Interested to Buy Any Domain ? << Click Here >> for more details...
Prices are charged on the basis of a standard master file
rate that changes as volume increases. Any exceptions must
be manually approved. What is the MOST effective automated
control to help ensure that all price exceptions are approved?
A. All amounts are displayed back to the data entry clerk,
who must verify them visually.
B. Prices outside the normal range should be entered twice
to verify data entry accuracy.
C. The system beeps when price exceptions are entered and
prints such occurrences on a report.
D. A second-level password must be entered before a price
exception can be processed.
- 1 Answers
- 5004 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
"Automated control should ensure that the system processes
the price exceptions only on approval of another user who is
authorized to approve such exceptions. A second-level
password would ensure that price exceptions will be approved
by a user who has been authorized by management. Visual
verification of all amounts by a data entry clerk is not a
control, but a basic requirement for any data entry. The
user being able to visually verify what has been entered is
a basic manual control. Entry of price exceptions twice, is
an input control. This does not ensure that exceptions will
be verified automatically by another user. The system
beeping on entry of a price exception is only a warning to
the data entry clerk
it does not prevent proceeding further. Printing of these
exceptions on a report is a detective (manual) control."
| Is This Answer Correct ? | 5 Yes | 0 No |
Peer reviews to detect software errors during a program development activity are called: A. emulation techniques. B. structured walk-throughs. C. modular program techniques. D. top-down program construction.
Facilitating telecommunications continuity by providing redundant combinations of local carrier T-1 lines, microwaves and/or coaxial cables to access the local communication loop is: A. last mile circuit protection. B. long haul network diversity. C. diverse routing. D. alternative routing.
The objective of IT governance is to ensure that the IT strategy is aligned with the objectives of (the): A. enterprise. B. IT. C. audit. D. finance.
Which of the following should be in place to protect the purchaser of an application package in the event that the vendor ceases to trade? A. Source code held in escrow. B. Object code held by a trusted third party. C. Contractual obligation for software maintenance. D. Adequate training for internal programming staff.
Which of the following is a dynamic analysis tool for the purpose of testing software modules? A. Blackbox test B. Desk checking C. Structured walk-through D. Design and code
Which of the following BEST describes an integrated test facility? A. A technique that enables the IS auditor to test a computer application for the purpose of verifying correct processing B. The utilization of hardware and/or software to review and test the functioning of a computer system C. A method of using special programming options to permit printout of the path through a computer program taken to process a specific transaction D. A procedure for tagging and extending transactions and master records that are used by an IS auditor for tests
A team conducting a risk analysis is having difficulty projecting the financial losses that could result from a risk. To evaluate the potential losses the team should: A. compute the amortization of the related assets. B. calculate a return on investment (ROI). C. apply a qualitative approach. D. spend the time needed to define exactly the loss amount.
A MAJOR risk of using single sign-on (SSO) is that it: A. has a single authentication point. B. represents a single point of failure. C. causes an administrative bottleneck. D. leads to a lockout of valid users.
Which of the following concerns about the security of an electronic message would be addressed by digital signatures? A. Unauthorized reading B. Theft C. Unauthorized copying D. Alteration
Which of the following provides nonrepudiation services for e-commerce transactions? A. Public key infrastructure (PKI) B. Data encryption standard (DES) C. Message authentication code (MAC) D. Personal identification number (PIN)
An IS auditor performing a review of an application's controls would evaluate the: A. efficiency of the application in meeting the business processes. B. impact of any exposures discovered. C. business processes served by the application. D. the application's optimization.
Which of the following is the MOST effective means of determining which controls are functioning properly in an operating system? A. Consulting with the vendor B. Reviewing the vendor installation guide C. Consulting with the system programmer D. Reviewing the system generation parameters
Cisco Certifications 
