Interested to Buy Any Domain ? << Click Here >> for more details...
At the end of the testing phase of software development, an
IS auditor observes that an intermittent software error has
not been corrected. No action has been taken to resolve the
error. The IS auditor should:
A. report the error as a finding and leave further
exploration to the auditee's discretion.
B. attempt to resolve the error.
C. recommend that problem resolution be escalated.
D. ignore the error, as it is not possible to get objective
evidence for the software error.
- 1 Answers
- 6372 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
When an auditor observes such conditions, it is best to
fully apprise the auditee and suggest that further problem
resolutions be attempted. Recording it as a minor error and
leaving it to auditee's discretion would be inappropriate,
and neglecting the error would indicate that the auditor has
not taken steps to further probe the issue to its logical end.
| Is This Answer Correct ? | 4 Yes | 0 No |
A call-back system requires that a user with an id and password call a remote server through a dial-up line, then the server disconnects and: A. dials back to the user machine based on the user id and password using a telephone number from its database. B. dials back to the user machine based on the user id and password using a telephone number provided by the user during this connection. C. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using its database. D. waits for a redial back from the user machine for reconfirmation and then verifies the user id and password using the sender's database.
Which of the following is a function of an IS steering committee? A. Monitoring vendor controlled change control and testing B. Ensuring a separation of duties within the information's processing environment C. Approving and monitoring major projects, the status of IS plans and budgets D. Responsible for liaison between the IS department and the end users
When a systems development life cycle (SDLC) methodology is inadequate, the MOST serious immediate risk is that the new system will: A. be completed late. B. exceed the cost estimates. C. not meet business and user needs. D. be incompatible with existing systems.
Which of the following is the MOST important consideration when developing a business continuity plan for a bank? A. Antivirus software B. Naming standards C. Customer balance list D. Password policy
Which of the following would BEST support 24/7 availability? A. Daily backup B. Offsite storage C. Mirroring D. Periodic testing
A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.
A hacker could obtain passwords without the use of computer tools or programs through the technique of: A. social engineering. B. sniffers. C. backdoors. D. trojan horses.
In a risk-based audit approach an IS auditor should FIRST complete a/an: A. inherent risk assessment. B. control risk assessment. C. test of control assessment. D. substantive test assessment.
Which of the following ensures completeness and accuracy of accumulated data? A. Processing control procedures B. Data file control procedures C. Output controls D. Application controls
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
52. Which of the following tests confirm that the new system can operate in its target environment?
Cisco Certifications 
