After implementing an information security governance framework, which of the following would provide the BEST information to develop an information security project plan?A . Balanced scorecardB . Recent audit resultsC . Risk heat mapD...
Which of the following is the MOST important requirement for an IS auditor to evaluate when reviewing a transmission of personally identifiable information (PII) between two organizations?A . CompletenessB . TimelinessC . NecessityD ....
Whenever an application is modified, what should be tested to determine the full impact of the change?A . Interface systems with other applications or systemsB . The entire program, including any interface systems with...
When reviewing a newly implemented quality management system (QMS), which of the following should be the IS auditor’s PRIMARY concern?A . The QMS benefit measures were not included in the business case.B . The...
The PRIMARY reason an IS department should analyze past incidents and problems is to:A . determine if all incidents and problems are reported.B . assign responsibility for problems.C . assess help desk performance.D ....
What is an acceptable mechanism for extremely time-sensitive transaction processing?A . Off-site remote journalingB . Electronic vaultingC . Shadow file processingD . Storage area networkView AnswerAnswer: C Explanation: Shadow file processing can be implemented...
The GREATEST risk of database denormalization is:A . decreased performance.B . loss of data confidentiality.C . loss of database integrity.D . incorrect metadata.View AnswerAnswer: A
When are benchmarking partners identified within the benchmarking process?A . In the design stageB . In the testing stageC . In the research stageD . In the development stageView AnswerAnswer: C Explanation: Benchmarking partners...
Which of the following would BEST assist an information security manager in gaining strategic support from executive management?A . Research on trends in global information security breachesB . Risk analysis specific to the organizationC...
The quality assurance (QA) function should be prevented from:A . developing naming conventions.B . establishing analysis techniques.C . amending review procedures.D . changing programs for business functions.View AnswerAnswer: C
