Which of the following should an IS auditor review FIRST when planning a customer data privacy audit?

• A.Customer agreements
• B.Legal and compliance requirements
• C.Organizational policies and procedures
• D.Data classification

Comment: *

Name: *

Email: *

Verification: *

Who should be responsible for network security operations?

• A.Business unit managers
• B.Security administrators
• C.Network administrators
• D.IS auditors

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a mechanism for mitigating risks?

• A.Security and control practices
• B.Property and liability insurance
• C.Audit and certification
• D.Contracts and service level agreements (SLAs)

Comment: *

Name: *

Email: *

Verification: *

Which of the following findings should be of MOST concern to an IS auditor when evaluating information security governance within an organization?

• A.The information security department has difficulty filling vacancies
• B.Information security policies were last updated two years ago
• C.The data center manager has final sign-off on security projects
• D.The information security oversight committee meets quarterly

Comment: *

Name: *

Email: *

Verification: *

For a company that outsources payroll processing, which of the following is the BEST way to ensure that only authorized employees are paid?

• A.Electronic payroll reports should be independently reviewed.
• B.Only payroll employees should be given the password for data entry and report retrieval.
• C.Employees should receive pay statements showing gross pay, net pay. and deductions.
• D.The company's bank reconciliations should be independently prepared and checked.

Comment: *

Name: *

Email: *

Verification: *