When a complete segregation of duties cannot be achieved in
an online system environment, which of the following
functions should be separated from the others?
A. Origination
B. Authorization
C. Recording
D. Correction
- 1 Answers
- 8758 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Authorization should be separated from all aspects of record
keeping (origination, recording, and correction). Such a
separation enhances the ability to detect the recording of
unauthorized transactions.
| Is This Answer Correct ? | 8 Yes | 0 No |
The PRIMARY reason for separating the test and development environments is to: A. restrict access to systems under test. B. segregate user and development staff. C. control the stability of the test environment. D. secure access to systems under development.
Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses
Capacity monitoring software is used to ensure: A. maximum use of available capacity. B. that future acquisitions meet user needs. C. concurrent use by a large number of users. D. continuity of efficient operations.
A vendor/contractor?s performance against service level agreements must be evaluated by the: A. customer. B. contractor. C. third-party. D. contractor?s management.
Which of the following is the basic objective of a control self-assessment program?
The PRIMARY benefit of database normalization is the: A. minimization redundancy of information in tables required to satisfy users? needs. B. ability to satisfy more queries. C. maximization of database integrity by providing information in more than one table. D. minimization of response time through faster processing of information.
Involvement of senior management is MOST important in the development of: A. strategic plans. B. IS policies. C. IS procedures. D. standards and guidelines.
Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system? A. Re-performance B. Process walk-through C. Observation D. Documentation review
An IS auditor is assigned to perform a post implementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor: A. implemented a specific control during the development of the application system. B. designed an embedded audit module exclusively for auditing the application system. C. participated as a member of the application system project team, but did not have operational responsibilities. D.provided consulting advice concerning application system best practices.
An IS auditor is conducting substantive audit tests of a new accounts receivable module. The IS auditor has a tight schedule and limited computer expertise. Which would be the BEST audit technique to use in this situation? A. Test data B. Parallel simulation C. Integrated test facility D. Embedded audit module
Which of the following message services provides the strongest protection that a specific action has occurred? A. Proof of delivery B. Nonrepudiation C. Proof of submission D. Message origin authentication
An IS auditor reviewing an outsourcing contract of IT facilities would expect it to define the: A. hardware configuration. B. access control software. C. ownership of intellectual property. D. application development methodology.
Cisco Certifications 
