Interested to Buy Any Domain ? << Click Here >> for more details...
During an IS audit of the disaster recovery plan (DRP) of a global enterprise, the auditor observes that some remote offices have very limited local IT resources. Which of the following observations would be the MOST critical for the IS auditor?
A. A test has not been made to ensure that local resources could maintain security and service standards when recovering from a disaster or incident.
B. The corporate business continuity plan (BCP) does not accurately document the systems that exist at remote offices.
C. Corporate security measures have not been incorporated into the test plan.
D. A test has not been made to ensure that tape backups from the remote offices are usable.
- 1 Answers
- 8871 Views
- I also Faced
- E-Mail Answers
the answer is A.
A. Regardless of the capability of local IT resources, the most critical risk would be the lack of testing, which would identify quality issues in the recovery process.
B. The corporate business continuity plan (BCP) may not include disaster recovery plan (DRP) details for remote offices. It is important to ensure that the local plans have been tested.
C. Security is an important issue because many controls may be missing during a disaster. However, not having a tested plan is more important.
D. The backups cannot be trusted until they have been tested. However, this should be done as part of the overall tests of the DRP.
| Is This Answer Correct ? | 9 Yes | 0 No |
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.
Birth date and marriage date items were switched while entering data. Which of the following data validation checks could detect this? A. Logical relationship B. Sequence C. Reasonableness D. Validity
With regard to sampling it can be said that: A. sampling is generally applicable when the population relates to an intangible or undocumented control. B. if an auditor knows internal controls are strong, the confidence coefficient may be lowered. C. attribute sampling would help prevent excessive sampling of an attribute by stopping an audit test at the earliest possible moment. D. variable sampling is a technique to estimate the rate of occurrence of a given control or set of related controls.
Which of the following functions is performed by a virtual private network (VPN)? A. Hiding information from sniffers on the net B. Enforcing security policies C. Detecting misuse or mistakes D. Regulating access
Which of the following would an IS auditor place LEAST reliance on when determining management's effectiveness in communicating information systems policies to appropriate personnel? A. Interviews with user and IS personnel B. Minutes of IS steering committee meetings C. User department systems and procedures manuals D.Information processing facilities operations and procedures manuals
A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.
As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard-copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following are necessary to restore these files? A. The previous day's backup file and the current transaction tape B. The previous day's transaction file and the current transaction tape C. The current transaction tape and the current hard-copy transaction log D. The current hard-copy transaction log and the previous day's transaction file
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
Cisco Certifications 
