Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is necessary to have FIRST in the
development of a business continuity plan?
A. Risk-based classification of systems
B. Inventory of all assets
C. Complete documentation of all disasters
D. Availability of hardware and software
- 1 Answers
- 5496 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
A well-defined, risk-based classification system for all
assets and processes of the organization is one of the most
important component for initializing the business continuity
planning efforts. A well-defined risk-based classification
system would assist in identifying the criticality of each
of the key processes and assets used by the organization.
This would assist in the easy identification of key assets
and processes to be secured and plans to be made to recover
these processes and assets at the earliest after a disaster.
Inventory of critical assets and not all assets is required
for initiating a business continuity plan. Complete
documentation of all disasters is not a prerequisite for
initiating a business continuity plan, rather various
disasters are considered while developing the plan and only
the one having an impact on the organization is addressed in
the plan. The availability of hardware and software is not
required for initiating the development of a plan; however,
it is considered when developing the detailed plan in
accordance with the strategy adopted.
| Is This Answer Correct ? | 4 Yes | 1 No |
Which of the following would enable an enterprise to provide access to its intranet (i.e., extranet) across the Internet to its business partners? A. Virtual private network B. Client-server C. Dial-in access D. Network service provider
Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.
Which of the following is the MOST important issue to the IS auditor in a business process re-engineering (BPR) project would be? A. The loss of middle management, which often is a result of a BPR project B. That controls are usually given low priority in a BPR project C. The considerable negative impact that information protection could have on BPR D. The risk of failure due to the large size of the task usually undertaken in a BPR project
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation? A. Specific developments only B. Business requirements only C. All phases of the installation must be documented D. No need to develop a customer specific documentation
An integrated test facility is considered a useful audit tool because it: A. is a cost-efficient approach to auditing application controls. B. enables the financial and IS auditors to integrate their audit tests. C. compares processing output with independently calculated data. D. provides the IS auditor with a tool to analyze a large range of information.
Which of the following would contribute MOST to an effective business continuity plan (BCP)? The BCP: A. document was circulated to all interested parties. B. planning involved all user departments. C. was approved by senior management. D. was audited by an external IS auditor.
The quality assurance group is typically responsible for: A. ensuring that the output received from system processing is complete. B. monitoring the execution of computer processing tasks. C. ensuring that programs and program changes and documentation adhere to established standards. D. designing procedures to protect data against accidental disclosure, modification or destruction.
Which of the following normally would be the MOST reliable evidence for an auditor? A. A confirmation letter received from a third party verifying an account balance B. Assurance from line management that an application is working as designed C. Trend data obtained from World Wide Web (Internet) sources D. Ratio analysis developed by the IS auditor from reports supplied by line management
If a database is restored using before-image dumps, where should the process be restarted following an interruption? A. Before the last transaction B. After the last transaction C. The first transaction after the latest checkpoint D. The last transaction before the latest checkpoint
An IS auditor performing an access controls review should be LEAST concerned if: A. audit trails were not enabled. B. programmers have access to the live environment. C. group logons are being used for critical functions. D. the same user can initiate transactions and also change related parameters.
When reviewing the IT strategic planning process, an IS auditor should ensure that the plan: A. incorporates state of the art technology. B. addresses the required operational controls. C. articulates the IT mission and vision. D. specifies project management practices.
Which of the following should be the FIRST step of an IS audit? A. Create a flowchart of the decision branches. B. Gain an understanding of the environment under review. C. Perform a risk assessment. D. Develop the audit plan.
Cisco Certifications 
