Interested to Buy Any Domain ? << Click Here >> for more details...
The implementation of cost-effective controls in an
automated system is ultimately the responsibility of the:
A. system administrator.
B. quality assurance function.
C. business unit management.
D. chief of internal audit.
- 1 Answers
- 6435 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
It is the business unit management's responsibility to
implement cost effective controls in an automated system.
They are the best group in an organization to know which
information assets need to be secured in terms of
availability, confidentiality and integrity. System
administrators take care of services related to the system
requirements of the user management group. The quality
assurance function addresses the overall quality of the
systems. The audit group will assess or examine the
compliance level of the controls with written policies,
procedures or practices.
| Is This Answer Correct ? | 6 Yes | 0 No |
A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it: A. can identify high-risk areas that might need a detailed review later. B. allows IS auditors to independently assess risk. C. can be used as a replacement for traditional audits. D. allows management to relinquish responsibility for control.
When developing a risk management program, the FIRST activity to be performed is a/an: A. threats assessment. B. classification of data. C. inventory of assets. D. criticality analysis.
Which of the following functions, if combined, would be the GREATEST risk to an organization? A. Systems analyst and database administrator B. Quality assurance and computer operator C. Tape librarian and data entry clerk D. Application programmer and tape librarian
A primary benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
Which of the following would be the BEST method for ensuring that critical fields in a master record have been updated properly? A. Field checks B. Control totals C. Reasonableness checks D. A before-and-after maintenance report
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
Which of the following tests is an IS auditor performing when a sample of programs is selected to determine if the source and object versions are the same? A. A substantive test of program library controls B. A compliance test of program library controls C. A compliance test of the program compiler controls D. A substantive test of the program compiler controls
Access rules normally are included in which of the following documentation categories? A. Technical reference documentation B. User manuals C. Functional design specifications D. System development methodology documents
Linux is an __________ operating system
Which of the following environmental controls is appropriate to protect computer equipment against short-term reductions in electrical power? A. Power line conditioners B. A surge protective device C. An alternative power supply D. An interruptible power supply
Which of the following is the MOST important function to be performed by IS management when a service has been outsource? A. Ensuring that invoices are paid to the provider B. Participating in systems design with the provider C. Renegotiating the provider's fees D. Monitoring the outsourcing provider's performance
When conducting an audit of client/server database security, the IS auditor would be MOST concerned about the availability of: A. system utilities. B. application program generators. C. system security documentation. D. access to stored procedures.
Cisco Certifications 
