Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is a function of an IS steering
committee?
A. Monitoring vendor controlled change control and testing
B. Ensuring a separation of duties within the information's
processing environment
C. Approving and monitoring major projects, the status of IS
plans and budgets
D. Responsible for liaison between the IS department and the
end users
- 1 Answers
- 9579 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The IS steering committee typically serves as a general
review board for major IS projects and should not become
involved in routine operations, therefore, one of its
functions is to approve and monitor major projects, the
status of IS plans and budgets. Vendor change control is an
outsourcing issue and should be monitored by IS management.
Ensuring a separation of duties within the information's
processing environment is an IS management responsibility.
Liaison between the IS department and the end users is a
function of the individual parties and not a committee.
| Is This Answer Correct ? | 6 Yes | 0 No |
A programmer included a routine into a payroll application to search for his/her own payroll number. As a result, if this payroll number does not appear during the payroll run, a routine will generate and place random numbers onto every paycheck. This routine is known as: A. scavenging. B. data leakage. C. piggybacking. D. a trojan horse.
An IS auditor is reviewing the database administration function to ascertain whether adequate provision has been made for controlling data. The IS auditor should determine that the: A. function reports to data processing operations. B. responsibilities of the function are well defined. C. database administrator is a competent systems programmer. D. audit software has the capability of efficiently accessing the database.
An IS auditor performing a telecommunication access control review should be concerned PRIMARILY with the: A. maintenance of access logs of usage of various system resources. B. authorization and authentication of the user prior to granting access to system resources. C. adequate protection of stored data on servers by encryption or other means. D. accountability system and the ability to identify any terminal accessing system resources.
A debugging tool, which reports on the sequence of steps executed by a program, is called a/an: A. output analyzer. B. memory dump. C. compiler. D. logic path monitor.
Which of the following is a check (control) for completeness? A. Check digits B. Parity bits C. One-for-one checking D. Prerecorded input
An IS steering committee should: A. include a mix of members from different departments and staff levels. B. ensure that IS security policies and procedures have been executed properly. C. have formal terms of reference and maintain minutes of its meetings. D. be briefed about new trends and products at each meeting by a vendor.
A disaster recovery plan (DRP) for an organization should: A. reduce the length of the recovery time and the cost of recovery. B. increase the length of the recovery time and the cost of recovery. C. reduce the duration of the recovery time and increase the cost of recovery. D. not affect the recovery time nor the cost of recovery.
Data flow diagrams are used by IS auditors to: A. order data hierarchically. B. highlight high-level data definitions. C. graphically summarize data paths and storage. D. portray step-by-step details of data generation.
An organization is proposing to install a single sign-on facility giving access to all systems. The organization should be aware that: A. Maximum unauthorized access would be possible if a password is disclosed. B. User access rights would be restricted by the additional security parameters. C. The security administrator?s workload would increase. D. User access rights would be increased.
A company disposing of personal computers that once were used to store confidential data should first: A. demagnetize the hard disk. B. low-level format the hard disk. C. delete all data contained on the hard disk. D. defragment the data contained on the hard disk.
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
The PRIMARY objective of conducting a post-implementation review is to assess whether the system A) achieved the desired objectives B) provides for backup and recovery C) provides for information security D) documentation is clear and understandable
Cisco Certifications 
