Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Information Systems Auditing > IT Governance 1.0 > Flashcards

IT Governance 1.0 Flashcards

1
Q

WHAT insurance type provides for a loss arising from fraudulent acts by employees?

A

Fidelity Coverage

i.e. This type of insurance covers the loss arising from dishonest or fraudulent acts by employees

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

WHAT is an IS auditor’s primary concern when reviewing a business process reengineering (BPR) effort?

A

That controls are eliminated as part of the streamlining BPR effort.

i.e. A primary risk of BPR is that controls are eliminated as part of the reengineering effort.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Who within the organization is responsible for approving an information security policy?

A

The Board of Directors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does a lack of adequate security controls represent?

A

Vulnerability

i.e. Lack of adequate security functionality in this context is a vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of insurance provides for a loss arising from fraudulent acts by employees?

A

Fidelity coverage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What step should be executed FIRST, when developing a security architecture?

A

Defining a security policy

i.e. This is the first step to defining a security policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What would ‘best’ support the prioritization of new IT projects?

A

Investment portfolio analysis

i.e., This will present a clear focus on investment strategy and also provide the rationale for terminating nonperforming IT projects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What risk management practice would most likely expose an organization to the greatest amount of compliance risk?

A

Risk Transfer

i.e., This typically addresses financial risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What would an IS auditor consider ‘most’ important in facilitating compliance with a newly developed IT policy for an organization?

A

Existing IT mechanisms enabling compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is most critical when evaluating the effectiveness of an IT governance implementation?

A

Determining stakeholder requirements and involvement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is of ‘primary concern’ when performing a review of a business process reengineering (BPR) effort?

A

Controls are eliminated as part of the streamlining BPR effort

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What would be an important consideration when reviewing the classification levels of information assets?

A

Potential loss

i.e., The best basis for asset classification is an understanding of the total losses a business may incur if the asset is compromised

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Information Systems Auditing (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions