Professional Documents
Culture Documents
Page 1 of 3
standards and best practices”. [6 Marks]
Discuss what is meant by:
i. Objectivity
ii. Due diligence
iii. Professional care
g) Overview of the Audit process consists of several steps. Describe them in their
correct order and elaborate each step. [5 Marks]
h) Describe the following terms in system auditing environment
(i) Confidentiality [1 Mark]
(ii) Integrity [1 Mark]
(iii) Availability [1 Mark]
a) Controls are generally categorized into three major classifications. List these three
and give an example of each in relation to information systems environment.
[6 Marks]
b) Audit planning consists of both short- and long-term planning.
(i) Describe each type mentioned above [2 Marks]
(ii) There are four major factors that affect planning. Describe them. [8 Marks]
Page 2 of 3
QUESTION FOUR [20 MARKS]
d) Describe three guidelines that assist system auditors detect and deter fraud
occurrences in an organization [6 Marks]
e) Discuss when and how an information system firm should retain a Data Forensic
Expert. [4 Marks]
f) What is IT governance? Discuss how it helps in any organization [2 Marks]
a) Discuss the following type of audit as they apply to Information systems auditing:
i. Technological position audit [3 Marks]
ii. Application and systems audit [3 Marks]
iii. Systems development audit [3 Marks]
b) During contingency recovery planning, we can opt to deal with hot or cold site.
Discuss hot site giving relevant examples. [1 Mark]
Discuss each and explain their roles in system auditing [10 Marks]
Page 3 of 3