Which of the following findings should be of GREATEST concern to an IS auditor assessing the risk associated with end-user computing (EUC) in an organization?

• A.Insufficient processes to track ownership of each EUC application?
• B.Lack of defined criteria for EUC applications
• C.Lack of awareness training for EUC users
• D.Insufficient processes to lest for version control

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's information security program?

• A.The program was not formally signed off by the sponsor.
• B.Key performance indicators (KPIs) are not established.
• C.Not all IT staff are aware of the program.
• D.The program was last updated five years ago.

Comment: *

Name: *

Email: *

Verification: *

Normally, it would be essential to involve which of the following stakeholders in the initiation stage of a project?

• A.System owners
• B.System users
• C.System designers
• D.System builders

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST reasonable option for recovering a noncritical system?

• A.Warm site
• B.Mobile site
• C.Hot site
• D.Cold site

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be done FIRST to develop an effective business continuity plan (BCP)?

• A.Create a business unit communications plan.
• B.Create a disaster recovery plan (DRP).
• C.Perform a business impact analysis (BIA).
• D.Secure an alternate processing site

Comment: *

Name: *

Email: *

Verification: *