According to the International Professional Practices Framework, which of the following is the appropriate div
According to the International Professional Practices Framework, which of the following is the appropriate division of responsibilities for the coordination of internal and external audit efforts? I. Oversight of Work Coordination of Activities Chief audit executive Senior management II. Board Chief audit executive III. Chief financial officer Chief audit executive IV. Board Chief financial officer […]
Which of the following is an appropriate role for the board in governance?
Which of the following is an appropriate role for the board in governance? A. Preparing written organizational policies that relate to compliance with laws, regulations, ethics, and conflicts of interest. B. Ensuring that financial statements are understandable, transparent, and reliable. C. Assisting the internal audit activity in performing annual reviews of governance. D. Working with […]
Which of the following combinations would provide the best segregation of duties?
Human resources and payroll are separate departments. Which of the following combinations would provide the best segregation of duties? A. Human resources personnel add employees, payroll personnel process hours, and human resources personnel deliver paychecks to employees. B. Human resources personnel add employees, review and submit payroll hours to the payroll department for processing, and […]
Which of the following factors affects the control risk of a company?
Which of the following factors affects the control risk of a company? A. Potential problems like technological obsolescence. B. Unusual pressures on management. C. Complex accounts that require expert valuations. D. Segregation of duties.
This situation has the greatest negative impact on which of the following internal control components?
The top three sales representatives for a company consistently include non-allowable charges on their expense reports. Line management is reluctant to deny reimbursement of the charges for fear of losing the sales representatives. This situation has the greatest negative impact on which of the following internal control components? A. Monitoring. B. Control environment. C. Information […]
Which of the following approach would be most suitable to assess the overall security posture of Health4Sureā
CCM: A hypothetical company called: āHealth4Sureā is located in the United States and provides cloud based services for tracking patient health. The company is compliant with HIPAA/HITECH Act among other industry standards. Health4Sure decides to assess the overall security of their cloud service against the CCM toolkit so that they will be able to present […]
Big data includes high volume, high variety, and high velocity.
Big data includes high volume, high variety, and high velocity. A. False B. True
Which of the following is NOT a cloud computing characteristic that impacts incidence response?
Which of the following is NOT a cloud computing characteristic that impacts incidence response? A. The on demand self-service nature of cloud computing environments. B. Privacy concerns for co-tenants regarding the collection and analysis of telemetry and artifacts associated with an incident. C. The possibility of data crossing geographic or jurisdictional boundaries. D. Object-based storage […]
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticat
APIs and web services require extensive hardening and must assume attacks from authenticated and unauthenticated adversaries. A. False B. True
Which attack surfaces, if any, does virtualization technology introduce?
Which attack surfaces, if any, does virtualization technology introduce? A. The hypervisor B. Virtualization management components apart from the hypervisor C. Configuration and VM sprawl issues D. All of the above