Documente Academic
Documente Profesional
Documente Cultură
2. When segregation of duties concerns exist between IT support staff and end users, what
would be a suitable compensating control?
A. Restricting physical access to computing equipment
B. Reviewing transaction and application logs
C. Performing background checks prior to hiring IT staff
D. Locking user sessions after a specified period of inactivity
4. Which of the following goals would you expect to find in an organization's strategic
plan?
A. Test a new accounting package.
B. Perform an evaluation of information technology needs.
C. Implement a new project planning system within the next 12 months.
D. Become the supplier of choice for the product offered.
6. An IS auditor was hired to review e-business security. The IS auditor's first task was to
examine each existing e-business application looking for vulnerabilities. Which would be
the next task?
A. Report the risks to the CIO and CEO immediately.
B. Examine e-business application in development.
C. Identify threats and likelihood of occurrence.
D. Check the budget available for risk management.