The most common reason for the failure of information systems to meet the needs of users is that:

Which of the following risks could result from inadequate software baselining?

Documentation of a business case used in an IT development project should be retained until:

When auditing the proposed acquisition of a new computer system, an IS auditor should FIRST establish that:

Which of the following is the PRIMARY objective of an IT performance measurement process?

Before implementing an IT balanced scorecard, an organization must:

The IT balanced scorecard is a business governance tool intended to monitor IT performance evaluation
indicators other than:

During an audit, an IS auditor notices that the IT department of a medium-sized organization has no separate
risk management function, and the organization’s operational risk documentation only contains a few broadly
described IT risks. What is the MOST appropriate recommendation in this situation?

An IS auditor who is reviewing incident reports discovers that, in one instance, an important document left on
an employee’s desk was removed and put in the garbage by the outsourced cleaning staff. Which of the
following should the IS auditor recommend to management?

The PRIMARY benefit of implementing a security program as part of a security governance framework is the: