Which of the following is a key component of an organization's cybersecunty governance?

• A.The IT department establishing^ implementing, and actively managing security configurations.
• B.Senior management of the organization setting the cybersecurity policy
• C.Management identifying and classifying the types of critical data in the organization's system
• D.Administrators monitoring the use, assignment and configuration of privileges on the network.

Comment: *

Name: *

Email: *

Verification: *

An auditor in charge was reviewing the workpapers submitted by a newly hired internal auditor. She noted that the new auditor's analytical work did not include any rating or quantification of the risk assessment results, and she returned the workpapers for correction. Which section of the workpapers will the new auditor need to modify?

• A.Criteria section.
• B.Condition section.
• C.Effect section.
• D.Cause section.

Comment: *

Name: *

Email: *

Verification: *

Which of the following engagement observations would provide the least motivation for management to amend or replace an existing cost accounting system?

• A.50 percent of total organizational cost has been allocated on a volume basis.
• B.The distorted unit cost of a service is 50 percent lower than the true cost, while the true cost is 50 percent higher than the competition's cost.
• C.The organization is losing $1,000,000 annually because it incorrectly outsourced an operation based on information from its current system.
• D.The cost of rework, hidden by the current system, is 50 percent of the total cost of all services.

Comment: *

Name: *

Email: *

Verification: *

An internal auditor discovered that several unauthorized modifications were made to the production version of an organization's accounting application. Which of the following best describes this deficiency?

• A.Application controls weakness.
• B.Authorization controls weakness.
• C.Change controls weakness.
• D.Production controls weakness.

Comment: *

Name: *

Email: *

Verification: *

New environmental regulations require the board to certify that the organization's reported pollutant emissions data is accurate. The chief audit executive (CAE) is planning an audit to provide assurance over the organization's compliance with the environmental regulations. Which of the following groups or individuals is most important for the CAE to consult to determine the scope of the audit?

• A.The environmental, health, and safety manager.
• B.The audit committee of the board.
• C.The organization's external environmental lawyers.
• D.The organization's insurance department.

Comment: *

Name: *

Email: *

Verification: *