In planning an audit, the MOST critical step is the identification of the:
In planning an audit, the MOST critical step is the identification of the:
The extent to which data will be collected during an IS audit should be determined based on the:
The extent to which data will be collected during an IS audit should be determined based on the:
While planning an audit, an assessment of risk should be made to provide:
While planning an audit, an assessment of risk should be made to provide:
An IS auditor should use statistical sampling and not judgment (nonstatistical) sampling, when:
An IS auditor should use statistical sampling and not judgment (nonstatistical) sampling, when:
During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:
During the planning stage of an IS audit, the PRIMARY goal of an IS auditor is to:
When selecting audit procedures, an IS auditor should use professional judgment to ensure that:
When selecting audit procedures, an IS auditor should use professional judgment to ensure that:
An IS auditor evaluating logical access controls should FIRST:
An IS auditor evaluating logical access controls should FIRST:
The PRIMARY purpose of an IT forensic audit is:
The PRIMARY purpose of an IT forensic audit is:
What should the auditor do?
An IS auditor is performing an audit of a remotely managed server backup. The IS auditor reviews
the logs for one day and finds one case where logging on a server has failed with the result that
backup restarts cannot be confirmed. What should the auditor do?
Which of the following tools are MOST suitable for performing that task?
In an IS audit of several critical servers, the IS auditor wants to analyze audit trails to discover
potential anomalies in user or system behavior. Which of the following tools are MOST suitable for
performing that task?