Which of the following reports should you as an IT auditor use to check on compliance with a service level agreement’s requirement for uptime?

A.

Systems logs

B.

Hardware error reports

C.

Utilization reports

D.

Availability reports

You are the Chief Information Security Officer of a large, multinational bank and you suspect there is a flaw in a two factor authentication token management process. Which of the following represents your BEST course of action?

A.

Validate that security awareness program content includes information about the potential vulnerability

B.

Conduct a thorough risk assessment against the current implementation to determine system functions

C.

Determine program ownership to implement compensating controls

D.

Send a report to executive peers and business unit owners detailing your suspicions

Which of the following is a benefit of a risk-based approach to audit planning?

A.

Resources are allocated to the areas of the highest concern

B.

Scheduling may be performed months in advance

C.

Budgets are more likely to be met by the IT audit staff

D.

Staff will be exposed to a variety of technologies

Which represents PROPER separation of duties in the corporate environment?

A.

Information Security and Identity Access Management teams perform two distinct functions

B.

Developers and Network teams both have admin rights on servers

C.

Finance has access to Human Resources data

D.

Information Security and Network teams perform two distinct functions

The MOST common method to get an unbiased measurement of the effectiveness of an Information Security Management System (ISMS) is to

A.

assign the responsibility to the information security team.

B.

assign the responsibility to the team responsible for the management of the controls.

C.

create operational reports on the effectiveness of the controls.

D.

perform an independent audit of the security controls.

A Chief Information Security Officer received a list of high, medium, and low impact audit findings. Which of the following represents the BEST course of action?

A.

If the findings impact regulatory compliance, try to apply remediation that will address the most findings for the least cost.

B.

If the findings do not impact regulatory compliance, remediate only the high and medium risk findings.

C.

If the findings impact regulatory compliance, remediate the high findings as quickly as possible.

D.

If the findings do not impact regulatory compliance, review current security controls.

Which of the following are necessary to formulate responses to external audit findings?

A.

Internal Audit, Management, and Technical Staff

B.

Internal Audit, Budget Authority, Management

C.

Technical Staff, Budget Authority, Management

D.

Technical Staff, Internal Audit, Budget Authority

IT control objectives are useful to IT auditors as they provide the basis for understanding the:

A.

Desired results or purpose of implementing specific control procedures.

B.

The audit control checklist.

C.

Techniques for securing information.

D.

Security policy

Providing oversight of a comprehensive information security program for the entire organization is the primary responsibility of which group under the InfoSec governance framework?

A.

Senior Executives

B.

Office of the Auditor

C.

Office of the General Counsel

D.

All employees and users

At which point should the identity access management team be notified of the termination of an employee?

A.

At the end of the day once the employee is off site

B.

During the monthly review cycle

C.

Immediately so the employee account(s) can be disabled

D.

Before an audit