Answer / guest

Answer: B

Controls should be given high priority during a BPR project,
therefore this would be a concern for the IS auditor if they
are not adequately considered by management. The fact that
middle management is lost, as stated in choice A, is not
necessarily a concern as long as controls are in place.
Choices C and D do not have any relevance to a BPR project.

Answer / antoine

B. That controls are usually given low priority in a BPR
project

When developing a risk management program, the FIRST activity to be performed is a/an: A. threats assessment. B. classification of data. C. inventory of assets. D. criticality analysis.

1 Answers  

---

An IS auditor discovers that an organization?s business continuity plan provides for an alternate processing site that will accommodate fifty percent of the primary processing capability. Based on this, which of the following actions should the IS auditor take? A. Do nothing, because generally, less than twenty-five percent of all processing is critical to an organization?s survival and the backup capacity, therefore is adequate. B. Identify applications that could be processed at the alternate site and develop manual procedures to backup other processing. C. Ensure that critical applications have been identified and that the alternate site could process all such applications. D. Recommend that the information processing facility arrange for an alternate processing site with the capacity to handle at least seventy-five percent of normal processing.

1 Answers  

---

Which of the following is the MOST critical and contributes the MOST to the quality of data in a data warehouse? A. Accuracy of the source data B. Credibility of the data source C. Accuracy of the extraction process D. Accuracy of the data transformation

1 Answers  

---

A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.

1 Answers  

---

Which of the following forms of evidence for the auditor would be considered the MOST reliable? A. An oral statement from the auditee B. The results of a test performed by an IS auditor C. An internally generated computer accounting report D. A confirmation letter received from an outside source

2 Answers  

---

To review access to ceratin data base to determine whether the "new user" forms were correctly authorized. This is an example of:

4 Answers  

---

In which of the following network configurations would problem resolution be the easiest? A. Bus B. Ring C.Star D. Mesh

1 Answers  

---

A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.

1 Answers  

---

Which of the following controls would be the MOST comprehensive in a remote access network with multiple and diverse subsystems? A. Proxy server B. Firewall installation C. Network administrator D. Password implementation and administration

1 Answers  

---

An existing system is being extensively enhanced by extracting and reusing design and program components. This is an example of: A. reverse engineering. B. prototyping. C. software reuse. D. reengineering.

2 Answers  

---

Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator

1 Answers  

---

An IS auditor is reviewing a project that is using an agile software development approach. Which of the following should the IS auditor expect to find? A. Use of a capability maturity model (CMM) B. Regular monitoring of task-level progress against schedule C. Extensive use of software development tools to maximize team productivity D. Postiteration reviews that identify lessons learned for future use in the project

1 Answers  

---