SECTION II TRUE or FALSE (1) _____________ Audit Execution is independent upon t

Question

SECTION II TRUE or FALSE  

(1) _____________ Audit Execution is independent upon the scope of the audit.

(2) ____________ It is important that he individuals that are selected for interview are
                                            able to answer the questions posed by the auditors.

(3) ____________ It is advisable to send the audit artifacts by email.

(4) ____________ Corrective actions plan (CAP) are typically due within 20 days after
                                  final report issuance.

(5) ____________ One of the most important aspects in designing a security awareness
                                program is to select a theme for the training.

(6) ___________ The Management group and those directly involved in an        
                               information security function, should be the primary focus during
                              security awareness training.

(7)___________ Phishing emails direct you to the fake website to enter account information.”

(8)____________ Maintaining training records of employees is the only way this can
                               be managed in any significant enterprise.

(9)___________ Each policy should be specific and action oriented, including
                             Baselines to take around each topic.

(10)__________ Policies published online should be limited in length to two to three pages.   
                              

(11)__________COBIT is a nationally accepted set of tools organized into a framework
                               that executives can use to ensure their IT is helping them achieve
                          their goals and objectives.

(12)_________ Sensitive information is confidential material would cause
                          damage or be prejudicial to national security if publicly available.

[13] _________ Effective policies have consistent sanction policies to enable action
                              when the policies are not followed.

[14]__________COBIT can be used to integrate other standards as an umbrella framework.

[15]_________COBIT is published by IT Governance Institute and contains a
                             set of 34 high-level control objectives.

[16]_________ Privacy is defined as the power to allow what others know about you         
                          and what they can do with this information.

[17] ­­­­­­­­­­­­­­­­­________The last activity in Information Life Cycle is Retirement.

[18] ________ Business secrets are protected through trade secret laws.

[19]_________ a firewall provides a "logical" key to obtain access to the door.

[20[_________ According to NIST 800-53 Awareness and Training is among Operational Controls.

Explanation / Answer

(1)True Audit Execution is independent upon the scope of the audit.

(2)True  It is important that he individuals that are selected for interview are
                                            able to answer the questions posed by the auditors.

(3) True  It is advisable to send the audit artifacts by email.

(4) True  Corrective actions plan (CAP) are typically due within 20 days after
                                  final report issuance.

(5) True  One of the most important aspects in designing a security awareness
                                program is to select a theme for the training.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.