Which of the following would contribute MOST to an effective
business continuity plan (BCP)? The BCP:
A. document was circulated to all interested parties.
B. planning involved all user departments.
C. was approved by senior management.
D. was audited by an external IS auditor.
- 1 Answers
- 7791 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The involvement of user departments in the BCP is crucial
for the identification of the business processing
priorities. The BCP circulation will ensure that the BCP
document is received by all users, though essential, this
does not contribute significantly to the success of the BCP.
A BCP approved by senior management would not ensure the
quality of the BCP, nor would an audit necessarily improve
the quality of the BCP.
| Is This Answer Correct ? | 2 Yes | 0 No |
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
Which of the following is an output control objective? A. Maintenance of accurate batch registers B. Completeness of batch processing C. Appropriate accounting for rejections and exceptions D. Authorization of file updates
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
An organization is experiencing a growing backlog of undeveloped applications. As part of a plan to eliminate this backlog, end-user computing with prototyping, supported by the acquisition of an interactive application generator system is being introduced. Which of the following areas is MOST critical to the ultimate success of this venture? A. Data control B. Systems analysis C. Systems programming D. Application programming
Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors
With regard to sampling it can be said that: A. sampling is generally applicable when the population relates to an intangible or undocumented control. B. if an auditor knows internal controls are strong, the confidence coefficient may be lowered. C. attribute sampling would help prevent excessive sampling of an attribute by stopping an audit test at the earliest possible moment. D. variable sampling is a technique to estimate the rate of occurrence of a given control or set of related controls.
The risk that an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when, in fact, they do, is an example of: A. inherent risk. B.control risk. C. detection risk. D. audit risk.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
Which of the following would be included in an IS strategic plan? A. Specifications for planned hardware purchases B. Analysis of future business objectives C. Target dates for development projects D. Annual budgetary targets for the IS department
The PRIMARY purpose of undertaking a parallel run of a new system is to: A. verify that the system provides required business functionality. B. validate the operation of the new system against its predecessor. C. resolve any errors in the program and file interfaces. D. verify that the system can process the production load.
Which of the following is a detective control? A. Physical access controls B. Segregation of duties C. Backup procedures D. Audit trails
Which of the following is a measure of the size of an information system based on the number and complexity of a system's inputs, outputs and files? A. Program evaluation review technique (PERT) B. Rapid application development (RAD) C. Function point analysis (FPA) D. Critical path method (CPM)
Cisco Certifications 
