When auditing the security architecture of an e-commerce environment, an IS auditor should FIRST review the:

• A.alternate firewall arrangements.
• B.criteria used for selecting the firewall.
• C.configuration of the firewall.
• D.location of the firewall within the network.

Comment: *

Name: *

Email: *

Verification: *

Which of the following presents the GREATEST challenge to the alignment of business and IT?

• A.Lack of information security involvement in business strategy development
• B.Lack of chief information officer (CIO) involvement in board meetings
• C.An IT steering committee chaired by the chief information officer (CIO)
• D.Insufficient IT budget to execute new business projects

Comment: *

Name: *

Email: *

Verification: *

Which of the following tests would provide the BEST assurance that a health care organization is handling patient data appropriately?

• A.Compliance with local laws and regulations
• B.Compliance with the organization's policies and procedures
• C.Compliance with action plans resulting from recent audits
• D.Compliance with industry standards and best practice

Comment: *

Name: *

Email: *

Verification: *

An organization has shifted from a bottom-up approach to a top-down approach in the development of IT policies This should result in

• A.greater adherence to best practices.
• B.greater consistency across the organization .
• C.a synthesis of existing operational policies
• D.a more comprehensive risk assessment plan

Comment: *

Name: *

Email: *

Verification: *

Which of the following stakeholders is accountable for control evaluations during a control self-assessment (CSA)?

• A.Departmental managers
• B.Chief internal auditor
• C.Quality assurance management
• D.Enterprise risk management

Comment: *

Name: *

Email: *

Verification: *