The decision to accept an IT control risk related to data quality should be the responsibility of the:

• A.business owner.
• B.information security team.
• C.IS audit manager.
• D.chief information officer (CIO).

Comment: *

Name: *

Email: *

Verification: *

A web proxy server for corporate connections to external resources reduces organizational risk by:

• A.providing faster response than direct access.
• B.providing multi-factor authentication for additional security.
• C.anonymizing users through changed IP addresses.
• D.load balancing traffic to optimize data pathways.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is an example of a preventive control for physical access?

• A.Keeping log entries for all visitors to the building
• B.Implementing a fingerprint-based access control system for the building
• C.Installing closed-circuit television (CCTV) cameras for all ingress and egress points
• D.Implementing a centralized logging server to record instances of staff logging into workstations

Comment: *

Name: *

Email: *

Verification: *

Which of the following should be the PRIMARY role of an internal audit function in the management of identified business risks?

• A.Establishing a risk management framework
• B.Operating the risk management framework
• C.Establishing a risk appetite
• D.Validating enterprise risk management (ERM)

Comment: *

Name: *

Email: *

Verification: *

What is the BEST way to reduce the risk of inaccurate or misleading data proliferating through business intelligence systems?

• A.Establish rules for converting data from one format to another
• B.Develop a metadata repository to store and access metadata
• C.Implement a consistent database indexing strategy
• D.Implement data entry controls for new and existing applications

Comment: *

Name: *

Email: *

Verification: *