An organization has made a strategic decision to split into separate operating entities to improve profitability. However, the IT infrastructure remains shared between the entities. Which of the following would BEST help to ensure that IS audit still covers key risk areas within the IT environment as part of its annual plan?

• A.Conducting an audit of newly introduced IT policies and procedures
• B.Increasing the frequency of risk-based IS audits for each business entity
• C.Revising IS audit plans to focus on IT changes introduced after the split
• D.Developing a risk-based plan considering each entity's business processes

Comment: *

Name: *

Email: *

Verification: *

Capacity management enables organizations to:

• A.determine business transaction volumes.
• B.establish the capacity of network communication links.
• C.forecast technology trends.
• D.identify the extent to which components need to be upgraded.

Comment: *

Name: *

Email: *

Verification: *

Which of the following provides a new IS auditor with the MOST useful information to evaluate overall IT performance?

• A.IT balanced scorecard
• B.IT value analysis
• C.Prior audit reports
• D.Vulnerability assessment report

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the FIRST step in the incident response process for a suspected breach?

• A.Inform potentially affected customers of the security breach
• B.Notify business management of the security breach.
• C.Engage a third party to independently evaluate the alerted breach.
• D.Research the validity of the alerted breach

Comment: *

Name: *

Email: *

Verification: *

Which of the following should an IS auditor consider FIRST when evaluating firewall rules?

• A.The physical location of the firewalls
• B.The firewalls' default settings
• C.The organization's security policy
• D.The number of remote nodes

Comment: *

Name: *

Email: *

Verification: *