An IS auditor is examining a front-end subledger and a main ledger.
Which of the following would be the GREATEST concern if there are flaws in the mapping of accounts between the two systems?
- A . Double-posting of a single journal entry
- B . Inability to support new business transactions
- C . Unauthorized alteration of account attributes
- D . Inaccuracy of financial reporting
What is MOST important to verify during an external assessment of network vulnerability?
- A . Update of security information event management (SIEM) rules
- B . Regular review of the network security policy
- C . Completeness of network asset inventory
- D . Location of intrusion detection systems (IDS)
Which of the following is the PRIMARY advantage of parallel processing for a new system implementation?
- A . Assurance that the new system meets functional requirements
- B . More time for users to complete training for the new system
- C . Significant cost savings over other system implemental or approaches
- D . Assurance that the new system meets performance requirements
A system development project is experiencing delays due to ongoing staff shortages.
Which of the following strategies would provide the GREATEST assurance of system quality at implementation?
- A . Implement overtime pay and bonuses for all development staff.
- B . Utilize new system development tools to improve productivity.
- C . Recruit IS staff to expedite system development.
- D . Deliver only the core functionality on the initial target date.
Which of the following is MOST important to ensure when developing an effective security awareness program?
- A . Training personnel are information security professionals.
- B . Phishing exercises are conducted post-training.
- C . Security threat scenarios are included in the program content.
- D . Outcome metrics for the program are established.
An online retailer is receiving customer complaints about receiving different items from what they ordered on the organization’s website. The root cause has been traced to poor data quality. Despite efforts to clean erroneous data from the system, multiple data quality issues continue to occur.
Which of the following recommendations would be the BEST way to reduce the likelihood of future occurrences?
- A . Assign responsibility for improving data quality.
- B . Invest in additional employee training for data entry.
- C . Outsource data cleansing activities to reliable third parties.
- D . Implement business rules to validate employee data entry.
Which of the following is the BEST recommendation to prevent fraudulent electronic funds transfers by accounts payable employees?
- A . Periodic vendor reviews
- B . Dual control
- C . Independent reconciliation
- D . Re-keying of monetary amounts
- E . Engage an external security incident response expert for incident handling.
Which of the following demonstrates the use of data analytics for a loan origination process?
- A . Evaluating whether loan records are included in the batch file and are validated by the servicing system
- B . Comparing a population of loans input in the origination system to loans booked on the servicing system
- C . Validating whether reconciliations between the two systems are performed and discrepancies are investigated
- D . Reviewing error handling controls to notify appropriate personnel in the event of a transmission failure
During the discussion of a draft audit report. IT management provided suitable evidence fiat a process has been implemented for a control that had been concluded by the IS auditor as Ineffective.
Which of the following is the auditor’s BEST action?
- A . Explain to IT management that the new control will be evaluated during follow-up
- B . Re-perform the audit before changing the conclusion.
- C . Change the conclusion based on evidence provided by IT management.
- D . Add comments about the action taken by IT management in the report.
Which of the following is the BEST compensating control when segregation of duties is lacking in a small IS department?
- A . Background checks
- B . User awareness training
- C . Transaction log review
- D . Mandatory holidays
Which of the following is the MOST effective way for an organization to project against data loss?
- A . Limit employee internet access.
- B . Implement data classification procedures.
- C . Review firewall logs for anomalies.
- D . Conduct periodic security awareness training.
While executing follow-up activities, an IS auditor is concerned that management has implemented corrective actions that are different from those originally discussed and agreed with the audit function. In order to resolve the situation, the IS auditor’s BEST course of action would be to:
- A . re-prioritize the original issue as high risk and escalate to senior management.
- B . schedule a follow-up audit in the next audit cycle.
- C . postpone follow-up activities and escalate the alternative controls to senior audit management.
- D . determine whether the alternative controls sufficiently mitigate the risk.
An IS auditor has found that an organization is unable to add new servers on demand in a cost-efficient manner.
Which of the following is the auditor’s BEST recommendation?
- A . Increase the capacity of existing systems.
- B . Upgrade hardware to newer technology.
- C . Hire temporary contract workers for the IT function.
- D . Build a virtual environment.
An IS auditor notes that several employees are spending an excessive amount of time using social media sites for personal reasons.
Which of the following should the auditor recommend be performed FIRST?
- A . Implement a process to actively monitor postings on social networking sites.
- B . Adjust budget for network usage to include social media usage.
- C . Use data loss prevention (DLP) tools on endpoints.
- D . implement policies addressing acceptable usage of social media during working hours.
The PRIMARY advantage of object-oriented technology is enhanced:
- A . efficiency due to the re-use of elements of logic.
- B . management of sequential program execution for data access.
- C . grouping of objects into methods for data access.
- D . management of a restricted variety of data types for a data object.
An IS auditor is following up on prior period items and finds management did not address an audit finding.
Which of the following should be the IS auditor’s NEXT course of action?
- A . Note the exception in a new report as the item was not addressed by management.
- B . Recommend alternative solutions to address the repeat finding.
- C . Conduct a risk assessment of the repeat finding.
- D . Interview management to determine why the finding was not addressed.
From an IS auditor’s perspective, which of the following would be the GREATEST risk associated with an incomplete inventory of deployed software in an organization?
- A . Inability to close unused ports on critical servers
- B . Inability to identify unused licenses within the organization
- C . Inability to deploy updated security patches
- D . Inability to determine the cost of deployed software
An IS auditor discovers an option in a database that allows the administrator to directly modify any table. This option is necessary to overcome bugs in the software, but is rarely used. Changes to tables are automatically logged.
The IS auditor’s FIRST action should be to:
- A . recommend that the option to directly modify the database be removed immediately.
- B . recommend that the system require two persons to be involved in modifying the database.
- C . determine whether the log of changes to the tables is backed up.
- D . determine whether the audit trail is secured and reviewed.
During the implementation of an upgraded enterprise resource planning (ERP) system, which of the following is the MOST important consideration for a go-live decision?
- A . Rollback strategy
- B . Test cases
- C . Post-implementation review objectives
- D . Business case
What should be the PRIMARY basis for selecting which IS audits to perform in the coming year?
- A . Senior management’s request
- B . Prior year’s audit findings
- C . Organizational risk assessment
- D . Previous audit coverage and scope
Coding standards provide which of the following?
- A . Program documentation
- B . Access control tables
- C . Data flow diagrams
- D . Field naming conventions
Which of the following components of a risk assessment is MOST helpful to management in determining the level of risk mitigation to apply?
- A . Risk identification
- B . Risk classification
- C . Control self-assessment (CSA)
- D . Impact assessment
An organization’s enterprise architecture (EA) department decides to change a legacy system’s components while maintaining its original functionality.
Which of the following is MOST important for an IS auditor to understand when reviewing this decision?
- A . The current business capabilities delivered by the legacy system
- B . The proposed network topology to be used by the redesigned system
- C . The data flows between the components to be used by the redesigned system
- D . The database entity relationships within the legacy system
During an ongoing audit, management requests a briefing on the findings to date.
Which of the following is the IS auditor’s BEST course of action?
- A . Review working papers with the auditee.
- B . Request the auditee provide management responses.
- C . Request management wait until a final report is ready for discussion.
- D . Present observations for discussion only.
A data breach has occurred due lo malware.
Which of the following should be the FIRST course of action?
- A . Notify the cyber insurance company.
- B . Shut down the affected systems.
- C . Quarantine the impacted systems.
- D . Notify customers of the breach.
An IS auditor will be testing accounts payable controls by performing data analytics on the entire population of transactions.
Which of the following is MOST important for the auditor to confirm when sourcing the population data?
- A . The data is taken directly from the system.
- B . There is no privacy information in the data.
- C . The data can be obtained in a timely manner.
- D . The data analysis tools have been recently updated.
Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?
- A . Write access to production program libraries
- B . Write access to development data libraries
- C . Execute access to production program libraries
- D . Execute access to development program libraries
Which of the following should be the PRIMARY basis for prioritizing follow-up audits?
- A . Audit cycle defined in the audit plan
- B . Complexity of management’s action plans
- C . Recommendation from executive management
- D . Residual risk from the findings of previous audits
Which of the following is the MOST important benefit of involving IS audit when implementing governance of enterprise IT?
- A . Identifying relevant roles for an enterprise IT governance framework
- B . Making decisions regarding risk response and monitoring of residual risk
- C . Verifying that legal, regulatory, and contractual requirements are being met
- D . Providing independent and objective feedback to facilitate improvement of IT processes
Which of the following strategies BEST optimizes data storage without compromising data retention practices?
- A . Limiting the size of file attachments being sent via email
- B . Automatically deleting emails older than one year
- C . Moving emails to a virtual email vault after 30 days
- D . Allowing employees to store large emails on flash drives
During the design phase of a software development project, the PRIMARY responsibility of an IS auditor is to evaluate the:
- A . Future compatibility of the application.
- B . Proposed functionality of the application.
- C . Controls incorporated into the system specifications.
- D . Development methodology employed.
Which of the following documents would be MOST useful in detecting a weakness in segregation of duties?
- A . System flowchart
- B . Data flow diagram
- C . Process flowchart
- D . Entity-relationship diagram
Which of the following is the BEST justification for deferring remediation testing until the next audit?
- A . The auditor who conducted the audit and agreed with the timeline has left the organization.
- B . Management’s planned actions are sufficient given the relative importance of the observations.
- C . Auditee management has accepted all observations reported by the auditor.
- D . The audit environment has changed significantly.
An IS auditor is conducting a post-implementation review of an enterprise resource planning (ERP) system. End users indicated concerns with the accuracy of critical automatic calculations made by the system.
The auditor’s FIRST course of action should be to:
- A . review recent changes to the system.
- B . verify completeness of user acceptance testing (UAT).
- C . verify results to determine validity of user concerns.
- D . review initial business requirements.
A system administrator recently informed the IS auditor about the occurrence of several unsuccessful intrusion attempts from outside the organization.
Which of the following is MOST effective in detecting such an intrusion?
- A . Periodically reviewing log files
- B . Configuring the router as a firewall
- C . Using smart cards with one-time passwords
- D . Installing biometrics-based authentication
An IS auditor finds the log management system is overwhelmed with false positive alerts.
The auditor’s BEST recommendation would be to:
- A . establish criteria for reviewing alerts.
- B . recruit more monitoring personnel.
- C . reduce the firewall rules.
- D . fine tune the intrusion detection system (IDS).
Which of the following MOST effectively minimizes downtime during system conversions?
- A . Phased approach
- B . Direct cutover
- C . Pilot study
- D . Parallel run
Management is concerned about sensitive information being intentionally or unintentionally emailed as attachments outside the organization by employees.
What is the MOST important task before implementing any associated email controls?
- A . Require all employees to sign nondisclosure agreements (NDAs).
- B . Develop an acceptable use policy for end-user computing (EUC).
- C . Develop an information classification scheme.
- D . Provide notification to employees about possible email monitoring.
Which of the following is MOST important for an effective control self-assessment (CSA) program?
- A . Determining the scope of the assessment
- B . Performing detailed test procedures
- C . Evaluating changes to the risk environment
- D . Understanding the business process
When determining whether a project in the design phase will meet organizational objectives, what is BEST to compare against the business case?
- A . Implementation plan
- B . Project budget provisions
- C . Requirements analysis
- D . Project plan
Which of the following is MOST important for an IS auditor to examine when reviewing an organization’s privacy policy?
- A . Whether there is explicit permission from regulators to collect personal data
- B . The organization’s legitimate purpose for collecting personal data
- C . Whether sharing of personal information with third-party service providers is prohibited
- D . The encryption mechanism selected by the organization for protecting personal data
When reviewing an organization’s information security policies, an IS auditor should verify that the policies have been defined PRIMARILY on the basis of:
- A . a risk management process.
- B . an information security framework.
- C . past information security incidents.
- D . industry best practices.
Which of the following BEST ensures the quality and integrity of test procedures used in audit analytics?
- A . Developing and communicating test procedure best practices to audit teams
- B . Developing and implementing an audit data repository
- C . Decentralizing procedures and Implementing periodic peer review
- D . Centralizing procedures and implementing change control
Which of the following is the MOST important prerequisite for the protection of physical information assets in a data center?
- A . Segregation of duties between staff ordering and staff receiving information assets
- B . Complete and accurate list of information assets that have been deployed
- C . Availability and testing of onsite backup generators
- D . Knowledge of the IT staff regarding data protection requirements
Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?
- A . Real-time audit software
- B . Performance data
- C . Quality assurance (QA) reviews
- D . Participative management techniques
The implementation of an IT governance framework requires that the board of directors of an organization:
- A . Address technical IT issues.
- B . Be informed of all IT initiatives.
- C . Have an IT strategy committee.
- D . Approve the IT strategy.
Which of the following is the BEST method to safeguard data on an organization’s laptop computers?
- A . Disabled USB ports
- B . Full disk encryption
- C . Biometric access control
- D . Two-factor authentication
A new regulation requires organizations to report significant security incidents to the regulator within 24 hours of identification.
Which of the following is the IS auditor’s BEST recommendation to facilitate compliance with the regulation?
- A . Include the requirement in the incident management response plan.
- B . Establish key performance indicators (KPIs) for timely identification of security incidents.
- C . Enhance the alert functionality of the intrusion detection system (IDS).
- D . Engage an external security incident response expert for incident handling.
During a follow-up audit, an IS auditor learns that some key management personnel have been replaced since the original audit, and current management has decided not to implement some previously accepted recommendations.
What is the auditor’s BEST course of action?
- A . Notify the chair of the audit committee.
- B . Notify the audit manager.
- C . Retest the control.
- D . Close the audit finding.
During an audit of a reciprocal disaster recovery agreement between two companies, the
IS auditor would be MOST concerned with the:
- A . allocation of resources during an emergency.
- B . frequency of system testing.
- C . differences in IS policies and procedures.
- D . maintenance of hardware and software compatibility.
An organization allows employees to retain confidential data on personal mobile devices.
Which of the following is the BEST recommendation to mitigate the risk of data leakage from lost or stolen devices?
- A . Require employees to attend security awareness training.
- B . Password protect critical data files.
- C . Configure to auto-wipe after multiple failed access attempts.
- D . Enable device auto-lock function.
Which of the following is MOST important to include in forensic data collection and preservation procedures?
- A . Assuring the physical security of devices
- B . Preserving data integrity
- C . Maintaining chain of custody
- D . Determining tools to be used
When evaluating the design of controls related to network monitoring, which of the following is MOST important for an IS auditor to review?
- A . Incident monitoring togs
- B . The ISP service level agreement
- C . Reports of network traffic analysis
- D . Network topology diagrams
Which of the following is the BEST control to mitigate the malware risk associated with an instant messaging (IM) system?
- A . Blocking attachments in IM
- B . Blocking external IM traffic
- C . Allowing only corporate IM solutions
- D . Encrypting IM traffic
Cross-site scripting (XSS) attacks are BEST prevented through:
- A . application firewall policy settings.
- B . a three-tier web architecture.
- C . secure coding practices.
- D . use of common industry frameworks.
Which of the following would be to MOST concern when determine if information assets are adequately safequately safeguarded during transport and disposal?
- A . Lack of appropriate labelling
- B . Lack of recent awareness training.
- C . Lack of password protection
- D . Lack of appropriate data classification
What is BEST for an IS auditor to review when assessing the effectiveness of changes recently made to processes and tools related to an organization’s business continuity plan (BCP)?
- A . Full test results
- B . Completed test plans
- C . Updated inventory of systems
- D . Change management processes
Which of the following is the MOST effective control for protecting the confidentiality and integrity of data stored unencrypted on virtual machines?
- A . Monitor access to stored images and snapshots of virtual machines.
- B . Restrict access to images and snapshots of virtual machines.
- C . Limit creation of virtual machine images and snapshots.
- D . Review logical access controls on virtual machines regularly.
Which of the following should be an IS auditor’s PRIMARY focus when developing a risk-based IS audit program?
- A . Portfolio management
- B . Business plans
- C . Business processes
- D . IT strategic plans
Which of the following should be done FIRST when planning a penetration test?
- A . Execute nondisclosure agreements (NDAs).
- B . Determine reporting requirements for vulnerabilities.
- C . Define the testing scope.
- D . Obtain management consent for the testing.
An IS auditor finds that firewalls are outdated and not supported by vendors.
Which of the following should be the auditor’s NEXT course of action?
- A . Report the mitigating controls.
- B . Report the security posture of the organization.
- C . Determine the value of the firewall.
- D . Determine the risk of not replacing the firewall.
When an IS audit reveals that a firewall was unable to recognize a number of attack attempts, the auditor’s BEST recommendation is to place an intrusion detection system (IDS) between the firewall and:
- A . the Internet.
- B . the demilitarized zone (DMZ).
- C . the organization’s web server.
- D . the organization’s network.
Which of the following fire suppression systems needs to be combined with an automatic switch to shut down the electricity supply in the event of activation?
- A . Carbon dioxide
- B . FM-200
- C . Dry pipe
- D . Halon
Which of the following should an IS auditor be MOST concerned with during a post-implementation review?
- A . The system does not have a maintenance plan.
- B . The system contains several minor defects.
- C . The system deployment was delayed by three weeks.
- D . The system was over budget by 15%.
Which of the following is an audit reviewer’s PRIMARY role with regard to evidence?
- A . Ensuring unauthorized individuals do not tamper with evidence after it has been captured
- B . Ensuring evidence is sufficient to support audit conclusions
- C . Ensuring appropriate statistical sampling methods were used
- D . Ensuring evidence is labeled to show it was obtained from an approved source
Which of the following is the MOST important reason to implement version control for an end-user computing (EUC) application?
- A . To ensure that older versions are availability for reference
- B . To ensure that only the latest approved version of the application is used
- C . To ensure compatibility different versions of the application
- D . To ensure that only authorized users can access the application
Which of the following is the PRIMARY concern when negotiating a contract for a hot site?
- A . Availability of the site in the event of multiple disaster declarations
- B . Coordination with the site staff in the event of multiple disaster declarations
- C . Reciprocal agreements with other organizations
- D . Complete testing of the recovery plan
Which of the following BEST indicates the effectiveness of an organization’s risk management program?
- A . Inherent risk is eliminated.
- B . Residual risk is minimized.
- C . Control risk is minimized.
- D . Overall risk is quantified.
An organization conducted an exercise to test the security awareness level of users by sending an email offering a cash reward 10 those who click on a link embedded in the body of the email.
Which of the following metrics BEST indicates the effectiveness of awareness training?
- A . The number of users deleting the email without reporting because it is a phishing email
- B . The number of users clicking on the link to learn more about the sender of the email
- C . The number of users forwarding the email to their business unit managers
- D . The number of users reporting receipt of the email to the information security team
Which of the following should be the MOST important consideration when conducting a review of IT portfolio management?
- A . Assignment of responsibility for each project to an IT team member
- B . Adherence to best practice and industry approved methodologies
- C . Controls to minimize risk and maximize value for the IT portfolio
- D . Frequency of meetings where the business discusses the IT portfolio
Which of the following is the BEST way to mitigate the impact of ransomware attacks?
- A . Invoking the disaster recovery plan (DRP)
- B . Backing up data frequently
- C . Paying the ransom
- D . Requiring password changes for administrative accounts
Which of the following would BEST determine whether a post-implementation review (PIR) performed by the project management office (PMO) was effective?
- A . Lessons learned were implemented.
- B . Management approved the PIR report.
- C . The review was performed by an external provider.
- D . Project outcomes have been realized.
Which of the following is an executive management concern that could be addressed by the implementation of a security metrics dashboard?
- A . Effectiveness of the security program
- B . Security incidents vs. industry benchmarks
- C . Total number of hours budgeted to security
- D . Total number of false positives
Which audit approach is MOST helpful in optimizing the use of IS audit resources?
- A . Agile auditing
- B . Continuous auditing
- C . Outsourced auditing
- D . Risk-based auditing
Which of the following would BEST facilitate the successful implementation of an IT-related framework?
- A . Aligning the framework to industry best practices
- B . Establishing committees to support and oversee framework activities
- C . Involving appropriate business representation within the framework
- D . Documenting IT-related policies and procedures
An IS auditor is planning an audit of an organization’s accounts payable processes.
Which of the following controls is MOST important to assess in the audit?
- A . Segregation of duties between issuing purchase orders and making payments.
- B . Segregation of duties between receiving invoices and setting authorization limits
- C . Management review and approval of authorization tiers
- D . Management review and approval of purchase orders
Which of the following BEST minimizes performance degradation of servers used to authenticate users of an e-commerce website?
- A . Configure a single server as a primary authentication server and a second server as a secondary authentication server.
- B . Configure each authentication server as belonging to a cluster of authentication servers.
- C . Configure each authentication server and ensure that each disk of its RAID is attached to the primary controller.
- D . Configure each authentication server and ensure that the disks of each server form part of a duplex.
The decision to accept an IT control risk related to data quality should be the responsibility of the:
- A . information security team.
- B . IS audit manager.
- C . chief information officer (CIO).
- D . business owner.
The PRIMARY benefit lo using a dry-pipe fire-suppression system rather than a wet-pipe system is that a dry-pipe system:
- A . is more effective at suppressing flames.
- B . allows more time to abort release of the suppressant.
- C . has a decreased risk of leakage.
- D . disperses dry chemical suppressants exclusively.
An IS auditor suspects an organization’s computer may have been used to commit a crime.
Which of the following is the auditor’s BEST course of action?
- A . Examine the computer to search for evidence supporting the suspicions.
- B . Advise management of the crime after the investigation.
- C . Contact the incident response team to conduct an investigation.
- D . Notify local law enforcement of the potential crime before further investigation.
An organization’s software developers need access to personally identifiable information (Pll) stored in a particular data format.
Which of the following is the BEST way to protect this sensitive information while allowing the developers to use it in development and test environments?
- A . Data masking
- B . Data tokenization
- C . Data encryption
- D . Data abstraction
An organizations audit charier PRIMARILY:
- A . describes the auditors’ authority to conduct audits.
- B . defines the auditors’ code of conduct.
- C . formally records the annual and quarterly audit plans.
- D . documents the audit process and reporting standards.
Which of the following would be a result of utilizing a top-down maturity model process?
- A . A means of benchmarking the effectiveness of similar processes with peers
- B . A means of comparing the effectiveness of other processes within the enterprise
- C . Identification of older, more established processes to ensure timely review
- D . Identification of processes with the most improvement opportunities
Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?
- A . The IS auditor provided consulting advice concerning application system best practices.
- B . The IS auditor participated as a member of the application system project team, but did not have operational responsibilities.
- C . The IS auditor designed an embedded audit module exclusively for auditing the application system.
- D . The IS auditor implemented a specific control during the development of the application system.
Which of the following is the BEST detective control for a job scheduling process involving data transmission?
- A . Metrics denoting the volume of monthly job failures are reported and reviewed by senior management.
- B . Jobs are scheduled to be completed daily and data is transmitted using a Secure File Transfer Protocol (SFTP).
- C . Jobs are scheduled and a log of this activity is retained for subsequent review.
- D . Job failure alerts are automatically generated and routed to support personnel.
Which of the following should be an IS auditor’s GREATEST consideration when scheduling follow-up activities for agreed-upon management responses to remediate audit observations?
- A . Business interruption due to remediation
- B . IT budgeting constraints
- C . Availability of responsible IT personnel
- D . Risk rating of original findings
Which of the following is the BEST way to address segregation of duties issues in an organization with budget constraints?
- A . Rotate job duties periodically.
- B . Perform an independent audit.
- C . Hire temporary staff.
- D . Implement compensating controls.
During a new system implementation, an IS auditor has been assigned to review risk management at each milestone. The auditor finds that several risks to project benefits have not been addressed.
Who should be accountable for managing these risks?
- A . Enterprise risk manager
- B . Project sponsor
- C . Information security officer
- D . Project manager
Which of the following is a social engineering attack method?
- A . An unauthorized person attempts to gam access to secure premises by following an authonzed person through a secure door.
- B . An employee is induced to reveal confidential IP addresses and passwords by answering questions over the phone.
- C . A hacker walks around an office building using scanning tools to search for a wireless
network to gain access. - D . An intruder eavesdrops and collects sensitive information flowing through the network and sells it to third parties.
An organization has outsourced its data processing function to a service provider.
Which of the following would BEST determine whether the service provider continues to meet the organization s objectives?
- A . Assessment of the personnel training processes of the provider
- B . Adequacy of the service provider’s insurance
- C . Review of performance against service level agreements (SLAs)
- D . Periodic audits of controls by an independent auditor
Which of the following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?
- A . Encryption of the spreadsheet
- B . Version history
- C . Formulas within macros
- D . Reconciliation of key calculations
Prior to a follow-up engagement, an IS auditor learns that management has decided to accept a level of residual risk related to an audit finding without remediation. The IS auditor is concerned about management’s decision.
Which of the following should be the IS auditor’s NEXT course of action?
- A . Accept management’s decision and continue the follow-up.
- B . Report the issue to IS audit management.
- C . Report the disagreement to the board.
- D . Present the issue to executive management.
IS management has recently disabled certain referential integrity controls in the database management system (DBMS) software to provide users increased query performance.
Which of the following controls will MOST effectively compensate for the lack of referential integrity?
- A . More frequent data backups
- B . Periodic table link checks
- C . Concurrent access controls
- D . Performance monitoring tools
Which of the following is the PRIMARY reason for an IS auditor to conduct post-implementation reviews?
- A . To determine whether project objectives in the business case have been achieved
- B . To ensure key stakeholder sign-off has been obtained
- C . To align project objectives with business needs
- D . To document lessons learned to improve future project delivery
An IS auditor notes the transaction processing times in an order processing system have significantly increased after a major release.
Which of the following should the IS auditor review FIRST?
- A . Capacity management plan
- B . Training plans
- C . Database conversion results
- D . Stress testing results
During an incident management audit, an IS auditor finds that several similar incidents
were logged during the audit period.
Which of the following is the auditor’s MOST important course of action?
- A . Document the finding and present it to management.
- B . Determine if a root cause analysis was conducted.
- C . Confirm the resolution time of the incidents.
- D . Validate whether all incidents have been actioned.
An IS auditor discovers that validation controls m a web application have been moved from the server side into the browser to boost performance
This would MOST likely increase the risk of a successful attack by.
- A . phishing.
- B . denial of service (DoS)
- C . structured query language (SQL) injection
- D . buffer overflow
Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?
- A . File level encryption
- B . File Transfer Protocol (FTP)
- C . Instant messaging policy
- D . Application level firewalls
Which of the following should an IS auditor recommend as a PRIMARY area of focus when an organization decides to outsource technical support for its external customers?
- A . Align service level agreements (SLAs) with current needs.
- B . Monitor customer satisfaction with the change.
- C . Minimize costs related to the third-party agreement.
- D . Ensure right to audit is included within the contract.
A proper audit trail of changes to server start-up procedures would include evidence of:
- A . subsystem structure.
- B . program execution.
- C . security control options.
- D . operator overrides.