Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

Which of the following is a function of an IS steering
committee?

A. Monitoring vendor controlled change control and testing

B. Ensuring a separation of duties within the information's
processing environment

C. Approving and monitoring major projects, the status of IS
plans and budgets

D. Responsible for liaison between the IS department and the
end users

Question Posted / guest


Which of the following is a function of an IS steering committee? A. Monitoring vendor controlle..

Answer / guest

Answer: C

The IS steering committee typically serves as a general
review board for major IS projects and should not become
involved in routine operations, therefore, one of its
functions is to approve and monitor major projects, the
status of IS plans and budgets. Vendor change control is an
outsourcing issue and should be monitored by IS management.
Ensuring a separation of duties within the information's
processing environment is an IS management responsibility.
Liaison between the IS department and the end users is a
function of the individual parties and not a committee.

Is This Answer Correct ?    6 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Accountability for the maintenance of appropriate security measures over information assets resides with the: A. security administrator. B. systems administrator. C. data and systems owners. D. systems operations group.

2 Answers  

Which of the following pairs of functions should not be combined to provide proper segregation of duties? A. Tape librarian and computer operator B. Application programming and data entry C. Systems analyst and database administrator D. Security administrator and quality assurance

3 Answers  

Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.

1 Answers  

Which of the following is critical to the selection and acquisition of the correct operating system software? A. Competitive bids B. User department approval C. Hardware-configuration analysis D. Purchasing department approval

1 Answers  

Which of the following is a measure of the size of an information system based on the number and complexity of a system?s inputs, outputs and files? A. Function point (FP) B. Program evaluation review technique (PERT) C. Rapid application design (RAD) D. Critical path method (CPM)

2 Answers  

The development of an IS security policy is ultimately the responsibility of the: A. IS department. B. security committee. C. security administrator. D. board of directors.

1 Answers  

Naming conventions for system resources are important for access control because they: A. ensure that resource names are not ambiguous. B. reduce the number of rules required to adequately protect resources. C. ensure that user access to resources is clearly and uniquely identified. D. ensure that internationally recognized names are used to protect resources.

1 Answers  

A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.

1 Answers  

In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. there is a strategic information technology planning methodology in place. D. the plan correlates business objectives to IS goals and objectives.

1 Answers  

Which of the following provides the framework for designing and developing logical access controls? A. Information systems security policy B. Access control lists C. Password management D. System configuration files

2 Answers  

To prevent unauthorized entry to the data maintained in a dial-up fast response system, an IS auditor should recommend: A. online terminals be placed in restricted areas. B. online terminals be equipped with key locks. C. ID cards be required to gain access to online terminals. D. online access be terminated after three unsuccessful attempts.

1 Answers  

Which of the following represents the MOST pervasive control over application development? A. IS auditors B. Standard development methodologies C. Extensive acceptance testing D. Quality assurance groups

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)