Which of the following is a mechanism for mitigating risks?

An IS auditor was hired to review e-business security. The IS auditor’s first task was to examine

each existing e-business application looking for vulnerabilities. What would be the next task?

The output of the risk management process is an input for making:

The risks associated with electronic evidence gathering would MOST likely be reduced by an email:

Which of the following is the MOST important IS audit consideration when an organization
outsources a customer credit review system to a third-party service provider? The provider:

An organization has outsourced its help desk activities. An IS auditor’s GREATEST concern when
reviewing the contract and associated service level agreement (SLA) between the organization and
vendor should be the provisions for:

Which of the following is the BEST information source for management to use as an aid in the
identification of assets that are subject to laws and regulations?

While conducting an audit of a service provider, an IS auditor observes that the service provider
has outsourced a part of the work to another provider. Since the work involves confidential
information, the IS auditor’s PRIMARY concern shouldbe that the:

With respect to the outsourcing of IT services, which of the following conditions should be of
GREATEST concern to an IS auditor?

An IS auditor has been assigned to review IT structures and activities recently outsourced to
various providers. Which of the following should the IS auditor determine FIRST?