Which of the following is an analytical review procedure for a payroll system?

• A.Testing hours reported on time sheets
• B.Performing penetration attempts on the payroll system
• C.Evaluating the performance of the payroll system using benchmarking software
• D.Performing reasonableness tests by multiplying the number of employees by the average wage rate

Comment: *

Name: *

Email: *

Verification: *

A sample for testing must include the 80 largest client balances and a random sample of the rest. What should the IS auditor recommend?

• A.Query the database.
• B.Develop an integrated test facility (ITF).
• C.Use generalized audit software.
• D.Leverage a random number generator.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is evaluating management's risk assessment of information systems. The IS auditor should FIRST review:

• A.the controls already in place.
• B.the effectiveness of the controls in place.
• C.the mechanism for monitoring the risks related to the assets.
• D.the threats/vulnerabilities affecting the assets.

Comment: *

Name: *

Email: *

Verification: *

When reviewing past results of a recurring annual audit, an IS auditor notes that findings may not have been reported and independence may not have been maintained Which of the following is the auditor's BEST course of action?

• A.Reevaluate internal controls
• B.Inform audit management
• C.Inform senior management
• D.Re-perform past audits to ensure independence

Comment: *

Name: *

Email: *

Verification: *

What is the BEST indicator of successful implementation of an organization s information security policy?

• A.Reduced number of successful phishing incidents
• B.Reduced number of help desk calls
• C.Reduced number of false-positive security events
• D.Reduced number of noncompliance penalties incurred

Comment: *

Name: *

Email: *

Verification: *