Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is the basic objective of a control
self-assessment program?
- 4 Answers
- 6988 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / bbb
A. Concentration on areas of high risk
B. Completion of control questionnaires
C.Replacement of audit responsibilities
D. Collaborative facilitative workshops
| Is This Answer Correct ? | 5 Yes | 1 No |
52. Which of the following tests confirm that the new system can operate in its target environment?
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
Electronic signatures can prevent messages from being: A. suppressed. B. repudiated. C. disclosed. D. copied.
The risk that an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when, in fact, they do, is an example of: A. inherent risk. B.control risk. C. detection risk. D. audit risk.
Responsibility and reporting lines cannot always be established when auditing automated systems since: A. diversified control makes ownership irrelevant. B. staff traditionally change jobs with greater frequency. C. ownership is difficult to establish where resources are shared. D. duties change frequently in the rapid development of technology.
The method of routing traffic through split cable facilities or duplicate cable facilities is called: A. alternative routing. B. diverse routing. C. redundancy. D. circular routing.
Which of the following would be the LEAST helpful in restoring service from an incident currently underway? A. Developing a database repository of past incidents and actions to facilitate future corrective actions B. Declaring the incident, which not only helps to carry out corrective measures, but also improves the awareness level C. Developing a detailed operations plan that outlines specific actions to be taken to recover from an incident D. Establishing multidisciplinary teams consisting of executive management, security staff, information systems staff, legal counsel, public relations, etc., to carry out the response.
The impact of EDI on internal controls will be: A. that fewer opportunities for review and authorization will exist. B. an inherent authentication. C. a proper distribution of EDI transactions while in the possession of third parties. D. that IPF management will have increased responsibilities over data center controls.
An IS auditor reviewing the key roles and responsibilities of the database administrator (DBA) is LEAST likely to expect the job description of the DBA to include: A. defining the conceptual schema. B. defining security and integrity checks. C. liaising with users in developing data model. D. mapping data model with the internal schema.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
Compensating controls are intended to: A. reduce the risk of an existing or potential control weakness. B. predict potential problems before they occur. C. remedy problems discovered by detective controls. D. report errors or omissions.
Which of the following is MOST effective in controlling application maintenance? A. Informing users of the status of changes B. Establishing priorities on program changes C. Obtaining user approval of program changes D. Requiring documented user specifications for changes
Cisco Certifications 
