Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

An IS auditor is assigned to help design the data security
aspects of an application under development. Which of the
following provides the MOST reasonable assurance that
corporate assets are protected when the application is
certified for production?

A. A review conducted by the internal auditor

B. A review conducted by the assigned IS auditor

C. Specifications by the user on the depth and content of
the review

D. An independent review conducted by another equally
experienced IS auditor

Question Posted / guest


An IS auditor is assigned to help design the data security aspects of an application under developm..

Answer / guest

Answer: D

If the IS auditor assigned to the development process
actually contributes to the design of the system, then true
independence has been compromised. Therefore, to insure an
independent review of the system, a different IS auditor
should review the system prior to production or within a
reasonable time frame after implementation.

Is This Answer Correct ?    8 Yes 1 No

Post New Answer

More CISA Certification Interview Questions

During the course of an audit, the IS auditor discovers that the human resources (HR) department uses a cloud-based application to manage employee records. The HR department engaged in a contract outside of the normal vendor management process and manages the application on its own. Which of the following choices is of MOST concern? A. Maximum acceptable downtime metrics have not been defined in the contract. B. The IT department does not manage the relationship with the cloud vendor. C. The help desk call center is in a different country, with different privacy requirements. D. Company-defined security policies are not applied to the cloud application.

1 Answers  

An organization is considering installing a LAN in a site under construction. If system availability is the main concern, which of the following topologies is MOST appropriate? A. Ring B. Line C. Star D. Bus

1 Answers  

Electromagnetic emissions from a terminal represent an exposure because they: A. affect noise pollution. B. disrupt processor functions. C. produce dangerous levels of electric current. D. can be detected and displayed.

1 Answers  

Utilizing audit software to compare the object code of two programs is an audit technique used to test program: A. logic. B. changes. C. efficiency. D. computations.

2 Answers  

For an online transaction processing system, transactions per second is a measure of: A. throughput. B. response time. C. turnaround time. D. uptime.

1 Answers  

Use of asymmetric encryption in an Internet e-commerce site, where there is one private key for the hosting server and the public key is widely distributed to the customers, is MOST likely to provide comfort to the: A. customer over the authenticity of the hosting organization. B. hosting organization over the authenticity of the customer. C. customer over the confidentiality of messages from the hosting organization. D. hosting organization over the confidentiality of messages passed to the customer.

1 Answers  

Which of the following can identify attacks and penetration attempts to a network? A. Firewall B. Packet filters C. Stateful inspection D. Intrusion detection system (IDs)

1 Answers  

If an application program is modified and proper system maintenance procedures are in place, which of the following should be tested? The: A. integrity of the database B. access controls for the applications programmer C. complete program, including any interface systems D. segment of the program containing the revised code

1 Answers  

Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected

2 Answers  

Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)

1 Answers  

Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.

7 Answers  

Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.

2 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)