Which process gives auditors the tools needed to perform ongoing monitoring of system operations?
Which of the following controls reduce the impact of threats and minimize the impact of problems?
Security logs are an example of which class of control?
When a material failure of internal controls occurs, it’s typically referred to as which of the following?
Which of the following would be the best sampling technique to review an organization’s balance sheet for material transactions?
Which audit opinion is described as multiple significant deficiencies adding up to a material and pervasive weakness?
Which of the following is an example of a standard published by ISACA?
Which data classification would most likely apply when pricing products in a commodity business prior to a product launch?
Which of the following best represents the core concept of quality assurance (QA)?
Which of the following is a possible area of disagreement used by stakeholders when they want to challenge audit results?
Which type of audit sampling would be best to measure characteristics of the sample population, such as dollar amounts or other units of measurement?
While different risks must be reasonably controlled, which of the following risks is considered unacceptable?
Which step of the audit process includes documenting the preliminary results?
Which of the following statements best describes integrated auditing?
- A. Integrated auditing places internal control in the hands of management and reduces the time between the audit and the time of reporting.
Which funding method has the advantage of being relatively easy to implement and for accounting to handle?
Which of the following methods represents the best assurance that information is entered correctly when auditing a credit card payment system?
- A. Audit trails
Which of the following funding strategies is a type of pay-as-you-go system
In the Three Lines of Defense model, which role provides the risk governance committees and senior management with comprehensive assurance that risk is being appropriately managed across the enterprise?
Which compensating control can be performed through observation or inquiry, or they can be done remotely, using software tools and applications?
Which of the following represents the last general step of a business impact analysis (BIA)?
Which of the following recovery strategies in the Business Continuity Planning (BCP) process typically costs the most to implement, but offers the fastest speed of recovery?
Which of the following is NOT a maturity level found in a typical CMM model?
Which data classification includes information related to the customers of the business, such as tax ID information or health records?
Which of the following regulations requires security standards for U.S. government systems?
Which of the following contract terms allows an onsite audit inspection of a third-party supplier?
Which of the following refers to the U.S. standards on management of health care data?
In the following common policy characteristics, the attribute most closely associated with bottom-up policy development is that it
Which of the following is NOT one of the specific goals required for an organization to meet best practices for IT governance frameworks?
Which of the following is NOT one of the five core governance principles of COBIT 5?
Which media-rotation strategy for backup media involves using five sets of tapes, with each set labeled A through E?
Courses Offered In This Certification
Practice Certification Exam