Interested to Buy Any Domain ? << Click Here >> for more details...
In an audit of a business continuity plan, which of the
following findings is of MOST concern?
A. There is no insurance for the addition of assets during
the year.
B. BCP manual is not updated on a regular basis.
C. Testing of the backup of data has not been done regularly.
D. Records for maintenance of access system have not been
maintained.
- 1 Answers
- 11698 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
The most vital asset for a company is data. In a business
continuity plan, it is critical to ensure that data is
available. Hence, regular testing of the backup of data must
be done. If testing is not done, the organization may not be
able to retrieve data when required during a disaster;
hence, the company may lose its most valuable asset and may
not be able to recover from the disaster. The loss on
account of lack of insurance is limited to the value of
assets. If the BCP manual is not updated, the company may
find the BCP manual not fully relevant for recovery during a
disaster. However, recovery could be still possible. Non
maintenance of records in an access system will not directly
impact the relevance of the business continuity plan.
| Is This Answer Correct ? | 8 Yes | 0 No |
Linux is an __________ operating system
Which of the following BEST describes an integrated test facility? A. A technique that enables the IS auditor to test a computer application for the purpose of verifying correct processing B. The utilization of hardware and/or software to review and test the functioning of a computer system C. A method of using special programming options to permit printout of the path through a computer program taken to process a specific transaction D. A procedure for tagging and extending transactions and master records that are used by an IS auditor for tests
Neural networks are effective in detecting fraud because they can: A. discover new trends since they are inherently linear. B. solve problems where large and general sets of training data are not obtainable. C. attack problems that require consideration of a large number of input variables. D. make assumptions about the shape of any curve relating variables to the output.
The BEST method of proving the accuracy of a system tax calculation is by: A. detailed visual review and analysis of the source code of the calculation programs. B. recreating program logic using generalized audit software to calculate monthly totals. C. preparing simulated transactions for processing and comparing the results to predetermined results. D. automatic flowcharting and analysis of the source code of the calculation programs.
The PRIMARY reason for replacing checks (cheques) with EFT systems in the accounts payable area is to: A. make the payment process more efficient. B. comply with international EFT banking standards. C. decrease the number of paper-based payment forms. D. reduce the risk of unauthorized changes to payment transactions.
Electronic signatures can prevent messages from being: A. suppressed. B. repudiated. C. disclosed. D. copied.
The database administrator has recently informed you of the decision to disable certain normalization controls in the database management system (DBMS) software to provide users with increased query performance. This will MOST likely increase the risk of: A. loss of audit trails. B. redundancy of data. C. loss of data integrity. D. unauthorized access to data.
Which of the following is an implementation risk within the process of decision support systems? A. Management control B. Semistructured dimensions C. Inability to specify purpose and usage patterns D. Changes in decision processes
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
Sales orders are automatically numbered sequentially at each of a retailer's multiple outlets. Small orders are processed directly at the outlets, with large orders sent to a central production facility. The MOST appropriate control to ensure that all orders transmitted to production are received and processed would be to: A. send and reconcile transaction counts and totals. B. have data transmitted back to the local site for comparison. C. compare data communications protocols with parity checking. D. track and account for the numerical sequence of sales orders at the production facility.
Which of the following reports should an IS auditor use to check compliance with a service level agreement (SLA) requirement for uptime? A. Utilization reports B. Hardware error reports C. System logs D. Availability reports
An Internet-based attack using password sniffing can: A. enable one party to act as if they are another party. B. cause modification to the contents of certain transactions. C. be used to gain access to systems containing proprietary information. D. result in major problems with billing systems and transaction processing agreements.
Cisco Certifications 
