Answer / guest

Answer: B

"All four processes are essential for developing the
business continuity plan

however, a business impact analysis is the first process so
as to determine the impact of a disaster on the business
operations. Information classification helps to determine
the priorities of application recovery, while recovering
from a disaster event. Alternate site requirements are
decided and the site is selected based on the business
impact analysis and recovery priorities. The testing of the
plan is done after the above processes are complete."

Which of the following is an objective of a control self-assessment (CSA) program? A. Audit responsibility enhancement B. Problem identification C. Solution brainstorming D. Substitution for an audit

1 Answers  

---

Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration

1 Answers  

---

When reviewing a system development project at the project initiation stage, an IS auditor finds that the project team is following the organization's quality manual. To meet critical deadlines the project team proposes to fast track the validation and verification processes, commencing some elements before the previous deliverable is signed off. Under these circumstances, the IS auditor would MOST likely: A. report this as a critical finding to senior management. B. accept that different quality processes can be adopted for each project. C. report to IS management the team's failure to follow quality procedures. D. report the risks associated with fast tracking to the project steering committee.

1 Answers  

---

To share data in a multivendor network environment, it is essential to implement program-to-program communication. With respect to program-to-program communication features that can be implemented in this environment, which of the following makes implementation and maintenance difficult? A. User isolation B. Controlled remote access C. Transparent remote access D. The network environments

1 Answers  

---

An organization is moving its application maintenance in-house from an outside source. Which of the following should be the main concern of an IS auditor? A. Regression testing B. Job scheduling C. User manuals D. Change control procedures

2 Answers  

---

The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.

1 Answers  

---

Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting

1 Answers  

---

The BEST time to perform a control self-assessment involving line management, line staff and the audit department is at the time of: A. compliance testing. B. the preliminary survey. C. substantive testing. D. the preparation of the audit report.

1 Answers  

---

Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.

2 Answers  

---

A data warehouse is: A. object orientated. B. subject orientated. C. departmental specific. D. a volatile databases.

2 Answers  

---

Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity

1 Answers  

---

Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.

1 Answers  

---