Interested to Buy Any Domain ? << Click Here >> for more details...
The corporate office of a company having branches worldwide,
developed a control self-assessment program (CSA) for all
its offices. Which of the following is the MOST important
requirement for a successful CSA?
A. Skills of the workshop facilitator
B. Simplicity of the questionnaire
C. Support from the audit department
D. Involvement of line managers
- 1 Answers
- 4523 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
Key to the success of a control self-assessment program is
the support and involvement of the management and staff
responsible for the process being assessed. All other
options are essential for CSA to be successful, however in
the absence of active involvement from those responsible,
the other choices will not result in a successful CSA.
| Is This Answer Correct ? | 4 Yes | 0 No |
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: A. the users may not remember to manually encrypt the data before transmission. B. the site credentials were sent to the financial services company via email. C. personnel at the consulting firm may obtain access to sensitive data. D. the use of a shared user ID to the FTP site does not allow for user accountability.
After a full operational contingency test, the IS auditor performs a review of the recovery steps and concludes that the elapsed time until the technological environment and systems were actually functioning, exceeded the required critical recovery time. Which of the following should the auditor recommend? A. Perform an integral review of the recovery tasks. B. Broaden the processing capacity to gain recovery time. C. Make improvements in the facility's circulation structure. D. Increase the amount of human resources involved in the recovery.
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
Which of the following protocols would be involved in the implementation of a router and interconnectivity device monitoring system? A. Simple network management B. File transfer C. Simple Mail Transfer Protocol D. Telnet
When auditing a mainframe operating system, what would the IS auditor do to establish which control features are in operation? A. Examine the parameters used when the system was generated B. Discuss system parameter options with the vendor C. Evaluate the systems documentation and installation guide D. Consult the systems programmers
A number of system failures are occurring when corrections to previously detected errors are resubmitted for acceptance testing. This would indicate that the maintenance team is probably not adequately performing which of the following types of testing? A. Unit testing B. Integration testing C. Design walk-throughs D. Configuration management
The method of routing traffic through split cable facilities or duplicate cable facilities is called: A. alternative routing. B. diverse routing. C. redundancy. D. circular routing.
Which of the following types of firewalls would BEST protect a network from an Internet attack? A. Screened subnet firewall B. Application filtering gateway C. Packet filtering router D. Circuit-level gateway
An IS auditor auditing hardware monitoring procedures should review A. system availability reports. B. cost-benefit reports. C. response time reports. D. database utilization reports.
Large-scale systems development efforts: A. are not affected by the use of prototyping tools. B. can be carried out independent of other organizational practices. C. require that business requirements be defined before the project begins. D. require that project phases and deliverables be defined during the duration of the project.
An integrated test facility is considered a useful audit tool because it: A. is a cost-efficient approach to auditing application controls. B. enables the financial and IS auditors to integrate their audit tests. C. compares processing output with independently calculated data. D. provides the IS auditor with a tool to analyze a large range of information.
Cisco Certifications 
