Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following would be a compensating control to
mitigate risks resulting from an inadequate segregation of
duties?
A. Sequence check
B. Check digit
C. Source documentation retention
D. Batch control reconciliations
- 1 Answers
- 14610 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Batch control reconciliations are an example of compensating
controls. Other examples of compensating controls are
transaction logs, reasonableness tests, independent reviews
and audit trails such as console logs, library logs and job
accounting date. Sequence checks and check digits are data
validation edits and source documentation retention is an
example of a data file control.
| Is This Answer Correct ? | 13 Yes | 5 No |
Which of the following would an IS auditor consider to be the MOST important when evaluating an organization's IS strategy? That it: A. has been approved by line management. B. does not vary from the IS department's preliminary budget. C. complies with procurement procedures. D. supports the business objectives of the organization.
A key element in a risk analysis is/are: A. audit planning. B. controls. C. vulnerabilities. D. liabilities.
Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
The PRIMARY advantage of a continuous audit approach is that it: A. does not require an IS auditor to collect evidence on system reliability while processing is taking place. B. requires the IS auditor to review and follow up immediately on all information collected. C. can improve system security when used in time-sharing environments that process a large number of transactions. D. does not depend on the complexity of an organization's computer systems.
Which of the following facilitates program maintenance? A. More cohesive and loosely coupled programs B. Less cohesive and loosely coupled programs C. More cohesive and strongly coupled programs D. Less cohesive and strongly coupled programs
WHICH OF THE FOLLOWING IS OFTEN AN ADVANTAGE OF USING PROTOTYPING GOR DYDTEM DVELOPMENT
Which of the following is a continuity plan test that uses actual resources to simulate a system crash to cost-effectively obtain evidence about the plan's effectiveness? A. Paper test B. Post test C. Preparedness test D. Walk-through
A malicious code that changes itself with each file it infects is called a: A. logic bomb. B. stealth virus. C. trojan horse. D. polymorphic virus.
E-cash is a form of electronic money that: A. can be used over any computer network. B. utilizes reusable e-cash coins to make payments. C. does not require the use of an Internet digital bank. D. contains unique serial numbering to track the identity of the buyer.
When performing an audit of access rights, an IS auditor should be suspicious of which of the following if allocated to a computer operator? A. READ access to data B. DELETE access to transaction data files C. Logged READ/EXECUTE access to programs D. UPDATE access to job control language/script files
Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.
Cisco Certifications 
