Question: 1
An IS auditor determines that a business continuity plan has not been reviewed and approved by management. Which of the following is the MOST significant risk associated with this situation?
Question: 2
A CIO has asked an IS auditor to implement several security controls for an organization s IT processes and systems. The auditor should:
Question: 3
To effectively classify data, which of the following MUST be determined?
Question: 4
An audit team has a completed schedule approved by the audit committee. After starting some of the scheduled audits, executive management asked the team to immediately audit an additional process. There are not enough resources available to add the additional audit to the schedule. Which of the following is the BEST course of action?
Question: 5
Which of the following BEST helps to identify errors during data transfer?