An IS auditor discovers that an organization?s business
continuity plan provides for an alternate processing site
that will accommodate fifty percent of the primary
processing capability. Based on this, which of the following
actions should the IS auditor take?
A. Do nothing, because generally, less than twenty-five
percent of all processing is critical to an organization?s
survival and the backup capacity, therefore is adequate.
B. Identify applications that could be processed at the
alternate site and develop manual procedures to backup other
processing.
C. Ensure that critical applications have been identified
and that the alternate site could process all such applications.
D. Recommend that the information processing facility
arrange for an alternate processing site with the capacity
to handle at least seventy-five percent of normal processing.
- 1 Answers
- 4449 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Business continuity plans should provide for the recovery of
critical systems, not necessarily all systems. Perhaps only
fifty percent of the company's systems are critical.
Therefore, careful assessment of critical systems and
capacity requirements should be part of the IS auditor's
test of the plan.
| Is This Answer Correct ? | 3 Yes | 0 No |
Which of the following controls would be MOST effective in ensuring that production source code and object code are synchronized? A. Release-to-release source and object comparison reports B. Library control software restricting changes to source code C. Restricted access to source code and object code D. Date and time-stamp reviews of source and object code
Which of the following is a role of an IS steering committee? A. Initiate computer applications. B. Ensure efficient use of data processing resources. C. Prepare and monitor system implementation plans. D. Review the performance of the systems department.
In a data warehouse, data quality is achieved by: A. cleansing. B. restructuring. C. source data credibility. D. transformation.
Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.
An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor
Testing the connection of two or more system components that pass information from one area to another is: A. pilot testing. B. parallel testing C. interface testing. D. regression testing.
Which of the following alternative business recovery strategies would be LEAST appropriate for an organization with a large database and online communications network environment? A. Hot site B. Cold site C. Reciprocal agreement D. Dual information processing facilities
When an employee is terminated from service, the MOST important action is to: A. hand over all of the employee's files to another designated employee. B. take a back up of the employee's work. C. notify other employees of the termination. D. disable the employee's logical access.
Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? A. IT planning documents with deliverables and performance results B. Policies and procedures relating to planning, managing, monitoring and reporting on performance C. Prior audit reports D. Reports of IT functional activities
Which of the following is MOST likely to result from a business process reengineering (BPR) project? A. An increased number of people using technology B. Significant cost savings, through a reduction in the complexity of information technology C. A weaker organizational structures and less accountability D. Increased information protection (IP) risk will increase
Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system
When an information security policy has been designed, it is MOST important that the information security policy be: A. stored offsite. B. written by IS management. C. circulated to users. D. updated frequently.
Cisco Certifications 
