The source code of an application has just been debugged. Which type of testing should be performed to help ensure that new errors are not been introduced by the debugging process?
Which of the following is the MOST effective way to verity an organization's ability to continue its essential business operations after a disruption event?
An IS auditor conducting a review of disaster recovery planning (DRP) at a financial processing organization has discovered the following:
The existing disaster recovery plan was compiled two years earlier by a systems analyst in the organization's IT department using transaction flow projections from the operations department.
The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his/her attention.
The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for its area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical, hardware configuration is already established. An IS auditor should:
A comprehensive and effective e-mail policy should address the issues of e-mail structure, policy enforcement, monitoring and:
During a disaster recovery audit, an IS auditor finds that a business impact analysis (BIA) has not been performed. The auditor should FIRST
