Interested to Buy Any Domain ? << Click Here >> for more details...
In reviewing the IS short-range (tactical) plan, the IS
auditor should determine whether:
A. there is an integration of IS and business staffs within
projects.
B. there is a clear definition of the IS mission and vision.
C. there is a strategic information technology planning
methodology in place.
D. the plan correlates business objectives to IS goals and
objectives.
- 1 Answers
- 9277 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: A
The integration of IS and business staff in projects is an
operational issue and should be considered while reviewing
the short-range plan. A strategic plan would provide a
framework for the IS short-range plan. Choices B, C, and D
are areas covered by a strategic plan.
| Is This Answer Correct ? | 10 Yes | 0 No |
To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is: A. during data preparation. B. in transit to the computer. C. between related computer runs. D. during the return of the data to the user department.
Responsibility and reporting lines cannot always be established when auditing automated systems since: A. diversified control makes ownership irrelevant. B. staff traditionally change jobs with greater frequency. C. ownership is difficult to establish where resources are shared. D. duties change frequently in the rapid development of technology.
Which of the following concerns associated with the World Wide Web would be addressed by a firewall? A. Unauthorized access from outside the organization B. Unauthorized access from within the organization C. A delay in Internet connectivity D. A delay in downloading using file transfer protocol (FTP)
Applying a digital signature to data traveling in a network provides: A. confidentiality and integrity. B. security and nonrepudiation. C. integrity and nonrepudiation. D. confidentiality and nonrepudiation.
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
A LAN administrator normally would be restricted from: A. having end-user responsibilities. B. reporting to the end-user manager. C. having programming responsibilities. D. being responsible for LAN security administration.
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
Functional acknowledgements are used: A. as an audit trail for EDI transactions. B. to functionally describe the IS department. C. to document user roles and responsibilities. D. as a functional description of application software.
At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.
As a result of a business process reengineering (BPR) project: A. an IS auditor would be concerned with the key controls that existed in the prior business process and not those in the new process. B. system processes are automated in such a way that there are more manual interventions and manual controls. C. the newly designed business processes usually do not involve changes in the way(s) of doing business. D. advantages usually are realized when the reengineering process appropriately suits the business and risk.
Which of the following is a management technique that enables organizations to develop strategically important systems faster while reducing development costs and maintaining quality? A. Function point analysis B. Critical path methodology C. Rapid application development D. Program evaluation review technique
Cisco Certifications 
