Interested to Buy Any Domain ? << Click Here >> for more details...
Corrective action has been taken by an auditee immediately
after the identification of a reportable finding. The
auditor should:
A. include the finding in the final report because the IS
auditor is responsible for an accurate report of all findings.
B. not include the finding in the final report because the
audit report should include only unresolved findings.
C. not include the finding in the final report because
corrective action can be verified by the IS auditor during
the audit.
D. include the finding in the closing meeting for discussion
purposes only.
- 2 Answers
- 10633 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Including the finding in the final report is a generally
accepted audit practice. If an action is taken after the
audit started and before it ended, the audit report should
identify the finding and describe the corrective action
taken. An audit report should reflect the situation, as it
existed at the start of the audit. All corrective actions
taken by the auditee should be reported in writing.
| Is This Answer Correct ? | 5 Yes | 0 No |
Answer / guest
A. include the finding in the final report because the IS
auditor is responsible for an accurate report of all
findings.
| Is This Answer Correct ? | 4 Yes | 1 No |
Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? A. Response B. Correction C. Detection D. Monitoring
When two or more systems are integrated, input/output controls must be reviewed by the IS auditor in the: A. systems receiving the output of other systems. B. systems sending output to other systems. C. systems sending and receiving data. D. interfaces between the two systems.
The PRIMARY reason for using digital signatures is to ensure data: A. confidentiality. B. integrity. C. availability. D. timeliness.
An IS auditor should be concerned when a telecommunication analyst: A. monitors systems performance and tracks problems resulting from program changes. B. reviews network load requirements in terms of current and future transaction volumes. C. assesses the impact of the network load on terminal response times and network data transfer rates. D. recommends network balancing procedures and improvements.
Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.
A utility is available to update critical tables in case of data inconsistency. This utility can be executed at the OS prompt or as one of menu options in an application. The BEST control to mitigate the risk of unauthorized manipulation of data is to: A. delete the utility software and install it as and when required. B. provide access to utility on a need-to-use basis. C. provide access to utility to user management D. define access so that the utility can be only executed in menu option.
Which of the following reports is a measure of telecommunication transmissions and determines whether transmissions are completed accurately? A. Online monitor reports B. Downtime reports C. Help desk reports D. Response time reports
Following a reorganization of a company's legacy database, it was discovered that records were accidentally deleted. Which of the following controls would have MOST effectively detected this occurrence? A. Range check B. Table lookups C. Run-to-run totals D. One-for-one checking
Which of the following data validation edits is effective in detecting transposition and transcription errors? A. Range check B. Check digit C. Validity check D. Duplicate check
A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.
Functional acknowledgements are used: A. as an audit trail for EDI transactions. B. to functionally describe the IS department. C. to document user roles and responsibilities. D. as a functional description of application software.
Which of the following BEST describes an IT department?s strategic planning process? A. The IT department will have either short-range or long-range plans depending on the organization?s broader plans and objectives. B. The IT department?s strategic plan must be time and project oriented, but not so detailed as to address and help determine priorities to meet business needs. C. Long-range planning for the IT department should recognize organizational goals, technological advances and regulatory requirements. D. Short-range planning for the IT department does not need to be integrated into the short-range plans of the organization since technological advances will drive the IT department plans much quicker than organizational plans.
Cisco Certifications 
