which of the following?
You are the project manager of GHT project. You have analyzed the risk and applied appropriate
controls. In turn, you got residual risk as a result of this. Residual risk can be used to determine
which of the following?
The IS auditor should:
An IS auditor who was involved in designing an organization’s business continuity plan (BCP) has
been assigned to audit the plan. The IS auditor should:
which of the following?
Security awareness training is MOST likely to lead to which of the following?
what is this term called?
When it appears that a project risk is going to happen, what is this term called?
Which of the following actions should the IS auditor take?
An IS auditor conducting a review of software usage and licensing discovers that numerous PCs
contain unauthorized software. Which of the following actions should the IS auditor take?
The information classification scheme should:
The information classification scheme should:
Which of the following inputs will be needed for the qualitative risk analysis process in your project?
You work as a project manager for SoftTech Inc. You are working with the project stakeholders to
begin the qualitative risk analysis process. Which of the following inputs will be needed for the
qualitative risk analysis process in your project?
Each correct answer represents a complete solution. Choose all that apply.
The auditor should:
Corrective action has been taken by an auditee immediately after the identification of a reportable
finding. The auditor should:
Which of the following is the BEST method to provide a new user with their initial password for email system a
Which of the following is the BEST method to provide a new user with their initial password for email system access?
Which of the following will significantly affect the standard information security governance model?
Which of the following will significantly affect the standard information security governance model?