Which of the following is the MOST likely reason why e-mail
systems have become a useful source of evidence for litigation?
A. Multiple cycles of backup files remain available.
B. Access controls establish accountability for e-mail activity.
C. Data classification regulates what information should be
communicated via e-mail.
D. Within the enterprise, a clear policy for using e-mail
ensures that evidence is available.
Answer / guest
Answer: A
Backup files containing documents, which supposedly have
been deleted, could be recovered from these files. Access
controls may help establish accountability for the issuance
of a particular document, but this does not provide evidence
of the e-mail. Data classification standards may be in place
with regards to what should be communicated via e-mail, but
the creation of the policy does not provide the information
required for litigation purposes.
Is This Answer Correct ? | 4 Yes | 0 No |
When reviewing the quality of an IS department's development process, the IS auditor finds that they do not use any formal, documented methodology and standards. The IS auditor's MOST appropriate action would be to: A. complete the audit and report the finding. B. investigate and recommend appropriate formal standards. C. document the informal standards and test for compliance. D. withdraw and recommend a further audit when standards are implemented.
If an application program is modified and proper system maintenance procedures are in place, which of the following should be tested? The: A. integrity of the database B. access controls for the applications programmer C. complete program, including any interface systems D. segment of the program containing the revised code
Confidential data stored on a laptop is BEST protected by: A. storage on optical disks. B. logon ID and password. C. data encryption. D. physical locks.
Which of the following is a substantive test?
An IS auditor who is participating in a systems development project should: A. recommend appropriate control mechanisms regardless of cost. B. obtain and read project team meeting minutes to determine the status of the project. C. ensure that adequate and complete documentation exists for all project phases. D. not worry about his/her own ability to meet target dates since work will progress regardless.
52. Which of the following tests confirm that the new system can operate in its target environment?
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
Which of the following is MOST effective in controlling application maintenance? A. Informing users of the status of changes B. Establishing priorities on program changes C. Obtaining user approval of program changes D. Requiring documented user specifications for changes
Which of the following BEST describes an IT department?s strategic planning process? A. The IT department will have either short-range or long-range plans depending on the organization?s broader plans and objectives. B. The IT department?s strategic plan must be time and project oriented, but not so detailed as to address and help determine priorities to meet business needs. C. Long-range planning for the IT department should recognize organizational goals, technological advances and regulatory requirements. D. Short-range planning for the IT department does not need to be integrated into the short-range plans of the organization since technological advances will drive the IT department plans much quicker than organizational plans.
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
Which of the following is the PRIMARY safeguard for securing software and data within an information processing facility? A. Security awareness B. Reading the security policy C. Security committee D. Logical access controls
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard-copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following are necessary to restore these files? A. The previous day's backup file and the current transaction tape B. The previous day's transaction file and the current transaction tape C. The current transaction tape and the current hard-copy transaction log D. The current hard-copy transaction log and the previous day's transaction file