Answer / guest

Answer: B

Biometric devices are used to maintain physical security.
Some examples are fingerprint and retina scanners. Airborne
contamination is measured using air-quality monitors.
Temperature and humidity levels and electromagnetic fields
are measured by environmental monitoring devices.

An IS auditor should use statistical sampling and not judgmental (nonstatistical) sampling, when: A. the probability of error must be objectively quantified. B. the auditor wants to avoid sampling risk. C. generalized audit software is unavailable. D. the tolerable error rate cannot be determined.

1 Answers  

---

An IS auditor is assigned to help design the data security aspects of an application under development. Which of the following provides the MOST reasonable assurance that corporate assets are protected when the application is certified for production? A. A review conducted by the internal auditor B. A review conducted by the assigned IS auditor C. Specifications by the user on the depth and content of the review D. An independent review conducted by another equally experienced IS auditor

1 Answers  

---

Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report

2 Answers  

---

Information for detecting unauthorized input from a terminal would be BEST provided by the: A. console log printout. B. transaction journal. C. automated suspense file listing. D. user error report.

1 Answers  

---

Which of the following represents the GREATEST potential risk in an EDI environment? A. Transaction authorization B. Loss or duplication of EDI transmissions C. Transmission delay D. Deletion or manipulation of transactions prior to or after establishment of application controls

1 Answers   CTS,

---

Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis

1 Answers  

---

The IS department of an organization wants to ensure that the computer files, used in the information processing facility, are backed up adequately to allow for proper recovery. This is a/an: A. control procedure. B. control objective. C. corrective control. D. operational control.

2 Answers  

---

In an EDI process, the device which transmits and receives electronic documents is the: A. communications handler. B. EDI translator. C. application interface. D. EDI interface.

1 Answers  

---

Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation

1 Answers  

---

The PRIMARY objective of conducting a post-implementation review is to assess whether the system A) achieved the desired objectives B) provides for backup and recovery C) provides for information security D) documentation is clear and understandable

2 Answers  

---

At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.

1 Answers  

---

An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity

1 Answers  

---