Which of the following should be of MOST concern to an IS auditor?

In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts.
Next, the IS auditor should:

During a security audit of IT processes, an IS auditor found that there were no documented security
procedures. The IS auditor should:

The vice president of human resources has requested an audit to identify payroll overpayments for
the previous year. Which would be the BEST audit technique to use in this situation?

An IS auditor has imported data from the client’s database. The next step-confirming whether the
imported data are complete-is performed by:

Which of the following is the PRIMARY advantage of using computer forensic software for
investigations?

An IS auditor is evaluating a corporate network for a possible penetration by employees. Which of
the following findings should give the IS auditor the GREATEST concern?

In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover
potential anomalies in user or system behavior. Which of the following tools are MOST suitable for
performing that task?

An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews
the logs for one day and finds one case where logging on a server has failed with the result that
backup restarts cannot be confirmed. What should the auditor do?

The PRIMARY purpose of an IT forensic audit is: