Which of the following should be an IS auditor's PRIMARY consideration when reviewing a project to outsource data center hosting services?

• A.Adherence to industry standards for ensuring integrity of data
• B.Regulatory requirements regarding the location of data
• C.The vendor's ability to meet established service level agreements (SLAs)
• D.Existence of a right-to-audit clause in the vendor agreement

Comment: *

Name: *

Email: *

Verification: *

An organization is using an enterprise resource management (ERP) application. Which of the following would be an effective access control?

• A.User-level permissions
• B.Role-based
• C.Fine-grained
• D.Discretionary

Comment: *

Name: *

Email: *

Verification: *

During audit follow-up, an IS auditor finds that a control has been implemented differently than
recommended. The auditor should:

• A.verify whether the control objectives are adequately addressed.
• B.compare the control to the action plan.
• C.report as a repeat finding.
• D.inform management about incorrect implementation.

Comment: *

Name: *

Email: *

Verification: *

Which of the following processes should an IS auditor recommend to assist in the
recording of baselines for software releases?

• A.Change management
• B.Backup and recovery
• C.incident management
• D.Configuration management

Comment: *

Name: *

Email: *

Verification: *

An IS auditor can BEST help management fulfill risk management responsibilities by:

• A.highlighting specific risks not being addressed
• B.ensuring the roles tor managing IT risk are defined
• C.developing an IT risk management framework
• D.adopting a mechanism for reporting issues

Comment: *

Name: *

Email: *

Verification: *