A. be dynamic and change often to coincide with the changing nature of technology and the audit profession.
B. clearly state audit objectives for, and the delegation of, authority to the maintenance and review of internal controls.
C. document the audit procedures designed to achieve the planned audit objectives.
D. Outline the overall authority, scope and responsibilities of the audit function. Answer:_____D______________________
2. Which of the following criteria for selecting the applications to be audited is LEAST likely to be used?
A. Materiality of audit risk
B. Sensitivity of transactions
C. Technological complexity
D. Regulatory agency involvement
Answer: …show more content…
Installing an efficient user log system to track the actions of each user
D. Training provided on a regular basis to all current and new employees
14. IT control objectives are useful to IS auditors since they provide the basis for understanding the:
A. Desired result or purpose of implementing specific control procedures.
B. Best IT security control practices relevant to a specific entity.
C. Techniques for securing information.
D. Security policy.
15. Which of the following is the MOST important function to be performed by IS management when a service has been outsourced?
A. Ensuring that invoices are paid to the provider
B. Participating in systems design with the provider
C. Renegotiating the provider’s fees
D. Monitoring the outsourcing provider’s performance
16. Is it appropriate for an IS auditor from a company that is considering outsourcing its IS processing to request and review a copy of each vendor’s business continuity plan?
A. Yes, because an IS auditor will evaluate the adequacy of the service bureau’s plan and assist their company in implementing a complementary plan.
B. Yes, because based on the plan, an IS auditor will evaluate the financial stability of the service bureau and its ability to fulfill the contract.
C. No, because the backup to be provided should