Choose the correct chain of audit project management basic steps:

Plan → build → execute → monitor

Plan → execute → develop → close

Plan → execute → build → monitor

Plan → develop → execute → close

What is true about follow-up activities?

The main objective of follow-up activities is to validate whether management has implemented the recommendations.

Serve as a valid reference for any party researching the auditor or audit topic.

Provide statements of assurance and, if needed, identification of areas requiring corrective action and related recommendations.

Conducted at the end of the audit, provides an IS auditor with the opportunity to discuss findings and recommendations with the auditee management.

What is true about COBIT?

EGIT framework that ensures that IT is aligned with the business and delivers value for the business.

Detailed framework for the operational service management of IT.

It provides guidelines on risk management for organizations.

Set of best practices for information security programs

ITGC: Access to program and data does not include which of the following processes:

Access provisioning/deprovisioning

Identification and authentication

What is the primary purpose of an audit trail in an information system?

To monitor and log user activities and changes for security and compliance purposes

To track and record all system performance metrics

To enhance system speed and efficiency

What is the purpose of testing the performance of a system during peak hours?

To ensure the system operates effectively under stress

To monitor and log user activities

To track and record all system performance metrics

What is not a risk associated with ITGC: Access to program and data:

Slow system performance due to network latency

What is a relational database?

A method of storing data in tables with defined relationships

A table showing access rights of subjects to objects in a computer system

A method of data protection through encryption

A table showing the access rights of subjects to objects in a computer system

A method of data protection through encryption

A method of memory allocation in an operating system

What is not considered as best practice for access termination:

Termination within 5 or more days

What is the main purpose of multi-factor authentication (MFA)?

To provide an additional layer of security by requiring multiple forms of verification

To improve user experience by simplifying the login process

To allow users to reset their passwords easily

To monitor and log all user activities during login attempts

Choose the correct chain of software development testing:

Unit → Integration → System → Final acceptance testing

System → Integration → Unit → Final acceptance testing

Integration → Unit → System → Final acceptance testing

Unit → System → Final acceptance testing → Integration

What is a compensating control?

A security measure that is used when it is not possible to implement the primary control or primary control seemed to be ineffective

A control that replicates an existing security control to improve efficiency

A control implemented to mitigate risks when the primary control is not possible or effective

A control designed to reduce costs

What is the correct sequence of the System Development Life Cycle (SDLC) phases for a purchased solution?

Feasibility study → Software selection → Configuration → Final testing → Post-implementation

Feasibility study → Requirements definition → Development → Final testing → Post-implementation

Feasibility study → Requirements definition → Design → Final testing → Post-implementation

Feasibility study → Software selection → Design → Configuration → Final testing → Post-implementation

Audit and Risk Management Quiz

Authored by Anel Aqtasova

Information Technology (IT)

12th Grade

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

29 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Audit charter includes all the following except:

The mission, purpose, and objective of the audit function

The responsibilities of management

The responsibilities of internal auditors

The scope of the audit project

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Depending on how the risk can be calculated/measured, two types of risk can be distinguished. What are the two types?

Inherent, residual

Gross, net

Qualitative, quantitative

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

High risk is identified when:

A process issue may result in damage to the reputation of the organization that will take more than six months to recover.

A process issue may result in damage to the reputation of the organization that will take less than six months but more than three months to recover.

A process issue may result in damage to the reputation of the organization that will take less than three months to recover.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is not a characteristic of type of control?

Automated

Manual

Written

Combined

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the primary purpose of corrective control?

Prevent the occurrence

Detect as well as correct the error

Detect the error

Act as deterrence to prevent error

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The assessment of countermeasures should be based on the following:

The cost of the control compared to the benefit of minimizing the risk

Management's risk appetite (i.e., the level of residual risk that management is prepared to accept)

Preferred risk-reduction methods

All the above

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The involvement of a third party is an example of what type of risk response?

Risk mitigation

Risk transfer

Risk avoidance

Risk acceptance

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

Chapter 4 Mastering Algebraic Expressions

Quiz

•

7th Grade - University

25 questions

Jaringan Komputer Sederhana

Quiz

•

12th Grade

25 questions

UH INFORMATIKA KELAS XI

Quiz

•

11th Grade - University

25 questions

INFORMATIKA 12 - US2

Quiz

•

12th Grade

25 questions

Web 2.0 and ICT Projects Quiz

Quiz

•

11th Grade - University

25 questions

Quiz Data dan Perangkat Lunak

Quiz

•

7th Grade - University

25 questions

XII H Informatika: Masa Kini dan Depan

Quiz

•

12th Grade

25 questions

Quiz tentang Sharing Data dalam Jaringan

Quiz

•

11th Grade - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

13 questions

SMS Cafeteria Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

12 questions

SMS Restroom Expectations Quiz

Quiz

•

6th - 8th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

10 questions

Pi Day Trivia!

Quiz

•

6th - 9th Grade

Discover more resources for Information Technology (IT)

15 questions

Pi Day Trivia

Quiz

•

9th - 12th Grade

10 questions

Understanding Pi and Its Applications

Interactive video

•

7th - 12th Grade

22 questions

El Imperfecto

Quiz

•

9th - 12th Grade

20 questions

Grammar

Quiz

•

9th - 12th Grade

7 questions

History of St. Patrick's Day for Kids | Bedtime History

Interactive video

•

1st - 12th Grade

22 questions

Regular Preterite -AR-ER-IR-

Quiz

•

12th Grade

27 questions

quiz review Senderos 2 En el consultorio

Quiz

•

9th - 12th Grade

25 questions

PI Day Trivia Contest

Quiz

•

9th - 12th Grade

Audit and Risk Management Quiz

Audit charter includes all the following except:

Depending on how the risk can be calculated/measured, two types of risk can be distinguished. What are the two types?

High risk is identified when:

What is not a characteristic of type of control?

What is the primary purpose of corrective control?

The assessment of countermeasures should be based on the following:

The involvement of a third party is an example of what type of risk response?

Choose the correct chain of audit project management basic steps:

What can be considered as the bridge or interface between the audit objectives and the final deliverables?

Substantive testing is used when:

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Information Technology (IT)