The use of statistical sampling procedures helps minimize:
The use of statistical sampling procedures helps minimize:
What type of risk results when an IS auditor uses an inadequate test procedure and concludes that material err
What type of risk results when an IS auditor uses an inadequate test procedure and concludes that
material errors do not exist when errors actually exist?
A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it c
A primary benefit derived from an organization employing control self-assessment (CSA) techniques
is that it can:
What type of approach to the development of organizational policies is often driven by risk assessment?
What type of approach to the development of organizational policies is often driven by risk
assessment?
Who is accountable for maintaining appropriate security measures over information assets?
Who is accountable for maintaining appropriate security measures over information assets?
True or false?
Proper segregation of duties prohibits a system analyst from performing quality-assurance
functions. True or false?
What should an IS auditor do if he or she observes that project-approval procedures do not exist?
What should an IS auditor do if he or she observes that project-approval procedures do not exist?
Who is ultimately accountable for the development of an IS security policy?
Who is ultimately accountable for the development of an IS security policy?
True or false?
Proper segregation of duties normally does not prohibit a LAN administrator from also having
programming responsibilities. True or false?
A core tenant of an IS strategy is that it must:
A core tenant of an IS strategy is that it must: