Interested to Buy Any Domain ? << Click Here >> for more details...
An integrated test facility is considered a useful audit
tool because it:
A. is a cost-efficient approach to auditing application
controls.
B. enables the financial and IS auditors to integrate their
audit tests.
C. compares processing output with independently calculated
data.
D. provides the IS auditor with a tool to analyze a large
range of information.
- 2 Answers
- 23445 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / shashank kandhway
An integrated test facility (ITF) creates a fictitious
entity in a database to process test transactions
simultaneously with live input. It can be used to
incorporate test transactions into a normal production run
of a system. Its advantage is that periodic testing does
not require separate test processes. However, careful
planning is necessary, and test data must be isolated from
production data.
Integrated test facility is considered a useful audit tool
during an IT audit because it uses the same programs to
compare processing using independently calculated data.
This involves setting up dummy entities on an application
system and processing test or production data against the
entity as a means of verifying processing accurary.
| Is This Answer Correct ? | 28 Yes | 1 No |
Answer / guest
Answer: C
An integrated test facility is considered a useful audit
tool because it uses the same programs to compare processing
using independently calculated data. This involves setting
up dummy entities on an application system and processing
test or production data against the entity as a means of
verifying processing accuracy.
| Is This Answer Correct ? | 29 Yes | 4 No |
When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
In planning an audit, the MOST critical step is the identification of the:
Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
With reference to the risk management process, which of the following statements is correct? A. Vulnerabilities can be exploited by a threat. B. Vulnerabilities are events with the potential to cause harm to IS resources. C. Vulnerability exists because of threats associated with use of information resources. D. Lack of user knowledge is an example of a threat.
When reviewing a system development project an IS auditor would be PRIMARILY concerned with whether: A. business objectives are achieved. B. security and control procedures are adequate. C. the system utilizes the strategic technical infrastructure. D. development will comply with the approved quality management processes
An IS auditor performing a review of an application's controls would evaluate the: A. efficiency of the application in meeting the business processes. B. impact of any exposures discovered. C. business processes served by the application. D. the application's optimization.
During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.
Following a reorganization of a company's legacy database, it was discovered that records were accidentally deleted. Which of the following controls would have MOST effectively detected this occurrence? A. Range check B. Table lookups C. Run-to-run totals D. One-for-one checking
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
Cisco Certifications 
