- All Exams Instant Download
Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?
Which of the following is MOST important for an IS auditor to examine when reviewing an organization's privacy policy?A . Whether there is explicit permission from regulators to collect personal data B. The organization's legitimate purpose for collecting personal data C. Whether sharing of personal information with third-party service providers...
Which of the following is the auditor's BEST course of action?
An IS auditor suspects an organization's computer may have been used to commit a crime. Which of the following is the auditor's BEST course of action?A . Examine the computer to search for evidence supporting the suspicions. B. Advise management of the crime after the investigation. C. Contact the incident...
What is the auditor's BEST course of action?
During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations. What is the auditor's BEST course of action?A . Notify the chair of the audit committee. B. Notify...
Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?
A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification. Which of the following is the IS auditor's BEST recommendation to facilitate compliance with the regulation?A . Include the requirement in the incident management response plan. B. Establish key performance indicators (KPIs)...
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?A . System flowchart B. Data flow diagram C. Process flowchart D. Entity-relationship diagramView AnswerAnswer: C
An organizations audit charier PRIMARILY:
An organizations audit charier PRIMARILY:A . describes the auditors' authority to conduct audits. B. defines the auditors' code of conduct. C. formally records the annual and quarterly audit plans. D. documents the audit process and reporting standards.View AnswerAnswer: A
Which of the following is the BEST justification for deferring remediation testing until the next audit?
Which of the following is the BEST justification for deferring remediation testing until the next audit?A . The auditor who conducted the audit and agreed with the timeline has left the organization. B. Management's planned actions are sufficient given the relative importance of the observations. C. Auditee management has accepted...
Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?
Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?A . Developing and communicating test procedure best practices to audit teams B. Developing and implementing an audit data repository C. Decentralizing procedures and Implementing periodic peer review D. Centralizing procedures and implementing change...
Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?
Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?A . Real-time audit software B. Performance data C. Quality assurance (QA) reviews D. Participative management techniquesView AnswerAnswer: A
Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?
Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?A . Segregation of duties between staff ordering and staff receiving information assets B. Complete and accurate list of information assets that have been deployed C. Availability and testing of onsite...
