Question 1

Which of the following disaster recovery techniques is has the least risk associated with it?

Accepted Answer

A) empty shell 
B) ROC 
C) internally provided backup 
D) they are all equally risky 
A) empty shell 
B) ROC 
C) internally provided backup 
D) they are all equally risky C

Question 2

RAID is the use of parallel disks that contain redundant elements of data and applications.

Accepted Answer

A) True 
 B)False  True

Question 3

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

Accepted Answer

A) True 
 B)False  True

Question 4

In a computer-based information system,which of the following duties needs to be separated?

Accepted Answer

A)  program coding from program operations 
B)  program operations from program maintenance 
C)  program maintenance from program coding 
D)  all of the above duties should be separated 
A)  program coding from program operations 
B)  program operations from program maintenance 
C)  program maintenance from program coding 
D)  all of the above duties should be separated

Question 5

Explain why reduced security is an outsourcing risk.

Accepted Answer

Information outsourced to off-shore IT v

Question 6

In a CBIS environment,data consolidation protects corporate data from computer fraud and losses from disaster.

Accepted Answer

A) True 
 B)False

Question 7

How has the Sarbanes-Oxley Act had a significant impact on corporate governance?

Accepted Answer

The Sarbanes-Oxley Act requires all audi

Question 8

Which of the following is NOT a potential threat to computer hardware and peripherals?

Accepted Answer

A) low humidity 
B) high humidity 
C) carbon dioxide fire extinguishers 
D) water sprinkler fire extinguishers 
A) low humidity 
B) high humidity 
C) carbon dioxide fire extinguishers 
D) water sprinkler fire extinguishers

Question 9

Commodity IT assets include such things are network management.

Accepted Answer

A) True 
 B)False

Question 10

An often-cited benefit of IT outsourcing is improved core business performance.

Accepted Answer

A) True 
 B)False

Question 11

Fault tolerance is the ability of the system to continue operation when part of the system fails due to hardware failure,application program error,or operator error.

Accepted Answer

A) True 
 B)False

Question 12

What is IT Governance?

Accepted Answer

IT governance is a broad concept relatin

Question 13

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Accepted Answer

The characteristics of computer centers

Question 14

Critical applications should be identified and prioritized by the user departments,accountants,and auditors.

Accepted Answer

A) True 
 B)False

Question 15

What is a mirrored data center?

Accepted Answer

A mirrored data center duplica

Question 16

Which organizational structure is most likely to result in good documentation procedures?

Accepted Answer

A)  separate systems development from systems maintenance 
B)  separate systems analysis from application programming 
C)  separate systems development from data processing 
D)  separate database administrator from data processing 
A)  separate systems development from systems maintenance 
B)  separate systems analysis from application programming 
C)  separate systems development from data processing 
D)  separate database administrator from data processing

Question 17

For most companies,which of the following is the least critical application for disaster recovery purposes?

Accepted Answer

A)  month-end adjustments 
B)  accounts receivable 
C)  accounts payable 
D)  order entry/billing 
A)  month-end adjustments 
B)  accounts receivable 
C)  accounts payable 
D)  order entry/billing

Question 18

Define specific asset.

Accepted Answer

Specific IT assets,in contrast,are uniqu

Question 19

To ensure sound internal control,program coding and program processing should be separated.

Accepted Answer

A) True 
 B)False

Question 20

For disaster recovery purposes,what criteria are used to identify an application or data as critical?

Accepted Answer

Critical application and files

Which of the following disaster recovery techniques is has the least risk associated with it?

RAID is the use of parallel disks that contain redundant elements of data and applications.

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

In a computer-based information system,which of the following duties needs to be separated?

Explain why reduced security is an outsourcing risk.

In a CBIS environment,data consolidation protects corporate data from computer fraud and losses from disaster.

How has the Sarbanes-Oxley Act had a significant impact on corporate governance?

Which of the following is NOT a potential threat to computer hardware and peripherals?

Commodity IT assets include such things are network management.

An often-cited benefit of IT outsourcing is improved core business performance.

Fault tolerance is the ability of the system to continue operation when part of the system fails due to hardware failure,application program error,or operator error.

What is IT Governance?

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Critical applications should be identified and prioritized by the user departments,accountants,and auditors.

What is a mirrored data center?

Which organizational structure is most likely to result in good documentation procedures?

For most companies,which of the following is the least critical application for disaster recovery purposes?

Define specific asset.

To ensure sound internal control,program coding and program processing should be separated.

For disaster recovery purposes,what criteria are used to identify an application or data as critical?

Auditing and Internal Control

Security Part I: Auditing Operating Systems and Networks

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters

Exam 2: Auditing IT Governance Controls

Which of the following disaster recovery techniques is has the least risk associated with it?

RAID is the use of parallel disks that contain redundant elements of data and applications.

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

In a computer-based information system,which of the following duties needs to be separated?

Explain why reduced security is an outsourcing risk.

In a CBIS environment,data consolidation protects corporate data from computer fraud and losses from disaster.

How has the Sarbanes-Oxley Act had a significant impact on corporate governance?

Which of the following is NOT a potential threat to computer hardware and peripherals?

Commodity IT assets include such things are network management.

An often-cited benefit of IT outsourcing is improved core business performance.

Fault tolerance is the ability of the system to continue operation when part of the system fails due to hardware failure,application program error,or operator error.

What is IT Governance?

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Critical applications should be identified and prioritized by the user departments,accountants,and auditors.

What is a mirrored data center?

Which organizational structure is most likely to result in good documentation procedures?

For most companies,which of the following is the least critical application for disaster recovery purposes?

Define specific asset.

To ensure sound internal control,program coding and program processing should be separated.

For disaster recovery purposes,what criteria are used to identify an application or data as critical?

Auditing and Internal Control

Security Part I: Auditing Operating Systems and Networks

IT Security Part II: Auditing Database Systems

Systems Development and Program Change Activities

Overview of Transaction Processing and Financial Reporting Systems

Computer-Assisted Audit Tools and Techniques

Data Structures and CAATTs for Data Extraction

Auditing the Revenue Cycle

Auditing the Expenditure Cycle

Business Ethics, Fraud, and Fraud Detection

Enterprise Resource Planning Systems

Filters