An IS auditor is assigned to perform a post implementation
review of an application system. Which of the following
situations may have impaired the independence of the IS
auditor? The IS auditor:
A. implemented a specific control during the development of
the application system.
B. designed an embedded audit module exclusively for
auditing the application system.
C. participated as a member of the application system
project team, but did not have operational responsibilities.
D.provided consulting advice concerning application system
best practices.
- 2 Answers
- 10915 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Independence may be impaired if the IS auditor is, or has
been, actively involved in the development, acquisition and
implementation of the application system. Choices B and C
are situations that do not impair the IS auditor's
independence. Choice D is incorrect because the IS auditor's
independence is not impaired by providing advice on known
best practices.
| Is This Answer Correct ? | 14 Yes | 1 No |
Answer / guest
A. implemented a specific control during the development of
the application system.
| Is This Answer Correct ? | 1 Yes | 1 No |
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
A decrease in amplitude as a signal propagates along a transmission medium is known as: A. noise. B. crosstalk. C. attenuation. D. delay distortion.
Which of the following is a technique that could be used to capture network user passwords? A. Encryption B. Sniffing C. Spoofing D. A signed document cannot be altered.
An installed Ethernet cable run in an unshielded twisted pair (UTP) network is more than 100 meters long. Which of the following could be caused by the length of the cable? A. Electromagnetic interference (EMI) B. Cross talk C. Dispersion D.Attenuation
Which of the following would MOST likely ensure that a system development project meets business objectives? A. Maintenance of program change logs B. Development of a project plan identifying all development activities C. Release of application changes at specific times of the year D. User involvement in system specification and acceptance
In a risk-based audit approach, an IS auditor, in addition to risk, would be influenced by: A. the availability of CAATs. B. management's representation. C. organizational structure and job responsibilities. D. the existence of internal and operational controls
Which of the following is the FIRST step in a business process reengineering (BPR) project? A. Defining the areas to be reviewed B. Developing a project plan C. Understanding the process under review D. Reengineering and streamlining the process under review
One of the purposes of library control software is to allow: A. programmers access to production source and object libraries. B. batch program updating. C. operators to update the control library with the production version before testing is completed. D. read-only access to source code.
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
To meet pre-defined criteria, which of the following continuous audit techniques would BEST identify transactions to audit? A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM) B. Continuous and Intermittent Simulation (CIS) C. Integrated Test Facilities (ITF) D. Audit hooks
The PRIMARY reason for using digital signatures is to ensure data: A. confidentiality. B. integrity. C. availability. D. timeliness.
An IS auditor should be concerned when a telecommunication analyst: A. monitors systems performance and tracks problems resulting from program changes. B. reviews network load requirements in terms of current and future transaction volumes. C. assesses the impact of the network load on terminal response times and network data transfer rates. D. recommends network balancing procedures and improvements.
Cisco Certifications 
