Interested to Buy Any Domain ? << Click Here >> for more details...
The responsibility for designing, implementing and
maintaining a system of internal control lies with:
A. the IS auditor.
B. management.
C. the external auditor.
D. the programming staff.
- 2 Answers
- 7449 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
Designing, implementing and maintaining a system of internal
controls, including the prevention and detection of fraud is
the responsibility of management. The IS auditor assesses
the risks, and performs tests to detect irregularities
created by weaknesses in the structure of internal controls.
| Is This Answer Correct ? | 11 Yes | 0 No |
Without causing a conflict of interest, a duty compatible with those of a security administrator would be: A. quality assurance. B. application programming. C. systems programming. D. data entry.
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
An IS auditor reviewing an organization's IT strategic plan should FIRST review: A. the existing IT environment. B. the business plan. C. the present IT budget. D. current technology trends.
Which of the following can be used to verify output results and control totals by matching them against the input data and control totals? A. Batch header forms B. Batch balancing C. Data conversion error corrections D. Access controls over print spools
Which of the following is necessary to have FIRST in the development of a business continuity plan? A. Risk-based classification of systems B. Inventory of all assets C. Complete documentation of all disasters D. Availability of hardware and software
An IS auditor reviewing back-up procedures for software need only determine that: A. object code libraries are backed up. B. source code libraries are backed up. C. both object and source codes libraries are backed up. D. program patches are maintained at the originating site.
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
To detect attack attempts that the firewall is unable to recognize, an IS auditor should recommend placing a network intrusion detection system (IDS) between the:
Naming conventions for system resources are important for access control because they: A. ensure that resource names are not ambiguous. B. reduce the number of rules required to adequately protect resources. C. ensure that user access to resources is clearly and uniquely identified. D. ensure that internationally recognized names are used to protect resources.
Which of the following reports is a measure of telecommunication transmissions and determines whether transmissions are completed accurately? A. Online monitor reports B. Downtime reports C. Help desk reports D. Response time reports
When implementing an application software package, which of the following presents the GREATEST risk? A. Uncontrolled multiple software versions B. Source programs that are not synchronized with object code C. Incorrectly set parameters D. Programming errors
Cisco Certifications 
