Interested to Buy Any Domain ? << Click Here >> for more details...
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that:
A. assessment of the situation may be delayed.
B. execution of the disaster recovery plan could be impacted.
C. notification of the teams might not occur.
D. potential crisis recognition might be delayed.
- 1 Answers
- 7205 Views
- I also Faced
- E-Mail Answers
The correct answer is B
A. Problem and severity assessment would provide information necessary in declaring a disaster, but the lack of a crisis declaration point would not delay the assessment.
B. Execution of the business continuity and disaster recovery plans would be impacted if the organization does not know when to declare a crisis.
C. After a potential crisis is recognized, the teams responsible for crisis management need to be notified. Delaying the declaration of a disaster would impact or negate the effect of having response teams, but this is only one part of the larger impact.
D. Potential crisis recognition is the first step in recognizing or responding to a disaster and would occur prior to the declaration of a disaster.
Question #: 253 CISA Job Practice Task Statement: 2.10
| Is This Answer Correct ? | 3 Yes | 0 No |
Which of the following is the MOST effective type of antivirus software? A. Scanners B. Active monitors C. Integrity checkers D. Vaccines
hello all i want to do cisa certification but dont have knowledge of auditing. i m fresher and ccna certified. so, please advice me how should i prepare .and having cisa certification is it easy to get a job. please reply as soon as possible.
Which of the following provides nonrepudiation services for e-commerce transactions? A. Public key infrastructure (PKI) B. Data encryption standard (DES) C. Message authentication code (MAC) D. Personal identification number (PIN)
A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives? A. Establishing an inter-networked system of client servers with suppliers for increased efficiencies B. Outsourcing the function to a firm specializing in automated payments and accounts receivable/invoice processing C. Establishing an EDI system of electronic business documents and transactions with key suppliers, computer to computer, in a standard format D. Reengineering the existing processing and redesigning the existing system
An IS auditor is assigned to perform a post implementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor: A. implemented a specific control during the development of the application system. B. designed an embedded audit module exclusively for auditing the application system. C. participated as a member of the application system project team, but did not have operational responsibilities. D.provided consulting advice concerning application system best practices.
While designing the business continuity plan (BCP) for an airline reservation system, the MOST appropriate method of data transfer/back up at an offsite location would be: A. shadow file processing. B. electronic vaulting. C. hard-disk mirroring. D. hot-site provisioning.
The responsibility for designing, implementing and maintaining a system of internal control lies with: A. the IS auditor. B. management. C. the external auditor. D. the programming staff.
When reviewing a business process reengineering (BPR) project, which of the following is the MOST important for an IS auditor to evaluate? A. The impact of removed controls. B. The cost of new controls. C. The BPR project plans. D. The continuous improvement and monitoring plans.
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
Which tests is an IS auditor performing when certain program is selected to determine if the source and object versions are the same?
To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.
Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)
Cisco Certifications 
