ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 596 discussion

Actual exam question from Isaca's CISA
Question #: 596
Topic #: 1
[All CISA Questions]

An IS auditor assessing the controls within a newly implemented call center would FIRST:

  • A. gather information from the customers regarding response times and quality of service.
  • B. test the technical infrastructure at the call center.
  • C. review the manual and automated controls in the call center.
  • D. evaluate the operational risk associated with the call center.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by FAGFUR at Nov. 21, 2023, 8:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
IFBBPROSALCEDO
3 days, 12 hours ago
Selected Answer: D
When assessing a newly implemented call center, the IS auditor’s first step should be to evaluate the operational risks, because: This sets the foundation for identifying key areas that require control testing. It helps the auditor prioritize risks related to availability, confidentiality, integrity, and compliance. Risk evaluation drives a risk-based audit approach, which is the standard recommended by ISACA and professional audit practices.
upvoted 2 times
...
Malsaffar
5 months, 3 weeks ago
since question stated the word FIRST, not the MOST IMPORTANT, the answer is C. Auditor will first need to review manuals, documentations and controls implemented then can be evaluating the risk associated https://www.examtopics.com/discussions/isaca/view/126715-exam-cisa-topic-1-question-596-discussion/#with operations or other implemented controls
upvoted 1 times
...
Swallows
11 months, 2 weeks ago
Selected Answer: C
Option D, "Assess the operational risks associated with the call center," is also important, but risk assessment is usually considered a process that takes place after a control check. By checking controls first, the accuracy and effectiveness of risk assessment will be improved.
upvoted 2 times
...
Yejide03
1 year, 3 months ago
Selected Answer: D
D. evaluate the operational risk associated with the call center.
upvoted 2 times
...
takuanism
1 year, 5 months ago
Why not C?
upvoted 1 times
...
FAGFUR
1 year, 6 months ago
Selected Answer: C
Before gathering information from customers or conducting technical tests, it's important for the auditor to have a clear understanding of the internal controls that are in place. This includes both manual and automated controls that govern the operations of the call center. By reviewing these controls first, the auditor can identify potential weaknesses, gaps, or areas of concern that may need further investigation or testing.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel