General

Question 1

what is continuous auditing

Answer 1

a real-time feed of information to management through automated reporting processes so that management may implement corrective actions more quickly.

Question 2

WHAT IS AUTOMATED SYSTEMS BALANCING

Answer 2

Automated systems balancing checks any imbalance between total inputs and total outputs would be reported for investigation and correction.

Question 3

what are validation controls

Answer 3

comparing for input and output

Question 4

what is a VPN

Answer 4

. The most secure method is a virtual private network, using encryption, authentication and tunneling to allow data to travel securely from a private network to the Internet.

Question 5

Which of the following would be BEST prevented by a raised floor in the computer machine room?

Answer 5

damage of wires around the computers and servers

Question 6

what defines the strategy of a Disaster recovery strategies how

Answer 6

maximum tolerable downtime and data loss

Question 7

what is RTO

Answer 7

It is the time within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in continuity.

Question 8

what is RPO

Answer 8

Point in recovery where data has to be restored as the last backup was until then

Question 9

what does Hash Algorithms does

Answer 9

It provides a finger print to ensure authentication. it does not provide encryption, authorization and identification.

Question 10

governance of IT should be whose stakeholders

Answer 10

Board of Directors

Question 11

what is the actual purpose of audit trails

Answer 11

It is to determine accountability and NOT help the IS auditor

Question 12

what does row level and column level access controls do

Answer 12

they restrict access to certain types of information that require additional security.

Question 13

what is the diff between Data warehouse and database

Answer 13

data warehouse pulls data from multiple sources

Question 14

what is being considered the most for reciprocal agreements as a recovery alternative

Answer 14

they must not be in close proximity

Question 15

what is most concern when orgn outsouces IS processing

Answer 15

the lack of right to audit

Question 16

what ensures accountability when updating data in a production database

Answer 16

review of audit logs

Question 17

what is a web site certificate

Answer 17

it is to prove the authenticity of the site

Question 18

Digital signatures requires what keys

Answer 18

It requires the sender to have his private key and the receiver to have a public key

Question 19

what is a IT project portfolio analysis

Answer 19

provides information of planned initiatives, and ongoing IT services

Question 20

what is a table link / reference checks

Answer 20

table linking errors (completeness and accuracy of contents of the database

Question 21

which is the greatest concern

1) DR is invalid and need to be revised
2) Data may be lost in event of system failure
3) new vendor is not familiar with orgn policies
4) application owners were not informed of the change

Answer 21

application owners were not informed of the change

Question 22

what is the most impt thing for IS auditor to consider to faciliate new policy implementation

Answer 22

esiting IT mechanisms to enable compliance

Question 23

in a change management process, what does a IS auditor look out for most

Answer 23

the test plans are followed and complied

Question 24

what is the critical success factor of a succesful implementation

1) assimilation of the framweork and intent of the written policy by all appropriate parties
2) management support ?

Answer 24

1) assimilation of framework and intent of the written policy

Question 25

what is a integriyt constraints in a database

Answer 25

set of parameteres in a predefined table which prevent undefined data from being entered