Which of the following is MOST critical to the success of an information security program?

• A.User accountability for information security
• B.Management's commitment to information security
• C.Integration of business and information security
• D.Alignment of information security with IT objectives

Comment: *

Name: *

Email: *

Verification: *

An IS auditor who was instrumental m designing an application is called upon to review the application. The auditor should:

• A.use the knowledge of the application to carry out the audit
• B.into in audit management of the earlier involvement
• C.modify the scope of the audit
• D.refuse the assignment to avoid conflict of interest

Comment: *

Name: *

Email: *

Verification: *

To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:

• A.during data preparation.
• B.in transit to the computer.
• C.between related computer runs.
• D.during the return of the data to the user department.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is MOST important for the IS auditor to verify when reviewing the development process of a security policy?

• A.Output from the enterprise's risk management system
• B.Identification of the control framework
• C.Evidence of management approval
• D.Evidence of active involvement of key stakeholders

Comment: *

Name: *

Email: *

Verification: *

Which of the following would provide the BEST evidence that a cloud provider's change management process is effective?

• A.A copy of change management policies provided by the vendor
• B.Minutes from regular change management meetings with the vendor
• C.The results of a third-party review provided by the vendor
• D.Written assurances from the vendor's CEO and CIO

Comment: *

Name: *

Email: *

Verification: *