A core tenant of an IS strategy is that it must:
A core tenant of an IS strategy is that it must:
True or false?
Proper segregation of duties normally does not prohibit a LAN administrator from also having
programming responsibilities. True or false?
Who is ultimately accountable for the development of an…
Who is ultimately accountable for the development of an IS security policy?
What should an IS auditor do if he or she observes that…
What should an IS auditor do if he or she observes that project-approval procedures do not exist?
True or false?
Proper segregation of duties prohibits a system analyst from performing quality-assurance
functions. True or false?
Who is accountable for maintaining appropriate security…
Who is accountable for maintaining appropriate security measures over information assets?
What type of approach to the development of organizatio…
What type of approach to the development of organizational policies is often driven by risk
assessment?
A primary benefit derived from an organization employin…
A primary benefit derived from an organization employing control self-assessment (CSA)
techniques is that it can:
What type of risk results when an IS auditor uses an in…
What type of risk results when an IS auditor uses an inadequate test procedure and concludes that
material errors do not exist when errors actually exist?
The use of statistical sampling procedures helps minimize:
The use of statistical sampling procedures helps minimize: