Which of the following is MOST important for an IS auditor to ensure is included in a global organization's
online data privacy notification to customers?

• A.Consequences to the organization for mishandling the data
• B.Consent terms including the purpose of data collection
• C.Contact information for reporting violations of consent
• D.Industry standards for data breach notification

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST likely to result from a business process reengineering (BPR) project?

• A.An increased number of people using technology
• B.Significant cost savings, through a reduction in the complexity of information technology
• C.A weaker organizational structures and less accountability
• D.Increased information protection (IP) risk will increase

Comment: *

Name: *

Email: *

Verification: *

In an organization where IT is critical to its business strategy and where there is a high level of operational dependence on IT, senior management commitment to security is BEST demonstrated by the:

• A.reporting line of the chief information security officer (CISO).
• B.segregation of duties policy.
• C.existence of an IT steering committee.
• D.size of the IT security function.

Comment: *

Name: *

Email: *

Verification: *

An advantage of a continuous audit approach is that it can improve system security when used in time- sharing environments that process a large number of transactions. True or false?

• A.True
• B.False

Comment: *

Name: *

Email: *

Verification: *

During an audit of a reciprocal disaster recovery agreement between two companies, the IS auditor would be MOST concerned with the:

• A.allocation of resources during an emergency.
• B.maintenance of hardware and software compatibility.
• C.differences in IS policies and procedures.
• D.frequency of system testing.

Comment: *

Name: *

Email: *

Verification: *