Papersbyjol

Who should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the prime reason for review of an organization chart? - ANSWERTo understand the authority and responsibility of individuals The actions of an IS auditor are primiarily influenced by - ANSWERAudit Charter Which document provides the overall authority for an auditor to perform ...

Which of the following is most closely related to data backup frequency? - ANSWERRPO Which of the following identifies how negative incidents affect business operations? - ANSWERBusiness impact analysis What is the overall purpose of an ARP poisoning attack? - ANSWERForce user traffic through the attacker's machine How many disks are required to configure RAID 5? - ANSWER3

Who should approve the audit charter of an organization? - ANSWERSenior Management What should the content of an audit charter be? - ANSWERThe scope, authority, and responsibilities of the audit function What is the primary reason for the audit function directly reporting to the audit committee? - ANSWERThe audit function must be independent of the business function and should have direct access to the audit committee of the board what does the information systems audit provide? - ANSWE...

Audit Charter - ANSWERa formal document that contains: 1. scope of the audit functions 2. authority of the audit functions 3. responsibility of the audit functions Audit Universe - ANSWERAn inventory of all the functions/processes/units under the organization Qualitative Risk Assessment - ANSWERRisk is assessed using qualitative parameters, such as high, medium, and low Quantitative Risk Assessment - ANSWERRisk is assessed using numerical parameters and is quantified Risk Factors...

Which of the following controls will MOST effectively detect the presence of bursts of errors in network transmissions? a. Parity check b. Echo check c. Block sum check d. Cyclic redundancy check - ANSWERd. Cyclic redundancy check An employee loses a mobile device resulting in loss of sensitive corporate data. Which of the following would have BEST prevented data leakage? A. Data encryption on the mobile device B. The triggering of remote data wipe capabilities C. Awareness training fo...

Which of the following is the BEST preventive control to protect the confidentiality of data on a corporate smartphone in the event it is lost? a) Biometric authentication for the device b) Remote data wipe program c) Encryption of the data stored on the device d) Password for device authentication - ANSWERc) Encryption of the data stored on the device Note the question asks about a PREVENTATIVE control to protect CONFIDENTIALITY. Confidentiality entails the efforts to keep data private, ...

1. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)? A References from other customers B Service level agreement (SLA) template C Maintenance agreement D Conversion plan - ANSWERThe answer is A An IS auditor should look for an independent verification that the ISP can perform the tasks being contracted for. References from other customers would pr...

Most important step in risk analysis is to identify a. Competitors b. controls c. vulnerabilities d. liabilities - ANSWERc. vulnerabilities In a risk based audit planning, an IS auditor's first step is to identify: a. responsibilities of stakeholders b. high-risk areas within the organization c. cost centre d. profit centre - ANSWERb. high-risk areas within the organization When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure ...

Completing a Risk Analysis. - ANSWERWhat is the most important consideration before implementing a new technology? Indemnity Clause - ANSWERWhat is a clause that holds providers financially liable for violations? Agreed upon performance metrics in the SLA - ANSWERWhat is the best reference for vendor's ability to meet its SLA? Integrated Test Facility (ITF) - ANSWERWhat creates a fictitious entity in the database to process test transactions simultaneously with live input Its adva...

IT governance is most concerned with A. Security policy B. IT policy C. IT strategy D. IT executive compensation - ANSWERIT Strategy IT governance is the mechanism through which IT strategy is established, controlled, and monitored through the balanced scorecard. Long-term and other strategic decisions are made in the context of IT governance. One of the advantages of outsourcing is A. It permits the organization to focus on core competencies. B. It results in reduced costs. C. It pr...