The following findings are the result of an IS auditor's post-implementation review of a newly implemented system. Which of the following findings is of GREATEST significance?
An organization has recently acquired another organization. When reviewing both IS departments, the IS auditor discovers two redundant IT applications. Which of the following would be the auditor's BEST recommendation for management?
As an auditor it is very important to ensure confidentiality, integrity, authenticity and availability are
implemented appropriately in an information system. Which of the following definitions incorrectly describes
these parameters?
1. Authenticity - A third party must be able to verify that the content of a message has been sent by a
specific entity and nobody else.
2. Non-repudiation - The origin or the receipt of a specific message must be verifiable by a third party. A
person cannot deny having sent a message if the message is signed by the originator.
3. Accountability - The action of an entity must be uniquely traceable to different entities
4. Availability - The IT resource must be available on a timely basis to meet mission requirements or to
avoid substantial losses.
To develop meaningful recommendations for findings, which of the following is MOST important for an IS auditor to determine and understand?
