Which of the following is not a method for implementing a new application system?

• A.Test.
• B.Pilot.
• C.Parallel.
• D.Direct cutover.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is always true regarding the use of encryption algorithms based on public key infrastructure (PKI)?

• A.PKI's public accessibility allows it to be used readily for e-commerce.
• B.The private key uniquely authenticates each party to a transaction.
• C.PKI uses an independent administrator to manage the public key.
• D.The public key is authenticated against reliable third-party identification.

Comment: *

Name: *

Email: *

Verification: *

According to IIA guidance on IT auditing, which of the following would not be an area examined by the internal audit activity?

• A.Policy development.
• B.Change management.
• C.Operations processes.
• D.Access system security.

Comment: *

Name: *

Email: *

Verification: *

Which of the following statements is in accordance with COBIT?
1) Pervasive controls are general while detailed controls are specific.
2) Application controls are a subset of pervasive controls.
3) Implementation of software is a type of pervasive control.
4) Disaster recovery planning is a type of detailed control.

• A.1 and 4 only
• B.1, 2, and 4 only
• C.2 and 3 only
• D.2, 3, and 4 only

Comment: *

Name: *

Email: *

Verification: *

The board has requested that the internal audit activity be involved in all phases of the organization's outsourcing of its network management. During which of the following stages is the internal auditor most likely to verify that the organization's right-to-audit clause is drafted effectively?

• A.Implementation and transition phase.
• B.Tendering and contracting phase.
• C.Monitoring and reporting phase
• D.Decision-making and business-case phase.

Comment: *

Name: *

Email: *

Verification: *