Loading questions...
Updated
While auditing a small organization's data classification processes and procedures, an IS auditor noticed that data is often classified at the incorrect level. What is the MOST effective way for the organization to improve this situation?
Which of the following should be the GREATEST concern for an IS auditor performing a post-implementation review for a major system upgrade?
Which of the following observations noted by an IS auditor reviewing internal IT standards is MOST important to address?
Which of the following is MOST important for an organization to consider when planning to outsource data storage to a third-party provider?
An IS auditor has been tasked with analyzing an organization's capital expenditures against its repair and maintenance costs. Which of the following is the BEST reason to use a data analytics tool for this purpose?
Which of the following presents the GREATEST risk associated with end-user computing (EUC) applications over financial reporting?
An IS auditor should look for which of the following to ensure the risk associated with scope creep has been mitigated during software development?
Which of the following is MOST important to consider when defining disaster recovery strategies?
Which of the following is the GREATEST advantage of agile development over waterfall development?
Which of the following controls provides the MOST protection against ransomware attacks?
Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?
An IS auditor finds that a key Internet-facing system is vulnerable to attack and that patches are not available. What should the auditor recommend be done
FIRST?
Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?
Which of the following is the BEST control to help ensure that security requirements are considered throughout the life cycle of an agile software development project?
Which of the following is MOST important when assembling an internal team to perform penetration testing for the organization?
Which of the following would a digital signature MOST likely prevent?
An IS auditor is determining the scope for an upcoming audit. Which of the following BEST enables the auditor to ensure appropriate controls are considered?
A PRIMARY objective of risk management is to keep the total cost of risks below the:
Which of the following should be the role of internal audit in an organization’s move to the cloud?
Which of the following should be the role of internal audit in an organization’s move to the cloud?
How does a switched network reduce the risk of network sniffing?
Which of the following is the MOST effective way for internal audit management to ensure the quality of IS audits is maintained?
During a review of an organization's network threat response process, the IS auditor noticed that the majority of alerts were closed without resolution.
Management responded that those alerts were unworkable due to lack of actionable intelligence, and therefore the support team is allowed to close them. What is the BEST way for the auditor to address this situation?
Which of the following should be of GREATEST concern to an IS auditor reviewing an organization's business continuity plan (BCP)?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?