Interested to Buy Any Domain ? << Click Here >> for more details...
With regard to sampling it can be said that:
A. sampling is generally applicable when the population
relates to an intangible or undocumented control.
B. if an auditor knows internal controls are strong, the
confidence coefficient may be lowered.
C. attribute sampling would help prevent excessive sampling
of an attribute by stopping an audit test at the earliest
possible moment.
D. variable sampling is a technique to estimate the rate of
occurrence of a given control or set of related controls.
- 1 Answers
- 4320 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Statistical sampling quantifies how closely the sample
should represent the population, usually as a percentage. If
the auditor knows internal controls are strong, the
confidence coefficient may be lowered. Sampling generally is
applicable when the population relates to a tangible or
documented control. Choice C is a description of stop-or-go
sampling. Choice D is a definition of attribute sampling.
| Is This Answer Correct ? | 4 Yes | 0 No |
An IS auditor, in evaluating proposed biometric control devices reviews the false rejection rates (FRRs), false acceptance rates (FARs) and equal error rates (ERRs) of three different devices. The IS auditor should recommend acquiring the device having the: A. least ERR. B. most ERR. C. least FRR but most FAR. D. least FAR but most FRR.
In the ISO/OSI model, which of the following protocols is the FIRST to establish security for the user application? A. Session layer. B. Transport layer C. Network layer D. Presentation layer
Which of the following is critical to the selection and acquisition of the correct operating system software? A. Competitive bids B. User department approval C. Hardware-configuration analysis D. Purchasing department approval
Business continuity/disaster recovery is PRIMARILY the responsibility of: A. IS management. B. business unit managers. C. the security administrator. D. the board of directors.
Which of the following is the basic objective of a control self-assessment program?
Detection risk refers to: A. concluding that material errors do not exist, when in fact they do. B. controls that fail to detect an error. C. controls that detect high-risk errors. D. detecting an error but failing to report it.
Which of the following is widely accepted as one of the critical components in networking management? A. Configuration management B. Topological mappings C. Application of monitoring tools D. Proxy server trouble shooting
Which of the following provides a mechanism for coding and compiling programs interactively? A. Firmware B. Utility programs C. Online programming facilities D. Network management software
When implementing and application software package, which of the following presents the GREATEST risk? A. Uncontrolled multiple software versions B. Source programs that are not synchronized with object code C. Incorrectly set parameters D. Programming errors
A strength of an implemented quality system based on ISO 9001 is that it: A. guarantees quality solutions to business problems. B. results in improved software life cycle activities. C. provides clear answers to questions concerning cost-effectiveness. D. does not depend on the maturity of the implemented quality system.
Which of the following is MOST directly affected by network performance monitoring tools? A. Integrity B. Availability C. Completeness D. Confidentiality
An IS auditor performing an independent classification of systems should consider a situation where functions could be performed manually at a tolerable cost for an extended period of time as: A. critical. B. vital. C. sensitive. D. noncritical.
Cisco Certifications 
