- All Exams Instant Download
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?A . System flowchart B. Data flow diagram C. Process flowchart D. Entity-relationship diagramView AnswerAnswer: C
Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?
Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?A . The IS auditor provided consulting advice concerning application system best practices. B. The IS auditor participated as a member of the application system project team, but...
What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?
What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?A . Senior management's request B. Prior year's audit findings C. Organizational risk assessment D. Previous audit coverage and scopeView AnswerAnswer: C
Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
An IS auditor is examining a front-end subledger and a main ledger. Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?A . Double-posting of a single journal entry B. Inability to support new business transactions C. Unauthorized...
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?A . Audit cycle defined in the audit plan B. Complexity of management's action plans C. Recommendation from executive management D. Residual risk from the findings of previous auditsView AnswerAnswer: D
Which of the following would be of GREATEST concern to the auditor?
An IS auditor is reviewing an organization's information asset management process. Which of the following would be of GREATEST concern to the auditor?A . The process does not require specifying the physical locations of assets. B. Process ownership has not been established. C. The process does not include asset review....
Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?
Which of the following should be an IS auditor's PRIMARY focus when developing a risk-based IS audit program?A . Portfolio management B. Business plans C. Business processes D. IT strategic plansView AnswerAnswer: D
Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
A system development project is experiencing delays due to ongoing staff shortages. Which of the following strategies would provide the GREATEST assurance of system quality at implementation?A . Implement overtime pay and bonuses for all development staff. B. Utilize new system development tools to improve productivity. C. Recruit IS staff...
Which of the following should the auditor recommend be performed FIRST?
An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons. Which of the following should the auditor recommend be performed FIRST?A . Implement a process to actively monitor postings on social networking sites. B. Adjust budget for network usage...
What is the BEST control to address SQL injection vulnerabilities?
What is the BEST control to address SQL injection vulnerabilities?A . Unicode translation B. Secure Sockets Layer (SSL) encryption C. Input validation D. Digital signaturesView AnswerAnswer: C
