During a review of a customer master file an IS auditor
discovered numerous customer name duplications arising from
variations in customer first names. To determine the extent
of the duplication the IS auditor would use:
A. test data to validate data input.
B. test data to determine system sort capabilities.
C. generalized audit software to search for address field
duplications.
D. generalized audit software to search for account field
duplications.
- 1 Answers
- 8310 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Since the name is not the same (due to name variations), one
method to detect duplications would be to compare other
common fields, such as addresses. Subsequent review to
determine common customer names at these addresses could
then be conducted. Searching for duplicate account numbers
would not likely find duplications since customers would
most likely have different account numbers for each
variation. Test data would not be useful to detect the
extent of any data characteristic, but simply to determine
how the data were processed.
| Is This Answer Correct ? | 4 Yes | 1 No |
The most common reason for the failure of information systems to meet the needs of users is that: A. user needs are constantly changing. B. the growth of user requirements was forecast inaccurately. C. the hardware system limits the number of concurrent users. D. user participation in defining the system's requirements was inadequate.
Which of these has the potential to improve security incident response processes? A. Review the incident response procedures. B. Post-mortem or post-event reviews by the security team. C. Getting the hot-site ready. D. Reviw the BCP plan every six months
An IS auditor needs to link his/her microcomputer to a mainframe system that uses binary synchronous data communications with block data transmission. However, the IS auditor's microcomputer, as presently configured, is capable of only asynchronous ASCII character data communications. Which of the following must be added to the IS auditor's computer to enable it to communicate with the mainframe system? A. Buffer capacity and parallel port B. Network controller and buffer capacity C. Parallel port and protocol conversion D. Protocol conversion and buffer capability
When an IS auditor obtains a list of current users with access to a WAN/LAN and verifies that those listed are active associates, the IS auditor is performing a: A. compliance test. B. substantive test. C. statistical sample. D. risk assessment.
Which of the following would provide a mechanism whereby IS management can determine if the activities of the organization have deviated from the planned or expected levels? A. Quality management B. IS assessment methods C. Management principles D. Industry standards/benchmarking
Which of the following information valuation methods is LEAST likely to be used during a security review? A. Processing cost B. Replacement cost C. Unavailability cost D. Disclosure cost
When reviewing the IT strategic planning process, an IS auditor should ensure that the plan: A. incorporates state of the art technology. B. addresses the required operational controls. C. articulates the IT mission and vision. D. specifies project management practices.
The responsibilities of a disaster recovery relocation team include: A. obtaining, packaging and shipping media and records to the recovery facilities, as well as establishing and overseeing an offsite storage schedule. B. locating a recovery site if one has not been predetermined and coordinating the transport of company employees to the recovery site. C. managing the relocation project and conducting a more detailed assessment of the damage to the facilities and equipment. D. coordinating the process of moving from the hot site to a new location or to the restored original location.
The review of router access control lists should be conducted during a/an: A. environmental review. B. network security review. C. business continuity review. D. data integrity review.
Which of the following procedures should be implemented to help ensure the completeness of inbound transactions via electronic data interchange (EDI)? A. Segment counts built into the transaction set trailer B. A log of the number of messages received, periodically verified with the transaction originator C. An electronic audit trail for accountability and tracking D. Matching acknowledgement transactions received to the log of EDI messages sent
Which of the following is the BEST form of transaction validation? A. Use of key field verification techniques in data entry B. Use of programs to check the transaction against criteria set by management C. Authorization of the transaction by supervisory personnel in an adjacent department D. Authorization of the transaction by a department supervisor prior to the batch process
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is best ensured by: A. database integrity checks. B. validation checks. C. input controls. D. database commits and rollbacks.
Cisco Certifications 
