During audit framework. an IS auditor teams that employees are allowed to connect their personal devices to company-owned computers. How can the auditor BEST validate that appropriate security controls are in place to prevent data loss?

• A.Conduct a walk-through to view results of an employee plugging in a device to transfer confidential data.
• B.Verify employees have received appropriate mobile device security awareness training.
• C.Review compliance with data loss and applicable mobile device user acceptance policies.
• D.Verify the data loss prevention (DLP) tool is properly configured by the organization.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is analyzing a sample of accounts payable transactions for a specific vendor and identifies one transaction with a value five times as high as the average transaction. Which of the following should the auditor do NEXT?

• A.Request an explanation of the variance from the auditee
• B.Report the variance immediately to the audit committee
• C.Exclude the transaction from the sample population
• D.Increase the sample size to 100% of the population

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST efficient solution for a multi-location healthcare organization that wants to be able to access patient data wherever patients present themselves for care?

• A.Infrastructure as a Service (laaS) provider
• B.Software as a Service (SaaS) provider
• C.Network segmentation
• D.Dynamic localization

Comment: *

Name: *

Email: *

Verification: *

Which of the following features of a library control software package would protect against unauthorized updating of source code?

• A.Release-to-release comparison of source code
• B.Date and time stamping of source and object code
• C.Access controls for source libraries
• D.Required approvals at each life cycle step

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is reviewing an organization's business continuity plan (BCP) following a change in organizational structure with significant impact to business processes. Which of the following findings should be the auditor's GREATEST concern?

• A.Key business process end users did not participate in the business impact " analysis (BIA)
• B.A test plan for the BCP has not been completed during the last two years
• C.Copies of the BCP have not been distributed to new business unit end users sjnce the reorganization

Comment: *

Name: *

Email: *

Verification: *