Topic 1: Exam Pool A
A company has implemented an IT segregation of duties policy In a role-based environment, which of the following roles may be assigned to an application developer?
A.
Database administration
B.
Emergency support
C.
IT operator
D.
System administration
Which of the following would be an appropriate role of internal audit in helping to establish an organization’s privacy program?
A.
Analyzing risks posed by new regulations
B.
Developing procedures to monitor the use of personal data
C.
Defining roles within the organization related to privacy
D.
Designing controls to protect personal data
An IS auditor is examining a front-end sub ledger and a main ledger Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
A.
Double-posting of a single journal entry
B.
Inaccuracy of financial reporting
C.
Unauthorized alteration of account attributes
D.
inability to support new business Transactions
An IS auditor reviewing the acquisition of new equipment would consider which of the following to be a significant weakness?
A.
Evaluation criteria when finalized after the initial assessment of responses
B.
Staff involved in the evaluation were aware of the vendors being evaluated.
C.
Independent consultants prepared the request for proposal (RFP) documents.
D.
The closing date for responses was extended after a request from potential vendors
Which of the following types of controls would BEST facilitate a root cause analysis for an information security incident?
A.
Corrective
B.
Preventive
C.
Detective
D.
Directive
Page 4 out of 204 Pages |
Previous |