When segregation of duties concerns exists between IT support staff and end users, what would be suitable comp
When segregation of duties concerns exists between IT support staff and end users, what would be suitable compensating control?
An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
An IS auditor reviewing an organization that uses cross-training practices should assess the risk of:
Which of the following controls would an IS auditor look for in an environment where duties cannot be appropri
Which of the following controls would an IS auditor look for in an environment where duties cannot be appropriately segregated?
Which of the following reduces the potential impact of social engineering attacks?
Which of the following reduces the potential impact of social engineering attacks?
Which of the following activities performed by a database administrator (DBA) should be performed by a differe
Which of the following activities performed by a database administrator (DBA) should be performed by a different person?
To gain an understanding of the effectiveness of an organizations planning and management of investments in IT
To gain an understanding of the effectiveness of an organizations planning and management of investments in IT assets, an IS auditor should review the:
Which of the following is the BEST performance criterion for evaluating the adequacy of an organizations secur
Which of the following is the BEST performance criterion for evaluating the adequacy of an organizations security awareness training?
Which of the following is a risk of cross-training?
Which of the following is a risk of cross-training?
Which of the following is normally a responsibility of the chief security officer (CSO)?
Which of the following is normally a responsibility of the chief security officer (CSO)?
To support an organizations goals, an IS department should have:
To support an organizations goals, an IS department should have: