Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor is assigned to perform a post implementation
review of an application system. Which of the following
situations may have impaired the independence of the IS
auditor? The IS auditor:
A. implemented a specific control during the development of
the application system.
B. designed an embedded audit module exclusively for
auditing the application system.
C. participated as a member of the application system
project team, but did not have operational responsibilities.
D.provided consulting advice concerning application system
best practices.
- 2 Answers
- 12025 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Independence may be impaired if the IS auditor is, or has
been, actively involved in the development, acquisition and
implementation of the application system. Choices B and C
are situations that do not impair the IS auditor's
independence. Choice D is incorrect because the IS auditor's
independence is not impaired by providing advice on known
best practices.
| Is This Answer Correct ? | 14 Yes | 1 No |
Answer / guest
A. implemented a specific control during the development of
the application system.
| Is This Answer Correct ? | 1 Yes | 1 No |
Utility programs that assemble software modules needed to execute a machine instruction application program version are: A. text editors. B. program library managers. C. linkage editors and loaders. D. debuggers and development aids.
Which of the following logical access exposures involves changing data before, or as it is entered into the computer? A. Data diddling B. Trojan horse C. Worm D. Salami technique
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in TCP services.
When implementing an application software package, which of the following presents the GREATEST risk? A. Uncontrolled multiple software versions B. Source programs that are not synchronized with object code C. Incorrectly set parameters D. Programming errors
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
Which of the following applet intrusion issues poses the GREATEST risk of disruption to an organization? A. A program that deposits a virus on a client machine B. Applets recording keystrokes and, therefore, passwords C. Downloaded code that reads files on a client's hard drive D. Applets opening connections from the client machine
Which of the following is the BEST way to handle obsolete magnetic tapes before disposing of them? A. Overwriting the tapes B. Initializing the tape labels C. Degaussing the tapes D. Erasing the tapes
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.
Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.
Cisco Certifications 
