Interested to Buy Any Domain ? << Click Here >> for more details...
Before reporting results of an audit to senior management,
an IS auditor should:
A. Confirm the findings with auditees.
B. Prepare an executive summary and send it to auditee
management.
C. Define recommendations and present the findings to the
audit committee.
D. Obtain agreement from the auditee on findings and actions
to be taken.
- 1 Answers
- 5817 Views
- TPA, I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Upon completion of an audit, an IS auditor should discuss
with auditees the audit objectives for work performed, the
test and evaluation techniques used, and the outcome of
those tests that led to findings. The auditor should also
obtain the agreement/disagreement of the auditee regarding
the findings and the actions the auditor plans to take.
| Is This Answer Correct ? | 5 Yes | 0 No |
Utilizing audit software to compare the object code of two programs is an audit technique used to test program: A. logic. B. changes. C. efficiency. D. computations.
The secure socket layer (SSL) protocol addresses the confidentiality of a message through: A. symmetric encryption. B. message authentication code. C. hash function. D. digital signature certificates.
In an EDI process, the device which transmits and receives electronic documents is the: A. communications handler. B. EDI translator. C. application interface. D. EDI interface.
In a data warehouse, data quality is achieved by: A. cleansing. B. restructuring. C. source data credibility. D. transformation.
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)
Change control procedures to prevent scope creep during an application development project should be defined during: A. design. B. feasibility. C. implementation. D. requirements definition.
Controls designed to ensure that unauthorized changes are not made to information residing in a computer file are known as: A. data security controls. B. implementation controls. C. program security controls. D. computer operations controls.
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical system B. Vital system C. Sensitive system D. Non-critical system
Data flow diagrams are used by IS auditors to: A. order data hierarchically. B. highlight high-level data definitions. C. graphically summarize data paths and storage. D. portray step-by-step details of data generation.
An IS auditor reviews an organization chart PRIMARILY for: A. an understanding of workflows. B. investigating various communication channels. C. understanding the responsibilities and authority of individuals. D. investigating the network connected to different employees.
Which of the following is the MOST reasonable option for recovering a noncritical system? A. Warm site B. Mobile site C. Hot site D. Cold site
Cisco Certifications 
