What component of the change control system would review the proposed changes’ impact on the features an
Henry is the project manager of the QBG Project for his company. This project has a budget of
$4,576,900 and is expected to last 18 months to complete. The CIO, a stakeholder in the project,
has introduced a scope change request for additional deliverables as part of the project work.
What component of the change control system would review the proposed changes’ impact on the
features and functions of the project’s product?
When reviewing an organization’s strategic IT plan an IS auditor should expect to find:
When reviewing an organization’s strategic IT plan an IS auditor should expect to find:
The information security manager should:
The IT function has declared that, when putting a new application into production, it is not
necessary to update the business impact analysis (BIA) because it does not produce modifications
in the business processes. The information security manager should:
What are the key control activities to be done to ensure business alignment?
What are the key control activities to be done to ensure business alignment?
Each correct answer represents a part of the solution. Choose two.
The advantage of a bottom-up approach to the development of organizational policies is that the policies:
The advantage of a bottom-up approach to the development of organizational policies is that the
policies:
which of the following?
A risk assessment study carried out by an organization noted that there is no segmentation of the
local area network (LAN). Network segmentation would reduce the potential impact of which of the
following?
Which of the following statements is true for risk analysis?
Which of the following statements is true for risk analysis?
Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and syste
Which of the following is the GREATEST risk of an inadequate policy definition for ownership of
data and systems?
The PRIMARY objective of an Internet usage policy is to prevent:
The PRIMARY objective of an Internet usage policy is to prevent:
Which of the following terms refers to this type of loss?
You are working in Bluewell Inc. which make advertisement Websites. Someone had made
unauthorized changes to a your Website. Which of the following terms refers to this type of loss?