Interested to Buy Any Domain ? << Click Here >> for more details...
An audit charter should:
A. be dynamic and change often to coincide with the changing
nature of technology and the audit profession.
B. clearly state audit objectives for the delegation of
authority for the maintenance and review of internal controls.
C. document the audit procedures designed to achieve the
planned audit objectives.
D. outline the overall authority, scope and responsibilities
of the audit function.
- 2 Answers
- 8483 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
An audit charter should state management's objectives for,
and delegation of authority to, IS audit. This charter
should not significantly change over time and should be
approved at the highest level of management. The audit
charter would not be at a detail level and therefore would
not include specific audit objectives or procedures.
| Is This Answer Correct ? | 4 Yes | 0 No |
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
When a new system is to be implemented within a short time frame, it is MOST important to: A. finish writing user manuals. B. perform user acceptance testing. C. add last-minute enhancements to functionalities. D. ensure that code has been documented and reviewed.
Which of the following is the PRIMARY reason for involving an IS auditor in the definition of a system's requirements? A. Post-application reviews do not need to be performed. B. Total budgeted system development costs can be reduced. C. It is costly to institute controls after a system becomes operational. D. The extent of user involvement in design activities is reduced.
Which of the following controls is LEAST likely to detect changes made online to master records? A. Update access to master file is restricted to a supervisor independent of data entry. B. Clerks enter updates online and are finalized by an independent supervisor. C. An edit listing of all updates is produced daily and reviewed by an independent supervisor. D. An update authorization form must be approved by an independent supervisor before entry.
Losses can be minimized MOST effectively by using outside storage facilities to do which of the following? A. Provide current, critical information in backup files B. Ensure that current documentation is maintained at the backup facility C. Test backup hardware D. Train personnel in backup procedures
To review access to ceratin data base to determine whether the "new user" forms were correctly authorized. This is an example of:
The use of residual biometric information to gain unauthorized access is an example of which of the following attacks? A. Replay B. Brute force C. Cryptographic D. Mimic
Which of the following reports is a measure of telecommunication transmissions and determines whether transmissions are completed accurately? A. Online monitor reports B. Downtime reports C. Help desk reports D. Response time reports
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
Use of asymmetric encryption in an Internet e-commerce site, where there is one private key for the hosting server and the public key is widely distributed to the customers, is MOST likely to provide comfort to the: A. customer over the authenticity of the hosting organization. B. hosting organization over the authenticity of the customer. C. customer over the confidentiality of messages from the hosting organization. D. hosting organization over the confidentiality of messages passed to the customer.
With regard to sampling it can be said that: A. sampling is generally applicable when the population relates to an intangible or undocumented control. B. if an auditor knows internal controls are strong, the confidence coefficient may be lowered. C. attribute sampling would help prevent excessive sampling of an attribute by stopping an audit test at the earliest possible moment. D. variable sampling is a technique to estimate the rate of occurrence of a given control or set of related controls.
An IS auditor is auditing the controls relating to employee termination. Which of the following is the MOST important aspect to be reviewed? A. The related company staff are notified about the termination B. User ID and passwords of the employee have been deleted C. The details of employee have been removed from active payroll files D. Company property provided to the employee has been returned
Cisco Certifications 
