Who is responsible for implementing cost-effective controls in an automated system?
Who is responsible for implementing cost-effective controls in an automated system?
Why does an IS auditor review an organization chart?
Why does an IS auditor review an organization chart?
Ensuring that security and control policies support business and IT objectives is a primary objec
Ensuring that security and control policies support business and IT objectives is a primary
objective of:
which of the following?
When auditing third-party service providers, an IS auditor should be concerned with which of the
following? Choose the BEST answer.
True or false?
When performing an IS strategy audit, an IS auditor should review both short-term (one-year) and
long-term (three-to five-year) IS strategies, interview appropriate corporate management
personnel, and ensure that the external environment has been considered. The auditor should
especially focus on procedures in an audit of IS strategy. True or false?
What process allows IS management to determine whether the activities of the organization differ from the plan
What process allows IS management to determine whether the activities of the organization differ
from the planned or expected levels? Choose the BEST answer.
When should reviewing an audit client’s business plan be performed relative to reviewing an organization
When should reviewing an audit client’s business plan be performed relative to reviewing an
organization’s IT strategic plan?
True or false?
Allowing application programmers to directly patch or change code in production programs
increases risk of fraud. True or false?
Who should be responsible for network security operations?
Who should be responsible for network security operations?
True or false?
Proper segregation of duties does not prohibit a quality control administrator from also being
responsible for change control and problem management. True or false?