Interested to Buy Any Domain ? << Click Here >> for more details...
A long-term IS employee with a strong technical background
and broad managerial experience has applied for a vacant
position in the IS audit department. Determining whether to
hire this individual for this position should be based on
the individual's experience and:
A. the length of service since this will help ensure
technical competence.
B. age as training in audit techniques may be impractical.
C. IS knowledge since this will bring enhanced credibility
to the audit function.
D. ability, as an IS auditor, to be independent of existing
IS relationships.
- 2 Answers
- 8045 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
Independence should be continually assessed by the auditor
and management. This assessment should consider such factors
as changes in personal relationships, financial interests
and prior job assignments and responsibilities. The fact
that the employee has worked in IS for many years may not in
itself ensure credibility. The audit department's needs
should be defined and any candidate should be evaluated
against those requirements. In addition, the length of
service will not ensure technical competency, and evaluating
an individual's qualifications based on the age of the
individual is not a good criterion and is illegal in many
parts of the world.
| Is This Answer Correct ? | 6 Yes | 0 No |
Answer / guest
D. ability, as an IS auditor, to be independent of existing
IS relationships.
| Is This Answer Correct ? | 5 Yes | 0 No |
Failure to adequately define or manage the requirements for a system can result in a number of risks. The GREATEST risk is: A. inadequate user involvement. B. inadequate allocation of resources. C. scope creep. D. an incorrect estimation of the critical path.
Structured programming is BEST described as a technique that: A. provides knowledge of program functions to other programmers via peer reviews. B. reduces the maintenance time of programs by the use of small-scale program modules. C. makes the readable coding reflect as closely as possible the dynamic execution of the program. D. controls the coding and testing of the high-level functions of the program in the development process.
The risk of an IS auditor using an inadequate test procedure and concluding that material errors do not exist when, in fact, they exist is:
Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents
Which of the following activities should the business continuity manager perform FIRST after the replacement of hardware at the primary information processing facility? A. Verify compatibility with the hot site. B. Review the implementation report. C. Perform a walk-through of the DRP. D. Update the IS assets inventory.
The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers
The feature of a digital signature that ensures the sender cannot later deny generating and sending the message is: A. data integrity. B. authentication. C. nonrepudiation. D. replay protection.
Which of the following methods of providing telecommunication continuity involves routing traffic through split- or duplicate-cable facilities? A. Diverse routing B. Alternative routing C. Redundancy D. Long haul network diversity
An IS auditor, performing a review of an application?s controls, discovers a weakness in system software, which could materially impact the application. The IS auditor should: A. Disregard these control weaknesses as a system software review is beyond the scope of this review. B. Conduct a detailed system software review and report the control weaknesses. C. Include in the report a statement that the audit was limited to a review of the application?s controls. D. Review the system software controls as relevant and recommend a detailed system software review.
Which of the following is an IS control objective? A. Output reports are locked in a safe place. B. Duplicate transactions do not occur. C. System backup/recovery procedures are updated periodically. D. System design and development meet users' requirements.
An advantage of the use of hot sites as a backup alternative is that: A. the costs associated with hot sites are low. B. hot sites can be used for an extended amount of time. C. hot sites can be made ready for operation within a short period of time. D. they do not require that equipment and systems software be compatible with the primary site.
Which of the following audit tools is MOST useful to an IS auditor when an audit trail is required? A. Integrated test facility (ITF) B. Continuous and intermittent simulation (CIS) C. Audit hooks D. Snapshots
Cisco Certifications 
