives innovation but not critical (want)
-Strategic - Crucial for both innovation and business operations (Need)
8.) Sourcing Model for IT
-Outsourcing
-web based model
-Built in house
-Hybrid (Mix of sources)
9.) IT Implementation methods
-Agile system
-DevOps
-Waterfall
-Hybrid
10.) Technology adoption strategy
-First mover strategy - adopted asap
- Follower strategy -emerging IT adopted after they are proven
, - Slow adopter - Very late to adopt new tech
11.) Two enterprise sizes
- Large company - over 250 employees
- small / medium company 50-250 employees
What are the Focus areas for COBIT? - ANSWER-A focus area are governance
issues that can be solved using governance and management
(examples):
Cybersecurity
cloud computing
digital transformation
What are the 4 COBIT publications? - ANSWER-1.) 2019 COBIT Framework - Intro
& Methodology
2.) 2019 COBIT Framework - Governance & Mgmt. objetives
3.) Design guide
4.) Implementation guide
What is IT infrastructure? (Examples) - ANSWER-Multiple interconnected logical
components
(Hardware , Software, Authorized Personnel)
What is a SOC 2 engagement report ? - ANSWER-Used when a company uses
another company to manage there IT Infrastructure.
When a 3rd party evaluates the internal controls of a service provider as it relates to
the AICPA's 5 trusted services criteria:
1.) security
2.) availability
3.) Processing integrity
4.) confidentiality
5.) Privacy
What is the goal of a SOC 2 engagement report ? - ANSWER-provide reasonable
assurance that controls are accurate and effective
What are end-user devices(EUD's)? - ANSWER-any device that connects to a
human
(Laptops , desktops, Tablet, wearable)
What are non (EUD) devices ? - ANSWER-routers, switches, servers doesn't
interface with end user.
What are key components of internal computer hardware? - ANSWER-
Microprocessor (Brain)
Graphics card ( for monitor) and sound card (Speakers)
Hardrive (Permanent storage)
RAM ( Temporary storage)
power supply - runs on electricity