Interested to Buy Any Domain ? << Click Here >> for more details...
As a result of a business process reengineering (BPR) project:
A. an IS auditor would be concerned with the key controls
that existed in the prior business process and not those in
the new process.
B. system processes are automated in such a way that there
are more manual interventions and manual controls.
C. the newly designed business processes usually do not
involve changes in the way(s) of doing business.
D. advantages usually are realized when the reengineering
process appropriately suits the business and risk.
- 1 Answers
- 4980 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
BPR is the process of responding to competitive, economic
pressures and customer demands to survive in the current
business environment. Advantages of BPR usually are
experienced when the reengineering process appropriately
suits the business needs. Choice A is not correct, because
in a BPR, an IS auditor should have a concern that all
controls, especially both those in the new processes and
those key controls that may have been reengineered out of a
business process. Choice B is not correct because what BPR
seeks is to have less manual interventions and controls.
Choice C is also incorrect because in BPR the newly designed
business processes, inevitably involve changes in the way of
doing business.
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following manages the digital certificate life cycle to ensure adequate security and controls exist in digital signature applications related to e-commerce? A. Registration authority B. Certification authority C. Certification relocation list D. Certification practice statement
A digital signature contains a message digest to: A. show if the message has been altered after transmission. B. define the encryption algorithm. C. confirm the identity of the originator. D. enable message transmission in a digital format.
Which of the following tests confirm that the new system can operate in its target environment? A. Sociability testing B. Regression testing C. Validation testing D. Black box testing
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
A network diagnostic tool that monitors and records network information is a/an: A. online monitor. B. downtime report. C. help desk report. D. protocol analyzer.
An IS auditor's primary concern when application developers wish to use a copy of yesterday's production transaction file for volume tests is that: A. users may prefer to use contrived data for testing. B. unauthorized access to sensitive data may result. C. error handling and credibility checks may not be fully proven. D. full functionality of the new process is not necessarily tested.
Which of the following is a management technique that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality? A. Function point analysis B. Critical path methodology C. Rapid application development D. Program evaluation review technique
Which of the following findings would an IS auditor be MOST concerned about when performing an audit of backup and recovery and the offsite storage vault? A. There are three individuals with a key to enter the area. B. Paper documents also are stored in the offsite vault. C. Data files, which are stored in the vault, are synchronized. D. The offsite vault is located in a separate facility.
An organization provides information to its supply-chain partners and customers through an extranet infrastructure. Which of the following should be the GREATEST concern to an IS auditor reviewing the firewall security architecture? A. A secure socket layer (SSL) has been implemented for user authentication and remote administration of the firewall. B. On the basis of changing requirements, firewall policies are updated. C. Inbound traffic is blocked unless the traffic type and connections have been specifically permitted. D. The firewall is placed on top of the commercial operating system with all installation options.
A hub is a device that connects: A. two LANs using different protocols. B. a LAN with a WAN. C. a LAN with a metropolitan area network (MAN). D. two segments of a single LAN.
The initial step in establishing an information security program is the: A. development and implementation of an information security standards manual. B. performance of a comprehensive security control review by the IS auditor. C. adoption of a corporate information security policy statement. D. purchase of security access control software.
IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly. B. the control environment is poor. C. inherent risk is low. D. control risks are within the acceptable limits.
Cisco Certifications 
