what is the FIRST activity to be performed?
When developing a risk management program, what is the FIRST activity to be performed?
Which of the following is a mechanism for mitigating risks?
Which of the following is a mechanism for mitigating risks?
What would be the next task?
An IS auditor was hired to review e-business security. The IS auditor’s first task was to examine each existing
e-business application looking for vulnerabilities. What would be the next task?
The output of the risk management process is an input f…
The output of the risk management process is an input for making:
The risks associated with electronic evidence gathering…
The risks associated with electronic evidence gathering would MOST likely be reduced by an e-mail:
Which of the following is the MOST important IS audit c…
Which of the following is the MOST important IS audit consideration when an organization outsources a
customer credit review system to a third-party service provider? The provider:
An IS auditor’s GREATEST concern when reviewing the con…
An organization has outsourced its help desk activities. An IS auditor’s GREATEST concern when reviewing the
contract and associated service level agreement (SLA) between the organization and vendor should be the
provisions for:
Which of the following is the BEST information source f…
Which of the following is the BEST information source for management to use as an aid in the identification of
assets that are subject to laws and regulations?
Since the work involves confidential information, the I…
While conducting an audit of a service provider, an IS auditor observes that the service provider has
outsourced a part of the work to another provider. Since the work involves confidential information, the IS
auditor’s PRIMARY concern shouldbe that the:
which of the following conditions should be of GREATEST…
With respect to the outsourcing of IT services, which of the following conditions should be of GREATEST
concern to an IS auditor?