An IS auditor observes an organization is performing data backup and restoration testing on an ad hoc basis without a defined process. What is the MOST likely result of a data disruption event?

• A.Increased loss impact
• B.Decreased data confidentiality
• C.Increased likelihood of future risk events
• D.Decreased data integrity

Comment: *

Name: *

Email: *

Verification: *

Which procedure provides the GREATEST assurance that corrective action to an audit report has been taken?

• A.Performing subsequent audit tests to verify resolution of the deficiencies
• B.Reporting to the audit committee or the board of directors concerning specific action taken or lack thereof
• C.Inquiring about the current status of the recommendation
• D.Requesting a written management reply to the audit report identifying corrective action for each deficiency

Comment: *

Name: *

Email: *

Verification: *

Which of the following biometrics has the highest reliability and lowest false-acceptance rate (FAR)?

• A.Palm scan
• B.Face recognition
• C.Retina scan
• D.Hand geometry

Comment: *

Name: *

Email: *

Verification: *

In an organization where an IT security baseline has been defined, an IS auditor should FIRST ensure:

• A.implementation.
• B.compliance.
• C.documentation.
• D.sufficiency.

Comment: *

Name: *

Email: *

Verification: *

During development of an information security policy, which of the following would BEST ensure alignment to business objectives?

• A.Incorporation of industry best practices
• B.Linkage between policy and procedures
• C.Use of a balanced scorecard
• D.Input from relevant stakeholders

Comment: *

Name: *

Email: *

Verification: *