- All Exams Instant Download
What is the GREATEST concern with this request?
An IS auditor submitted audit reports and scheduled a follow-up audit engagement with a client. The client has requested to engage the services of the same auditor to develop enhanced controls. What is the GREATEST concern with this request?A . It would require the approval of the audit manager.B ....
Which of the following is MOST important for the auditor to verify is included in the procedures?
An IS auditor is evaluating the completeness of privacy procedures involving personally identifiable information (PII). Which of the following is MOST important for the auditor to verify is included in the procedures?A . Regulatory requirements for protecting PIIB . The organization’s definition of PIIC . Encryption requirements for transmitting PII...
Which of the following provides the BEST evidence of successfully completed batch uploads?
Which of the following provides the BEST evidence of successfully completed batch uploads?A . Sign-off on the batch journalB . Using sequence controlsC . Enforcing batch cut-off timesD . Reviewing process logsView AnswerAnswer: B
Before concluding that internal controls can be relied upon, the IS auditor should:
Before concluding that internal controls can be relied upon, the IS auditor should:A . discuss the internal control weaknesses with the auditeeB . document application controlsC . conduct tests of complianceD . document the system of internal controlView AnswerAnswer: D
In which of the following SDLC phases would the IS auditor expect to find that controls have been incorporated into system specifications?
In which of the following SDLC phases would the IS auditor expect to find that controls have been incorporated into system specifications?A . DevelopmentB . ImplementationC . DesignD . FeasibilityView AnswerAnswer: B
A shared resource matrix is a technique commonly used to locate:
A shared resource matrix is a technique commonly used to locate:A . Malicious codeB . Security flawsC . Trap doorsD . Covert channelsView AnswerAnswer: D Explanation: Analyzing resources of a system is one standard for locating covert channels because the basis of a covert channel is a shared resource. The...
Which of the following is the PRIMARY benefit of using an integrated audit approach?
Which of the following is the PRIMARY benefit of using an integrated audit approach?A . Higher acceptance of the findings from the audited business areasB . The avoidance of duplicated work and redundant recommendationsC . Enhanced allocation of resources and reduced audit costsD . A holistic perspective of overall risk...
What should the IS auditor recommend as the FIRST course of action by IT management?
An organization plans to deploy Wi-Fi location analytics to count the number of shoppers per day across its various retail outlets. What should the IS auditor recommend as the FIRST course of action by IT management?A . Conduct a privacy impact assessmentB . Mask media access control (MAC) addressesC ....
Which of the following security control is intended to avoid an incident from occurring?
Which of the following security control is intended to avoid an incident from occurring?A . DeterrentB . PreventiveC . CorrectiveD . RecoveryView AnswerAnswer: B Explanation: Preventive controls are intended to avoid an incident from occurring For your exam you should know below information about different security controls Deterrent Controls Deterrent...
Statistical sampling is NOT based on which of the following audit sample techniques?
Statistical sampling is NOT based on which of the following audit sample techniques?A . Haphazard SamplingB . Random SamplingC . Cell SamplingD . Fixed interval samplingView AnswerAnswer: A Explanation: The NOT keyword is used in the question. You need find out an option which is NOT an example of statistical...
