Interested to Buy Any Domain ? << Click Here >> for more details...
A long-term IS employee with a strong technical background
and broad managerial experience has applied for a vacant
position in the IS audit department. Determining whether to
hire this individual for this position should be based on
the individual's experience and:
A. the length of service since this will help ensure
technical competence.
B. age as training in audit techniques may be impractical.
C. IS knowledge since this will bring enhanced credibility
to the audit function.
D. ability, as an IS auditor, to be independent of existing
IS relationships.
- 2 Answers
- 7882 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
Independence should be continually assessed by the auditor
and management. This assessment should consider such factors
as changes in personal relationships, financial interests
and prior job assignments and responsibilities. The fact
that the employee has worked in IS for many years may not in
itself ensure credibility. The audit department's needs
should be defined and any candidate should be evaluated
against those requirements. In addition, the length of
service will not ensure technical competency, and evaluating
an individual's qualifications based on the age of the
individual is not a good criterion and is illegal in many
parts of the world.
| Is This Answer Correct ? | 6 Yes | 0 No |
Answer / guest
D. ability, as an IS auditor, to be independent of existing
IS relationships.
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following would an IS auditor consider to be the MOST important to review when conducting a business continuity audit? A. A hot site is contracted for and available as needed. B. A business continuity manual is available and current. C. Insurance coverage is adequate and premiums are current. D. Media backups are performed on a timely basis and stored offsite.
Which of the following is a benefit of using callback devices? A. Provide an audit trail B. Can be used in a switchboard environment C. Permit unlimited user mobility D. Allow call forwarding
Which of the following is the MOST important function to be performed by IT management within an outsourced environment? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
An independent software program that connects two otherwise separate applications sharing computing resources across heterogeneous technologies is known as: A. middleware. B. firmware. C. application software. D. embedded systems.
Which of the following BEST describes the objectives of following a standard system development methodology? A. To ensure that appropriate staffing is assigned and to provide a method of controlling costs and schedules B. To provide a method of controlling costs and schedules and to ensure communication among users, IS auditors, management and IS personnel C. To provide a method of controlling costs and schedules and an effective means of auditing project development D. To ensure communication among users, IS auditors, management and personnel and to ensure that appropriate staffing is assigned
The PRIMARY objective of a firewall is to protect: A. internal systems from exploitation by external threats. B. external systems from exploitation by internal threats. C. internal systems from exploitation by internal threats. D. itself and attached systems against being used to attack other systems.
Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors
Which of the following BEST describes the early stages of an IS audit? A. Observing key organizational facilities. B. Assessing the IS environment. C. Understanding business process and environment applicable to the review. D. Reviewing prior IS audit reports.
The IS department of an organization wants to ensure that the computer files, used in the information processing facility, are backed up adequately to allow for proper recovery. This is a/an: A. control procedure. B. control objective. C. corrective control. D. operational control.
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
When using public key encryption to secure data being transmitted across a network: A. both the key used to encrypt and decrypt the data are public. B. the key used to encrypt is private, but the key used to decrypt the data is public. C. the key used to encrypt is public, but the key used to decrypt the data is private. D. both the key used to encrypt and decrypt the data are private.
Which of the following is an IS control objective? A. Output reports are locked in a safe place. B. Duplicate transactions do not occur. C. System backup/recovery procedures are updated periodically. D. System design and development meet users' requirements.
Cisco Certifications 
