Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor involved as a team member in the detailed
system design phase of a system under development would be
MOST concerned with:
A. internal control procedures.
B. user acceptance test schedules.
C. adequacy of the user training program.
D. clerical processes for resubmission of rejected items.
- 1 Answers
- 4364 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
As a member of the project team, the IS auditor's primary
role is to ensure that adequate and appropriate control
procedures are designed and programmed into the system. At
this stage, it is too early for user acceptance schedules,
training programs and user procedures to be the primary
concern of the IS auditor.
| Is This Answer Correct ? | 7 Yes | 0 No |
A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as: A. rules. B. decision trees. C. semantic nets. D. data flow diagrams.
An IS auditor, performing a review of an application?s controls, discovers a weakness in system software, which could materially impact the application. The IS auditor should: A. Disregard these control weaknesses as a system software review is beyond the scope of this review. B. Conduct a detailed system software review and report the control weaknesses. C. Include in the report a statement that the audit was limited to a review of the application?s controls. D. Review the system software controls as relevant and recommend a detailed system software review.
Which of the following line media would provide the BEST security for a telecommunication network? A. Broad band network digital transmission B. Baseband network C. Dial-up D. Dedicated lines
Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing
Which of the following physical access controls would provide the highest degree of security over unauthorized access? A. Bolting door lock B. Cipher lock C. Electronic door lock D. Fingerprint scanner
Without compensating controls, which of the following functions would represent a risk if combined with that of a system analyst? A. Application programming B. Data entry C. Quality assurance D. Database administrator
Which of the following BEST determines that complete encryption and authentication protocols exist for protecting information while transmitted? A. A digital signature with RSA has been implemented. B. Work is being done in tunnel mode with the nested services of AH and ESP C. Digital certificates with RSA are being used. D. Work is being done in transport mode, with the nested services of AH and ESP
With reference to the risk management process, which of the following statements is correct? A. Vulnerabilities can be exploited by a threat. B. Vulnerabilities are events with the potential to cause harm to IS resources. C. Vulnerability exists because of threats associated with use of information resources. D. Lack of user knowledge is an example of a threat.
An IS auditor attempting to determine whether access to program documentation is restricted to authorized persons would MOST likely: A. evaluate the record retention plans for off-premises storage. B. interview programmers about the procedures currently being followed. C. compare utilization records to operations schedules. D. review data file access records to test the librarian function.
To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is: A. sequence check. B. key verification. C. check digit. D. completeness check.
Cisco Certifications 
