Answer / guest

Answer: A

The internal control objectives apply to all areas, whether
manual or automated. There are additional objectives to be
achieved in the IS environment, when compared to the manual
environment. Common control objectives remain unchanged in
both the IS environment and manual environment, although the
implementation of the control functions may be different in
the IS environment, e.g., the adequacy of backup/recovery in
a common internal control objective for IS and manual
environment. The specific IS control objective may be to
adequately back up the files to allow for proper recovery.
This may be achieved by implementing proper control
procedures, such as business continuity policy, in the IS
department. Therefore, the implementation of the control
functions may be different in the IS environment. But the
common control objectives in an IS environment remains
unchanged from a manual environment.

Answer / mandla

a

A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.

1 Answers  

---

Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance

2 Answers  

---

Which audit technique provides the BEST evidence of the segregation of duties in an IS department? A. Discussion with management B. Review of the organization chart C. Observation and interviews D. Testing of user access rights

1 Answers  

---

An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable? A. Electromagnetic interference (EMI) B. Cross talk C. Dispersion D.Attenuation

2 Answers  

---

During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation

2 Answers  

---

When auditing the requirements phase of a software acquisition, the IS auditor should: A. assess the feasibility of the project timetable. B. assess the vendor?s proposed quality processes. C. ensure that the best software package is acquired. D. review the completeness of the specifications.

2 Answers  

---

Which of the following is the basic objective of a control self-assessment program?

4 Answers  

---

Java applets and ActiveX controls are distributed executable programs that execute in the background of a web browser client. This practice is considered reasonable when: A. a firewall exists. B. a secure web connection is used. C. the source of the executable is certain. D. the host website is part of your organization.

1 Answers  

---

Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.

1 Answers  

---

Which of the following is the operating system mode in which all instructions can be executed? A. Problem B. Interrupt C. Supervisor D. Standard processing

1 Answers  

---

Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected

2 Answers  

---

During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.

1 Answers  

---