PHP-Fusion Powered Website - Articles: Isaca- CISA

Users Online

· Guests Online: 91

· Members Online: 0

· Total Members: 188
· Newest Member: meenachowdary055

Forum Threads

Newest Threads

No Threads created

Hottest Threads

No Threads created

Latest Articles

· Do while loop
· The for loop in C
· C while loop
· Pointers in C
· Functions in C

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site,
or upgrade to a Web browser that does support JavaScript; Firefox, Safari, Opera, Chrome or a version of Internet Explorer newer then version 6.

Articles Hierarchy

Articles Home » CISA » Isaca- CISA

Isaca- CISA

Question ID 22449
Which of the following is the BEST information source for management to use as an aid in the identification of assets that are subject to laws and regulations?

Option A
Security incident summaries

Option B
Vendor best practices

Option C
CERT coordination center

Option D
Significant contracts

Correct Answer D

Description Contractual requirements are one of the sources that should be consulted to identify the requirements for the management of information assets. Vendor best practices provides a basis for evaluating how competitive an enterprise is, while security incident summaries are a source for assessing the vulnerabilities associated with the IT infrastructure. CERT {www.cert.org) is an information source for assessing vulnerabilities within the IT infrastructure.
Update Date and Time 2018-03-30 05:05:40

Question ID 22450
An organization has outsourced its help desk activities. An IS auditor's GREATEST concern when reviewing the contract and associated service level agreement
(SLA) between the organization and vendor should be the provisions for:

Option A
documentation of staff background checks.

Option B
independent audit reports or full audit access.

Option C
reporting the year-to-year incremental cost reductions.

Option D
reporting staff turnover, development or training.

Correct Answer B

Description When the functions of an IS department are outsourced, an IS auditor should ensure that a provision is made for independent audit reports that cover all essential areas, or that the outsourcer has full audit access. Although it is necessary to document the fact that background checks are performed, this is not as important as provisions for audits. Financial measures such as year-to-year incremental cost reductions are desirable to have in a service level agreement ( SLA ); however, cost reductions are not as important as the availability of independent audit reports or full audit access. An SLA might include human relationship measures such as resource planning, staff turnover, development or training, but this is not as important as the requirements for independent reports or full audit access by the outsourcing organization.
Update Date and Time 2018-03-30 05:07:19

Page 4 of 15: 1 2 345 6 7...15

Comments

No Comments have been Posted.

Post Comment

Please Login to Post a Comment.

Ratings

Rating is available to Members only.

Please login or register to vote.

No Ratings have been Posted.

Render time: 0.78 seconds

10,824,947 unique visits

Question ID 22449	Which of the following is the BEST information source for management to use as an aid in the identification of assets that are subject to laws and regulations?
Option A	Security incident summaries
Option B	Vendor best practices
Option C	CERT coordination center
Option D	Significant contracts
Correct Answer	D

Question ID 22450	An organization has outsourced its help desk activities. An IS auditor's GREATEST concern when reviewing the contract and associated service level agreement (SLA) between the organization and vendor should be the provisions for:
Option A	documentation of staff background checks.
Option B	independent audit reports or full audit access.
Option C	reporting the year-to-year incremental cost reductions.
Option D	reporting staff turnover, development or training.
Correct Answer	B