Interested to Buy Any Domain ? << Click Here >> for more details...
The document used by the top management of organizations to
delegate authority to the IS audit function is the:
A. long-term audit plan.
B. audit charter.
C. audit planning methodology.
D. steering committee minutes.
- 1 Answers
- 7209 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The audit charter outlines the overall authority, scope and
responsibilities of the audit function to achieve the audit
objectives stated in it. This document serves as an
instrument for the delegation of authority to the IS audit
function. Long-term audit planning relates to those aspects
of the audit plan that are impacted by the organization?s IT
strategy and environment. Audit planning commences only
after the audit charter has been approved by the highest
level of management. The audit planning methodologies are
decided upon based on the analysis of both long- and
short-term audit issues. The steering committee minutes
should address the approval of the audit charter but is not
the driver that delegates authority.
| Is This Answer Correct ? | 3 Yes | 0 No |
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? A. Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). B. A digital signature with RSA has been implemented. C. Digital certificates with RSA are being used. D. Work is being completed in TCP services.
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.
Web and e-mail filtering tools are PRIMARILY valuable to an organization because they: A. Safeguard the organization’s image. B. Maximize employee performance. C. Protect the organization from viruses and nonbusiness materials. D. Assist the organization in preventing legal issues.
An IS steering committee should: A. include a mix of members from different departments and staff levels. B. ensure that IS security policies and procedures have been executed properly. C. have formal terms of reference and maintain minutes of its meetings. D. be briefed about new trends and products at each meeting by a vendor.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
An organization is considering installing a LAN in a site under construction. If system availability is the main concern, which of the following topologies is MOST appropriate? A. Ring B. Line C. Star D. Bus
Requiring passwords to be changed on a regular basis, assigning a new one-time password when a user forgets his/hers, and requiring users not to write down their passwords are all examples of: A. audit objectives. B. audit procedures. C. controls objectives. D. control procedures.
E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:
Utility programs that assemble software modules needed to execute a machine instruction application program version are: A. text editors. B. program library managers. C. linkage editors and loaders. D. debuggers and development aids.
When reviewing the IT strategic planning process, an IS auditor should ensure that the plan: A. incorporates state of the art technology. B. addresses the required operational controls. C. articulates the IT mission and vision. D. specifies project management practices.
Cisco Certifications 
