Answer the question below, please follow the order to answer and indicate the order. Thanks!
- Two objectives of the system availability are to minimize the risk of system downtime and resume normal operations quick. To achieve these objectives, organizations develop disaster recovery plans and business continuity plans. These plans should reflect the management’s responses to basic questions.
(a) List those two questions and explain how the answers to these questions achieve the objective of system availability.
(b) What are the different types of backup procedures? There is a key point that should be addressed regardless of the types of backup procedures. What is that point?
- A sequence check is a method of testing the sequencing of a batch of data.
(a) Out of various application controls to maintain the integrity of processing data, what type of control does a sequence check address?
(b) What are the other controls that can be classified into the same category of application controls?
- There are six objectives of information systems audits.
(a) What automated flowcharting programs do? Identify which of the six objectives such automated flowcharting programs achieve. Which other software packages can be used to achieve the same sub-goal of this objective of information systems audits?
(b) Identify the objective that can be achieved by using a test data generator. Explain how a test data generator can help auditors achieve this objective.
- Auditing process can be classified into four stages.
(a) In which stage, is an analytical review approach used? How does an analytical review approach achieve the goal of this audit stage?
(b) How would you define the term materiality in the context of auditing? How is this term related with the term reasonable assurance?
- Explain the four steps of the risk-based audit approach, and discuss how they apply to
the overall security of a company