Which of the following should be defined in an audit charter?

• A.Audit methodology
• B.Audit authority
• C.Audit schedule
• D.Audit results

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST source of information for assessing the effectiveness of IT process monitoring?

• A.Real-time audit software
• B.Participative management techniques
• C.Performance data
• D.Quality assurance (QA) reviews

Comment: *

Name: *

Email: *

Verification: *

An organization's IT security policy states that user IDs must uniquely identify individuals and that users should not disclose their passwords. An IS auditor discovers that several generic user IDs are being used.
Which of the following is the MOST appropriate course of action for the auditor?

• A.Investigate the noncompliance.
• B.Include the finding in the final audit report.
• C.Recommend disciplinary action.
• D.Recommend a change in security policy.

Comment: *

Name: *

Email: *

Verification: *

An IS auditor has been asked to audit a complex system with computerized and manual elements. Which of the following should be identified FIRST?

• A.Programmed controls
• B.Input validation
• C.System risks
• D.Manual controls

Comment: *

Name: *

Email: *

Verification: *

Which of the following BEST Indicates that an incident management process is effective?

• A.Decreased time for incident resolution
• B.Increased number of incidents reviewed by IT management
• C.Decreased number of calls lo the help desk
• D.Increased number of reported critical incidents

Comment: *

Name: *

Email: *

Verification: *