Interested to Buy Any Domain ? << Click Here >> for more details...
The BEST time to perform a control self-assessment involving
line management, line staff and the audit department is at
the time of:
A. compliance testing.
B. the preliminary survey.
C. substantive testing.
D. the preparation of the audit report.
- 1 Answers
- 4837 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Control self-assessment is a process in which the auditor
can get the auditees together, understand the business
process, define the controls and generate an assessment of
how well the controls are working. This is accomplished
ideally during the preliminary data gathering phase. Choices
A, C, D are audit steps that are performed after a control
self-assessment has been completed.
| Is This Answer Correct ? | 4 Yes | 0 No |
An IS auditor performing an access controls review should be LEAST concerned if: A. audit trails were not enabled. B. programmers have access to the live environment. C. group logons are being used for critical functions. D. the same user can initiate transactions and also change related parameters.
Which of the following functions, if performed by scheduling and operations personnel, would be in conflict with a policy requiring a proper segregation of duties? A. Job submission B. Resource management C. Code correction D. Output distribution
During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.
Which of the ISO/OSI model layers provides for routing packets between nodes? A. Data link B. Network C. Transport D. Session
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly. B. the control environment is poor. C. inherent risk is low. D. control risks are within the acceptable limits.
Which of the following forms of evidence for the auditor would be considered the MOST reliable? A. An oral statement from the auditee B. The results of a test performed by an IS auditor C. An internally generated computer accounting report D. A confirmation letter received from an outside source
The most likely error to occur when implementing a firewall is: A. incorrectly configuring the access lists. B. compromising the passwords due to social engineering. C. connecting a modem to the computers in the network. D. inadequately protecting the network and server from virus attacks.
Which of the following is the MOST reasonable option for recovering a noncritical system? A. Warm site B. Mobile site C. Hot site D. Cold site
An IS auditor reviewing an organization's IT strategic plan should FIRST review: A. the existing IT environment. B. the business plan. C. the present IT budget. D. current technology trends.
Which of the following imaging technologies captures handwriting from a preprinted form and converts it into an electronic format? A. Magnetic ink character recognition (MICR) B. Intelligent voice recognition (IVR) C. Bar code recognition (BCR) D. Optical character recognition (OCR)
The use of statistical sampling procedures helps minimize: A. sampling risk. B. detection risk. C. inherent risk. D. control risk.
Cisco Certifications 
