An organization is planning an acquisition and has engaged an IS auditor lo evaluate the IT governance framework of the target company. Which of the following would be MOST helpful In determining the effectiveness of the framework?

• A.IT performance benchmarking reports with competitors
• B.Recent third-party IS audit reports
• C.Sell-assessment reports of IT capability and maturity
• D.Current and previous internal IS audit reports

Comment: *

Name: *

Email: *

Verification: *

An organization was recently notified by its regulatory body of significant discrepancies in its reporting dat a. A preliminary investigation revealed that the discrepancies were caused by problems with the organization's data quality Management has directed the data quality team to enhance their program. The audit committee has asked internal audit to be advisors to the process. To ensure that management concerns are addressed, which data set should internal audit recommend be reviewed FIRST?

• A.Data supporting financial statements
• B.Data reported to the regulatory body
• C.Data with customer personal information
• D.Data impacting business objectives

Comment: *

Name: *

Email: *

Verification: *

An organization that has suffered a cyber attack is performing a forensic analysis of the affected users' computers. Which of the following should be of GREATEST concern for the IS auditor reviewing this process?

• A.An imaging process was used to obtain a copy of the data from each computer.
• B.The legal department has not been engaged.
• C.The chain of custody has not been documented.
• D.Audit was only involved during extraction of the Information

Comment: *

Name: *

Email: *

Verification: *

Which of the following findings should be of GREATEST concern to an IS auditor performing a review of IT operations?

• A.Changes to the job scheduler application's parameters are not approved and reviewed by an operations supervisor.
• B.Operations shift turnover logs are not utilized to coordinate and control the processing environment.
• C.The job scheduler application has not been designed to display pop-up error messages.
• D.Access to the job scheduler application has not been restricted to a maximum of two staff members.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is assigned to review the IS department s quality procedures. Upon contacting the IS manager, the auditor finds that there is an informal unwritten set of standards Which of the following should be the auditor's NEXT action1?

• A.Document and lest compliance with the informal standards
• B.Postpone the audit until IS management implements written standards
• C.Make recommendations to IS management as to appropriate quality standards
• D.Finalize the audit and report the finding

Comment: *

Name: *

Email: *

Verification: *