Which of the following is the MOST important technology control to reduce the likelihood of fraudulent payments committed internally?

• A.Role-based user access model
• B.Daily transaction reconciliation
• C.Automated access revocation
• D.Rule-based data analytics

Comment: *

Name: *

Email: *

Verification: *

An organization is planning to acquire a new financial system. Which of the following stakeholders would provide the MOST relevant information for analyzing the risk associated with the new IT solution?

• A.Process owner
• B.Internal auditor
• C.Risk manager
• D.Project sponsor

Comment: *

Name: *

Email: *

Verification: *

You are using Information system. You have chosen a poor password and also sometimes transmits data over unprotected communication lines. What is this poor quality of password and unsafe transmission refers to?

• A.Probabilities
• B.Threats
• C.Vulnerabilities
• D.Impacts

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the MOST reliable evidence of the effectiveness of security controls implemented for a web application?

• A.Penetration testing
• B.Fault tree analysis
• C.Vulnerability assessment
• D.IT general controls audit

Comment: *

Name: *

Email: *

Verification: *

A risk practitioner learns that the organization s industry is experiencing a trend of rising security incidents. Which of the following is the BEST course of action?

• A.Evaluate the relevance of the evolving threats.
• B.Respond to organizational security threats.
• C.Review past internal audit results.
• D.Research industry published studies.

Comment: *

Name: *

Email: *

Verification: *