Which of the following is the BEST information source f…
Which of the following is the BEST information source for management to use as an aid in the
identification of assets that are subject to laws and regulations?
Since the work involves confidential information, the I…
While conducting an audit of a service provider, an IS auditor observes that the service provider
has outsourced a part of the work to another provider. Since the work involves confidential
information, the IS auditor’s PRIMARY concern shouldbe that the:
which of the following conditions should be of GREATEST…
With respect to the outsourcing of IT services, which of the following conditions should be of
GREATEST concern to an IS auditor?
Which of the following should the IS auditor determine …
An IS auditor has been assigned to review IT structures and activities recently outsourced to
various providers. Which of the following should the IS auditor determine FIRST?
which of the following should be kept in the organization?
When an organization is outsourcing their information security function, which of the following
should be kept in the organization?
which of the following contract clauses?
To minimize costs and improve service levels an outsourcer should seek which of the following
contract clauses?
which of the following items to be included in the requ…
An IS auditor should expect which of the following items to be included in the request for proposal
(RFP) when IS is procuring services from an independent service provider (ISP)?
which of the following conclusions should be the main c…
When performing a review of the structure of an electronic funds transfer (EFT) system, an IS
auditor observes that the technological infrastructure is based on a centralized processing scheme
that has been outsourced to a provider in another country. Based on this information, which of the
following conclusions should be the main concern of the IS auditor?
An IS auditor reviewing an outsourcing contract of IT f…
An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the:
Is it appropriate for an IS auditor from a company that…
Is it appropriate for an IS auditor from a company that is considering outsourcing its IS processing
to request and review a copy of each vendor’s business continuity plan?