Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

Which of the following audit procedures would an IS auditor
be LEAST likely to include in a security audit?

A. Review the effectiveness and utilization of assets.

B. Test to determine that access to assets is adequate.

C. Validate physical, environmental and logical access
policies per job profiles.

D. Evaluate asset safeguards and procedures that prevent
unauthorized access to the assets.

Question Posted / guest


Which of the following audit procedures would an IS auditor be LEAST likely to include in a securit..

Answer / guest

Answer: A

Reviewing the effectiveness and utilization of assets is not
within the purview of a security audit. Security audits
primarily focus on the evaluation of the policies and
procedures that ensure the confidentiality, integrity and
availability of data. During an audit of security the IS
auditor would normally review access to assets, and validate
the physical and environmental controls to the extent
necessary to satisfy the audit requirements. The IS auditor
would also review logical access policies and compare them
to job profiles to ensure that excessive access has not been
granted. The review also would include an evaluation of
asset safeguards and procedures to prevent unauthorized
access to assets.

Is This Answer Correct ?    5 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.

1 Answers  

Confidential data residing on a PC is BEST protected by: A. a password. B. file encryption. C. removable diskettes. D. a key operated power source.

1 Answers  

Which of the following is the MOST reliable sender authentication method? A. Digital signatures B. Asymmetric cryptography C. Digital certificates D. Message authentication code

2 Answers  

When auditing a mainframe operating system, what would the IS auditor do to establish which control features are in operation? A. Examine the parameters used when the system was generated B. Discuss system parameter options with the vendor C. Evaluate the systems documentation and installation guide D. Consult the systems programmers

1 Answers  

Which of the following processes is the FIRST step in developing a business continuity and disaster recovery plan for an organization? A. Alternate site selection B. Business impact analysis C. Test procedures and frequency D. Information classification

1 Answers  

Which of the following is the most important element in the design of a data warehouse? A. Quality of the metadata B. Speed of the transactions C. Volatility of the data D. Vulnerability of the system

1 Answers  

Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is best ensured by: A. database integrity checks. B. validation checks. C. input controls. D. database commits and rollbacks.

1 Answers  

The knowledge base of an expert system that uses questionnaires to lead the user through a series of choices before a conclusion is reached is known as: A. rules. B. decision trees. C. semantic nets. D. data flow diagrams.

1 Answers  

Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.

1 Answers  

An IS auditor has been assigned to conduct a test that compares job run logs to computer job schedules. Which of the following observations would be of the GREATEST concern to the IS auditor? A. There are a growing number of emergency changes. B. There were instances when some jobs were not completed on time. C. There were instances when some jobs were overridden by computer operators. D. Evidence shows that only scheduled jobs were run.

1 Answers  

Accountability for the maintenance of appropriate security measures over information assets resides with the: A. security administrator. B. systems administrator. C. data and systems owners. D. systems operations group.

2 Answers  

Which of the following would be the BEST population to take a sample from when testing program changes? A. Test library listings B. Source program listings C. Program change requests D. Production library listings

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)