Which of the following is an example of a risk avoidance response?
A. Buying an insurance policy to protect against loss events.
B. Hedging against natural gas price fluctuations.
C. Selling a non-strategic business unit.
D. Outsourcing a high risk process to a third party.
Which of the following budgets must be prepared first?
A. Cash budget.
B. Production budget.
C. Sales budget.
D. Selling and administrative expenses budget.
Which of the following actions is most likely to gain support for process change?
A. Set clear objectives.
B. Engage the various communities of practice within the organization.
C. Demonstrate support from senior management.
D. Establish key competencies.
Which of the following is a role of the board of directors in the governance process?
A. Conduct periodic assessments of the organization's governance systems.
B. Obtain assurance concerning the effectiveness of the organization's governance systems.
C. Implement an effective system of internal controls to support the organization's governance systems.
D. Review and approve operational goals and objectives.
Which of the following statements regarding database management systems is not correct?
A. Database management systems handle data manipulation inside the tables, rather than it being done by the operating system itself in files.
B. The database management system acts as a layer between the application software and the operating system.
C. Applications pass on the instructions for data manipulation which are then executed by the database management system.
D. The data within the database management system can only be manipulated directly by the database management system administrator.
Which of the following local area network physical layouts is subject to the greatest risk of failure if one device fails?
A. Star network.
B. Bus network.
C. Token ring network.
D. Mesh network.
Which of the following is the best example of IT governance controls?
A. Controls that focus on segregation of duties, financial and change management
B. Personnel policies that define and enforce conditions for staff in sensitive IT areas
C. Standards that support IT policies by more specifically defining required actions
D. Controls that focus on data structures and the minimum level of documentation required
According to IIA guidance, which of the following is a primary component of a network security strategy?
A. Application input controls
B. Firewall controls.
C. Transmission encryption controls
D. Change management controls
New data privacy laws require an organization to use collected customer information for me sole purpose of meeting the organization's business requirements. Which of the following best addresses the risk of the organization not complying with this objective?
A. Provide training on social engineering attacks
B. Encrypt the customer information retained by the organization
C. Establish policies that discipline those who misuse customer information
D. Allocate access profiles for each end user of the information
Which of the following stages of contracting focuses on aligning the markets with objectives of the organization?
A. Initiation stage
B. Bidding stage
C. Development stage
D. Negotiation stage