Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

When reviewing a service level agreement for an outsourced
computer center an IS auditor should FIRST determine that:

A. the cost proposed for the services is reasonable.

B. security mechanisms are specified in the agreement.

C. the services in the agreement are based on an analysis of
business needs.

D. audit access to the computer center is allowed under the
agreement.

Question Posted / guest


When reviewing a service level agreement for an outsourced computer center an IS auditor should FIR..

Answer / guest

Answer: C

The first consideration in reviewing the agreement is to
ensure that the business is asking for the most appropriate
services to meet its business requirements. There should be
evidence that they have considered what services are
required, both at present and in the future. The cost is
important (choice A), since the business may be paying for
levels of services that are not required or are not
appropriate, but is not of first importance. Both, audit
access (choice D) and security objectives, rather than
security mechanisms (choice B), are issues to be considered
as part of the review, but are not of first importance.

Is This Answer Correct ?    5 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)

1 Answers  

Which of the following techniques or tools would assist an IS auditor when performing a statistical sampling of financial transactions maintained in a financial management information system? A. Spreadsheets B. Parallel simulation C. Generalized audit software D. Regression testing

1 Answers  

In which of the following phases of the system development life cycle (SDLC) is it the MOST important for the IS auditor to participate? A. Design B. Testing C. Programming D. Implementation

1 Answers  

Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.

1 Answers  

Which of the following concerns associated with the World Wide Web would be addressed by a firewall? A. Unauthorized access from outside the organization B. Unauthorized access from within the organization C. A delay in Internet connectivity D. A delay in downloading using file transfer protocol (FTP)

2 Answers  

When reviewing an organization's logical access security, which of the following would be of the MOST concern to an IS auditor? A. Passwords are not shared. B. Password files are encrypted. C. Redundant logon IDs are deleted. D. The allocation of logon IDs is controlled.

1 Answers  

Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals

1 Answers  

The quality assurance group is typically responsible for: A. ensuring that the output received from system processing is complete. B. monitoring the execution of computer processing tasks. C. ensuring that programs and program changes and documentation adhere to established standards. D. designing procedures to protect data against accidental disclosure, modification or destruction.

1 Answers   Nest,

In planning a software development project, which of the following is the MOST difficult to determine? A. Project slack times B. The project's critical path C. Time and resource requirements for individual tasks D. Relationships that preclude the start of an activity before others are complete

1 Answers  

Classification of information systems is essential in business continuity planning. Which of the following system types can not be replaced by manual methods? A. Critical system B. Vital system C. Sensitive system D. Non-critical system

1 Answers  

A critical function of a firewall is to act as a: A. special router that connects the Internet to a LAN. B. device for preventing authorized users from accessing the LAN. C. server used to connect authorized users to private trusted network resources. D. proxy server to increase the speed of access to authorized users.

2 Answers  

To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is: A. sequence check. B. key verification. C. check digit. D. completeness check.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)