Which of the following is the MOST important activity to undertake to avoid rework later in a project?
Correct Answer: D
Section: Information System Operations, Maintenance and Support Explanation/Reference:
Question 622
Which of the following is the MOST important reason to implement version control for an end-user computing (EUC) application?
Correct Answer: B
Question 623
Who is responsible for providing adequate physical and logical security for IS program, data and equipment?
Correct Answer: D
Explanation/Reference: Security administrator are responsible for providing adequate physical and logical security for IS programs, data and equipment. For CISA exam you should know below roles in an organization Data Owners - These peoples are generally managers and directors responsible for using information for running and controlling the business. Their security responsibilities include authorizing access, ensuring that access rules are updated when personnel changes occur, and regularly review access rule for the data for which they are responsible. Data Custodian or Data Steward - These people are responsible for storing and safeguarding the data, and include IS personnel such as system analysis and computer operators. Security Administrator -Security administrator is responsible for providing adequate physical and logical security for IS programs, data and equipment. Data Users - Data users, including internal and external user community, are the actual user of computerized data. Their level of access into the computer should be authorized by data owners, and restricted and monitor by security administrator. The following were incorrect answers: Data Owner- These peoples are generally managers and directors responsible for using information for running and controlling the business. Data Users - Data users, including internal and external user community, are the actual user of computerized data. Data custodian is responsible for storing and safeguarding the data, and include IS personnel such as system analyst and computer operators. The following reference(s) were/was used to create this question: CISA review manual 2014 Page number361
Question 624
Assurance tasks required to support security accreditation/certification should be identified:
Correct Answer: D
Question 625
Which of the following should be reviewed FIRST when planning an IS audit?
