When a complete segregation of duties cannot be achieved in
an online system environment, which of the following
functions should be separated from the others?
A. Origination
B. Authorization
C. Recording
D. Correction
Which of the following BEST describes an IT department?s
strategic planning process?
A. The IT department will have either short-range or
long-range plans depending on the organization?s broader
plans and objectives.
B. The IT department?s strategic plan must be time and
project oriented, but not so detailed as to address and help
determine priorities to meet business needs.
C. Long-range planning for the IT department should
recognize organizational goals, technological advances and
regulatory requirements.
D. Short-range planning for the IT department does not need
to be integrated into the short-range plans of the
organization since technological advances will drive the IT
department plans much quicker than organizational plans.
The MOST important responsibility of a data security officer
in an organization is:
A. recommending and monitoring data security policies.
B. promoting security awareness within the organization.
C. establishing procedures for IT security policies.
D. administering physical and logical access controls.
Which of the following would be included in an IS strategic
plan?
A. Specifications for planned hardware purchases
B. Analysis of future business objectives
C. Target dates for development projects
D. Annual budgetary targets for the IS department
Where adequate segregation of duties between operations and
programming are not achievable, the IS auditor should look for:
A. compensating controls.
B. administrative controls.
C. corrective controls.
D. access controls.
Which of the following tasks is performed by the same person
in a well-controlled information processing
facility/computer center?
A. Security administration and management
B. Computer operations and system development
C. System development and change management
D. System development and systems maintenance
Which of the following is a substantive audit test?
A. Verifying that a management check has been performed
regularly
B. Observing that user IDs and passwords are required to
sign on the computer
C. Reviewing reports listing short shipments of goods received
D. Reviewing an aged trial balance of accounts receivable
While developing a risk-based audit program, which of the
following would the IS auditor MOST likely focus on?
A. Business processes
B. Critical IT applications
C. Corporate objectives
D. Business strategies
Before reporting results of an audit to senior management,
an IS auditor should:
A. Confirm the findings with auditees.
B. Prepare an executive summary and send it to auditee
management.
C. Define recommendations and present the findings to the
audit committee.
D. Obtain agreement from the auditee on findings and actions
to be taken.
The document used by the top management of organizations to
delegate authority to the IS audit function is the:
A. long-term audit plan.
B. audit charter.
C. audit planning methodology.
D. steering committee minutes.
Which of the following BEST describes the early stages of an
IS audit?
A. Observing key organizational facilities.
B. Assessing the IS environment.
C. Understanding business process and environment applicable
to the review.
D. Reviewing prior IS audit reports.
The PRIMARY purpose of compliance tests is to verify whether:
A. controls are implemented as prescribed.
B. documentation is accurate and current.
C. access to users is provided as specified.
D. data validation procedures are provided.
An IS auditor is conducting substantive audit tests of a new
accounts receivable module. The IS auditor has a tight
schedule and limited computer expertise. Which would be the
BEST audit technique to use in this situation?
A. Test data
B. Parallel simulation
C. Integrated test facility
D. Embedded audit module
Which of the following types of risks assumes an absence of
compensating controls in the area being reviewed?
A. Control risk
B. Detection risk
C. Inherent risk
D. Sampling risk
The reason for having controls in an IS environment:
A. remains unchanged from a manual environment, but the
implemented control features may be different.
B. changes from a manual environment, therefore the
implemented control features may be different.
C. changes from a manual environment, but the implemented
control features will be the same.
D. remains unchanged from a manual environment and the
implemented control features will also be the same.
in user administration which file contains primary group
and which file contains secondary group?
31
i would like to learn free fluent english by online is
this possible? could you gime some usefull websites to my
mail id nagesh.iloveu64@yahoo.com
31
How can we know the certificates are fake or not. I applied
the Diploma Certificates from Bhihar State Board of
Technical Education and Trainning but now i am getting some
dought about this Certificates. so please tell me is their
any site to know the Certificates Fake or Orginal
21
what is the difference between 32 bit os and 64 bit os
For WebSphere MQ clients on some platforms, if a security
exit is not defined, the values of two environment variables
MQ_USER_ID and MQ_PASSWORD are transmitted to the server. On
which of the following platforms are these environment
variables used?
I am a B.B.A (Hons) as a topper of RIMS rourlela, thand did
my PGDCRM from Symi Pune.Now I want to go for PMP. Right
now am working with IBM as a service management guy and
supporting Tata Steel.Can you suggest that shall i go fpr
PMP first ot ITIL foundation V2?
Hi i m a pst graduate in commerce and having wotking exp
more than 3 yrs in bpo sector (web based) my company moved
my self to software testing, i m not sure whether i should
continue there or not also i knoe this is better career opp
for me in software testing, can u people pls guide me for a
gud sotware testing institute which can provide gud
training, located in delhi (pref west delhi or in south
delhi)
48
pls send me ISTQB model papers or previous papers
foundation and advanced special thanks in advance
How are job oppurtunities for For Solries( Freshers)?
64
Hi,
I want to join in best training center for
Informatica course in Chennai. Who really teaches well
So please let me know.
Thanks,
Raji
43
HI,
I have completed my B.com and MBA and currently working in
IT sector in HR Recruitment.
i just wanted to know Oracle HRMS course is technical or
functional. And is there is any study center in Noida from
where i can do this certification.
To Refer this Site to Your Friends 
Site Map