Which of the following is MOST important to consider when determining the nature and extent of audit follow-up activities?

• A.The number of unimplemented recommendations that are no longer relevant
• B.The status of actions taken by the auditee to implement recommendations
• C.The amount of turn over within operations management
• D.The experience and availability of audit staff

Comment: *

Name: *

Email: *

Verification: *

An IS auditor noted that an organization had adequate business continuity plans (BCPs)
for each individual process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor?

• A.Recommend that an additional comprehensive BCP be developed.
• B.Determine whether the BCPs are consistent.
• C.Accept the BCPs as written.
• D.Recommend the creation of a single BCP.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor should be concerned when a telecommunication analyst:

• A.monitors systems performance and tracks problems resulting from program changes.
• B.reviews network load requirements in terms of current and future transaction volumes.
• C.assesses the impact of the network load on terminal response times and network data transfer rates.
• D.recommends network balancing procedures and improvements.

Comment: *

Name: *

Email: *

Verification: *

Company.com has contracted with an external consulting firm to implement a commercial financial system to replace its existing in-house developed system. In reviewing the proposed development approach, which of the following would be of GREATEST concern?

• A.Acceptance testing is to be managed by users.
• B.A quality plan is not part of the contracted deliverables.
• C.Not all business functions will be available on initial implementation.
• D.Prototyping is being used to confirm that the system meets business requirements.

Comment: *

Name: *

Email: *

Verification: *

When reviewing print systems spooling, an IS auditor is MOST concerned with which of the following vulnerabilities?

• A.The potential for unauthorized deletion of report copies
• B.The potential for unauthorized modification of report copies
• C.The potential for unauthorized printing of report copies
• D.The potential for unauthorized editing of report copies

Comment: *

Name: *

Email: *

Verification: *