A clerk changed the interest rate for a loan on a master file. The rate entered is outside the normal
range for such a loan. Which of the following controls is MOST effective in providing reasonable
assurance that the change was authorized?

The GREATEST advantage of using web services for the exchange of information between two
systems is:

An IS auditor reviewing an accounts payable system discovers that audit logs are not being reviewed.
When this issue is raised with management the response is that additional controls are not
necessary because effective system access controls are inplace. The BEST response the auditor can
make is to:

When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned
with the risk of:

When reviewing an organization’s approved software product list, which of the following is the
MOST important thing to verify?

An existing system is being extensively enhanced by extracting and reusing design and program
components. This is an example of:

A number of system failures are occurring when corrections to previously detected errors are
resubmitted for acceptance testing. This would indicate that the maintenance team is probably not
performing adequately which of the following types of testing?

An IS auditor performing an application maintenance audit would review the log of program changes
for the:

After discovering a security vulnerability in a third-party application that interfaces with several
external systems, a patch is applied to a significant number of modules. Which of the following tests
should an IS auditor recommend?

When performing an audit of a client relationship management (CRM) system migration project,
which of the following should be of GREATEST concern to an IS auditor?