Which of the following would MOST likely impair the independence of the IS auditor when performing a post-implementation review of an application system?

• A.The IS auditor provided consulting advice concerning application system best practices.
• B.The IS auditor participated as a member of the application system pro)ecl team.
  but did not have operational responsibilities.
• C.The IS auditor implemented a specific control during the development of the application system.
• D.The IS auditor designed an embedded audit module exclusively for auditing the application system.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important incident management consideration for an organization
subscribing to a cloud service?

• A.Decision on the classification of cloud-hosted data
• B.Expertise of personnel providing incident response
• C.Implementation of a SIEM in the organization
• D.An agreement on the definition of a security incident

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST useful for determining whether the goals of IT are aligned with the organization's goals?

• A.Balanced scorecard
• B.Enterprise dashboard
• C.Enterprise architecture (EA)
• D.Key performance indicators (KPIs)

Comment: *

Name: *

Email: *

Verification: *

A post-implementation review of a development project concludes that several business requirements were not reflected in the software requirement specifications. Which of the following should an IS auditor recommend to reduce this problem in the future?

• A.Appoint a business unit representative.
• B.Set up a configuration control board.
• C.Write test cases from the user requirements.
• D.Trace the changes to requirements back to all affected products.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor is reviewing the installation of a new server. The IS auditor's PRIMARY objective is to ensure that

• A.a detailed business case was formally approved prior to the purchase.
• B.the procurement project invited tenders from at least three different suppliers.
• C.security parameters are set in accordance with the organizations policies
• D.security parameters are set in accordance with the manufacturer's standards

Comment: *

Name: *

Email: *

Verification: *