When reviewing application controls using the four-level model, which of the following processes are associated with level 4 of the business process method?

A. Activity

B. Subprocess

C. Major process

D. Mega process

Which of the following IT professionals is responsible for providing maintenance to switches and routers to keep IT systems running as intended?

A. Data center operations manager

B. Response and support team.

C. Database administrator,

D. Network administrator

An organization that relies heavily on IT wants to contain the impact of potential business disruption to a period of approximately four to seven days. Which of the following business recovery strategies would most efficiently meet this organization's needs?

A. A recovery strategy whereby a separate site has not yet been determined, but hardware has been reserved for purchase and data backups.

B. A recovery strategy whereby a separate site has been secured and is ready for use, with fully configured hardware and real-time synchronized data

C. A recovery strategy whereby a separate site has been secured and the necessary funds for hardware and data backups have been reserved.

D. A recovery strategy whereby a separate site has been secured with configurable hardware and data backups.

An organization decided to outsource its human resources function. As part of its process migration, the organization is implementing controls over sensitive employee data.
What would be the most appropriate directive control in this area?

A. Require a Service Organization Controls (SOC) report from the service provider

B. Include a data protection clause in the contract with the service provider.

C. Obtain a nondisclosure agreement from each employee at the service provider who will handle sensitive data.

D. Encrypt the employees ' data before transmitting it to the service provider

Which of the following best describes depreciation?

A. It is a process of allocating cost of assets between periods.

B. It is a process of assets valuation.

C. It is a process of accumulating adequate funds to replace assets.

D. It is a process of measuring decline in the value of assets because of obsolescence

According to IIA guidance, which of the following would be the best first stop to manage risk when a third party is overseeing the organization's network and data?

A. Creating a comprehensive reporting system for vendors to demonstrate their ongoing due diligence in network operations.

B. Drafting a strong contract that requires regular vendor control reports end a right-to-audit clause.

C. Applying administrative privileges to ensure right to access controls are appropriate.

D. Creating a standing cyber-security committee to identify and manage risks related to data security

Which of the following would be classified as IT general controls?

A. Error listings.

B. Distribution controls

C. Transaction logging.

D. Systems development controls.

Which of the following is an established systems development methodology?

A. Waterfall.

B. Projects in Controlled Environments (PRINCE2).

C. Information Technology Infrastructure Library (ITIL).

D. COBIT

An organization upgraded to a new accounting software. Which of the following activities should be performed by the IT software vendor immediately following the upgrade?

A. Market analysis lo identify trends

B. Services to manage and maintain the IT Infrastructure.

C. Backup and restoration.

D. Software testing and validation

An organization has a declining inventory turnover but an Increasing gross margin rate, Which of the following statements can best explain this situation?

A. The organization's operating expenses are increasing.

B. The organization has adopted just-in-time inventory.

C. The organization is experiencing Inventory theft

D. The organization's inventory is overstated.

Which of the following contract concepts is typically given in exchange for the execution of a promise?

A. Lawfulness.

B. Consideration.

C. Agreement.

D. Discharge

Employees at an events organization use a particular technique to solve problems and improve processes. The technique consists of five steps: define, measure, analyze, improve, and control. Which of the following best describes this approach?

A. Six Sigma,

B. Quality circle.

C. Value chain analysis.

D. Theory of constraints.