Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following components of a business continuity
plan is PRIMARILY the responsibility of an organization?s IS
department?
A. Developing the business continuity plan
B. Selecting and approving the strategy for business
continuity plan
C. Declaring a disaster
D. Restoring the IS systems and data after a disaster
- 1 Answers
- 7328 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
The correct choice is restoring the IT systems and data
after a disaster. The IT department of an organization is
primarily responsible for restoring the IT systems and data
after a disaster at the earliest possible time. The senior
management of the organization is primarily responsible for
developing the business continuity plan for an organization.
They are also responsible for selecting and approving the
strategy for developing and implementing a detailed business
continuity plan. The organization should identify a person
in management as responsible for declaring a disaster.
Although IT is involved in all the other three components,
it is not primarily responsible for them.
| Is This Answer Correct ? | 4 Yes | 0 No |
Which of the following audit techniques would an IS auditor place the MOST reliance on when determining whether an employee practices good preventive and detective security measures? A. Observation B. Detail testing C. Compliance testing D. Risk assessment
An IS steering committee should: A. include a mix of members from different departments and staff levels. B. ensure that IS security policies and procedures have been executed properly. C. have formal terms of reference and maintain minutes of its meetings. D. be briefed about new trends and products at each meeting by a vendor.
Digital signatures require the: A. signer to have a public key and the receiver to have a private key. B. signer to have a private key and the receiver to have a public key. C. signer and receiver to have a public key. D. signer and receiver to have a private key.
Failure to adequately define or manage the requirements for a system can result in a number of risks. The GREATEST risk is: A. inadequate user involvement. B. inadequate allocation of resources. C. scope creep. D. an incorrect estimation of the critical path.
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include: A. defining the conceptual schema. B. defining security and integrity checks. C. liaising with users in developing data model. D. mapping data model with the internal schema.
Which of the following is a concern when data is transmitted through secure socket layer (SSL) encryption implemented on a trading partner's server? A. Organization does not have control over encryption. B. Messages are subjected to wire tapping. C. Data might not reach the intended recipient. D. The communication may not be secure.
Which of the following methods of providing telecommunication continuity involves routing traffic through split- or duplicate-cable facilities? A. Diverse routing B. Alternative routing C. Redundancy D. Long haul network diversity
An IS auditor when reviewing a network used for Internet communications, will FIRST examine the: A. validity of passwords change occurrences. B. architecture of the client-server application. C. network architecture and design. D. firewall protection and proxy servers.
When reviewing the IT strategic planning process, an IS auditor should ensure that the plan: A. incorporates state of the art technology. B. addresses the required operational controls. C. articulates the IT mission and vision. D. specifies project management practices.
During a post-implementation review of an enterprise resource management system, an IS auditor would MOST likely: A. review access control configuration. B. evaluate interface testing. C. review detailed design documentation. D. evaluate system testing.
Online banking transactions are being posted to the database when processing suddenly comes to a halt. The integrity of the transaction processing is best ensured by: A. database integrity checks. B. validation checks. C. input controls. D. database commits and rollbacks.
Cisco Certifications 
