A comprehensive IS audit policy should include guidelines detailing what involvement the internal audit
team should have?

• A.in the development and coding of major OS applications.
• B.in the acquisition and maintenance of major WEB applications.
• C.in the human resource management cycle of the application development project.
• D.in the development, acquisition, conversion, and testing of major applications.
• E.None of the choices.

Comment: *

Name: *

Email: *

Verification: *

During audit follow-up, an IS auditor finds that a control has been implemented differently than recommended. The auditor should:

• A.verify whether the control objectives are adequately addressed.
• B.compare the control to the action plan.
• C.report as a repeat finding.
• D.inform management about incorrect implementation.

Comment: *

Name: *

Email: *

Verification: *

Which of the following data validation edits is effective in detecting transposition and transcription errors?

• A.Range check
• B.Check digit
• C.Validity check
• D.Duplicate check

Comment: *

Name: *

Email: *

Verification: *

IT disaster recovery lime objectives (RTOs) should be based on the:

• A.nature of the outage.
• B.maximum tolerable downtime (MTD).
• C.maximum tolerable loss of data.
• D.business-defined critically of the systems.

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST supports the prioritization of new IT projects?

• A.Internal control self-assessment (CSA)
• B.Information systems audit
• C.Investment portfolio analysis
• D.Business risk assessment

Comment: *

Name: *

Email: *

Verification: *