Which of the following metrics would BEST measure the agility of an organization's IT function?

• A.Average number of learning and training hours per IT staff member
• B.Percentage of staff with sufficient IT-related skills for the competency required of their roles.
• C.Frequency of security assessments against the most recent standards and guidelines.
• D.Average time to turn strategy IT objectives into an agreed upon and approved initiative.

Comment: *

Name: *

Email: *

Verification: *

A checksum following is MOST important for an IS auditor to review when evaluating the accuracy of a spreadsheet that contains several macros?

• A.Preventive control
• B.Administrative control
• C.Detective control
• D.Corrective control

Comment: *

Name: *

Email: *

Verification: *

An IT steering committee should review information systems PRIMARILY to assess:

• A.whether IT processes support business requirements.
• B.if proposed system functionality is adequate.
• C.the stability of existing software.
• D.the complexity of installed technology.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is reviewing a project to implement a payment system between a parent bank and a subsidiary. The IS auditor should FIRST verify that the:

• A.technical platforms between the two companies are interoperable.
• B.parent bank is authorized to serve as a service provider.
• C.security features are in place to segregate subsidiary trades.
• D.subsidiary can join as a co-owner of this payment system.

Comment: *

Name: *

Email: *

Verification: *

During a security audit, an IS auditor is tasked with reviewing log entries obtained from an enterprise intrusion prevention system (IPS). Which type of risk would be associated with the potential for the auditor to miss a sequence of logged events that could indicate an error in the IPS configuration?

• A.Control risk
• B.Inherent risk
• C.Sampling risk
• D.Detection risk

Comment: *

Name: *

Email: *

Verification: *