An IS auditor is assigned to perform a post implementation
review of an application system. Which of the following
situations may have impaired the independence of the IS
auditor? The IS auditor:
A. implemented a specific control during the development of
the application system.
B. designed an embedded audit module exclusively for
auditing the application system.
C. participated as a member of the application system
project team, but did not have operational responsibilities.
D.provided consulting advice concerning application system
best practices.
- 2 Answers
- 10906 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
Independence may be impaired if the IS auditor is, or has
been, actively involved in the development, acquisition and
implementation of the application system. Choices B and C
are situations that do not impair the IS auditor's
independence. Choice D is incorrect because the IS auditor's
independence is not impaired by providing advice on known
best practices.
| Is This Answer Correct ? | 14 Yes | 1 No |
Answer / guest
A. implemented a specific control during the development of
the application system.
| Is This Answer Correct ? | 1 Yes | 1 No |
Good quality software is BEST achieved: A. through thorough testing. B. by finding and quickly correcting programming errors. C. determining the amount of testing by the available time and budget. D. by applying well-defined processes and structured reviews throughout the project.
Security administration procedures require read-only access to: A. access control tables. B. security log files. C. logging options. D. user profiles.
When auditing the proposed acquisition of a new computer system, the IS auditor should FIRST establish that: A. a clear business case has been approved by management. B. corporate security standards will be met. C. users will be involved in the implementation plan. D. the new system will meet all required user functionality.
In regard to moving an application program from the test environment to the production environment, the BEST control would be provided by having the: A. application programmer copy the source program and compiled object module to the production libraries. B. as paul says, C. production control group compile the object module to the production libraries using the source program in the test environment. D. production control group copy the source program to the production libraries and then compile the program.
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
The extent to which data will be collected during an IS audit should be determined, based on the: A. availability of critical and required information. B. auditor's familiarity with the circumstances. C. auditee's ability to find relevant evidence. D. purpose and scope of the audit being done.
Which of the following would provide a mechanism whereby IS management can determine if the activities of the organization have deviated from the planned or expected levels? A. Quality management B. IS assessment methods C. Management principles D. Industry standards/benchmarking
Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system? A. Re-performance B. Process walk-through C. Observation D. Documentation review
In a client-server architecture, a domain name service (DNS) is MOST important because it provides the: A. address of the domain server. B. resolution service for the name/address. C. IP addresses for the Internet. D. domain name system.
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
In planning an audit, the MOST critical step is the identification of the:
Structured programming is BEST described as a technique that: A. provides knowledge of program functions to other programmers via peer reviews. B. reduces the maintenance time of programs by the use of small-scale program modules. C. makes the readable coding reflect as closely as possible the dynamic execution of the program. D. controls the coding and testing of the high-level functions of the program in the development process.
Cisco Certifications 
