In a risk-based audit approach, an IS auditor should FIRST
complete :
- 7 Answers
- 8927 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / bbb
A. inherent risk assessment.
B. control risk assessment.
C. test of control assessment.
D. substantive test assessment.
| Is This Answer Correct ? | 12 Yes | 1 No |
Answer / turki
A. inherent risk assessment.
B. control risk assessment.
C. test of control assessment.
D. substantive test assessment.
| Is This Answer Correct ? | 1 Yes | 0 No |
Which of the following would be of MOST concern to an IS auditor reviewing a VPN implementation? Computers on the network that are located: A. on the enterprise's facilities. B. at the backup site. C. in employees' homes. D. at the enterprise's remote offices.
Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.
The MOST effective method for limiting the damage of an attack by a software virus is: A. software controls. B. policies, standards and procedures. C. logical access controls. D. data communication standards.
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
The rate of change of technology increases the importance of: A. outsourcing the IS function. B. implementing and enforcing good processes. C. hiring personnel willing to make a career within the organization. D. meeting user requirements.
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
A validation which ensures that input data are matched to predetermined reasonable limits or occurrence rates, is known as: A. Reasonableness check. B. Validity check. C. Existence check. D. Limit check.
An IS auditor discovers that an organization?s business continuity plan provides for an alternate processing site that will accommodate fifty percent of the primary processing capability. Based on this, which of the following actions should the IS auditor take? A. Do nothing, because generally, less than twenty-five percent of all processing is critical to an organization?s survival and the backup capacity, therefore is adequate. B. Identify applications that could be processed at the alternate site and develop manual procedures to backup other processing. C. Ensure that critical applications have been identified and that the alternate site could process all such applications. D. Recommend that the information processing facility arrange for an alternate processing site with the capacity to handle at least seventy-five percent of normal processing.
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.
Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)
What type of transmission requires modems? A. Encrypted B. Digital C. Analog D. Modulated
Cisco Certifications 
