An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
Which of the following controls would an IS auditor look for in an environment where duties cannot be appropri
Which of the following controls would an IS auditor look for in an environment where duties cannot
be appropriately segregated?
Which of the following reduces the potential impact of social engineering attacks?
Which of the following reduces the potential impact of social engineering attacks?
Which of the following activities performed by a database administrator (DBA) should be performed by a differe
Which of the following activities performed by a database administrator (DBA) should be performed
by a different person?
To gain an understanding of the effectiveness of an organization’s planning and management of investment
To gain an understanding of the effectiveness of an organization’s planning and management of
investments in IT assets, an IS auditor should review the:
Which of the following is the BEST performance criterion for evaluating the adequacy of an organization’
Which of the following is the BEST performance criterion for evaluating the adequacy of an
organization’s security awareness training?
Which of the following is a risk of cross-training?
Which of the following is a risk of cross-training?
Which of the following is normally a responsibility of the chief security officer (CSO)?
Which of the following is normally a responsibility of the chief security officer (CSO)?
To support an organization’s goals, an IS department should have:
To support an organization’s goals, an IS department should have:
In reviewing the IS short-range (tactical) plan, an IS auditor should determine whether:
In reviewing the IS short-range (tactical) plan, an IS auditor should determine whether: