Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.
Tanampasidis Article
Ramirez Article
Godfrey Article
Help Article
Aras, Ciaramitaro, Livermore Article
CPE Quiz #
121
Based on Information Systems Control Journal Volume 4, 2008
A passing score of 75 percent qualifies for one (1) hour of
CISA/CISM/CGEIT Continuing Professional Education (CPE) Credit
Your results will appear in a new window.
Enter your name below so it displays on the quiz results page:
Name:
Tanampasidis Article1. The new legal and ethical dilemmas and challenges to banks and their customers include impersonal communication between the bank and the customer and sensitive data interchange through public networks.
2. The Value at Risk (VaR) methodology translates the level of risk into monetary units without the need for extensive historical data.
3. One of the advantages of the VaR methodology is that the auditor focuses on the quantitative parameters of risk exposure.
4. The suggested methodology consists of six stages including strategy analysis and evaluation.
5. At the end of the third stage, identification of points of risk mitigation and control, the auditor must be in a position to identify for further investigation the residual risk.
6. The methodology described can be applied by an average-toexperienced auditor.
Ramirez Article7. Risk management models do not contribute anything to the bottom line of the organization.
8. The AIRMIC standard includes references to areas such as risk assessment and risk analysis.
9. The COSO model includes areas recommended by other risk management models as well as a three-dimensional matrix.
Godfrey Article10. Using Integration Protocol (IP) network architecture as a backbone, converged security solutions can add a layer of “integration intelligence.”
11. Workflow application software, embedded into the security management process, will play an important role in driving the adoption of security convergence and holistic risk mitigation.
Help Article12. Business and IT should work on achieving their own, different objectives.
13. In COSO ERM the internal environment is the first layer, but in Pension-Fennia's model, it was the result of the evaluation of the first six layers.
14. In the second part in every layer, the maturity of controls is evaluated with the help of different criteria.
15. The tool developed also deepened the synergy and mutual understanding between business units and IT.
Aras, Ciaramitaro, Livermore Article16. The Gartner Group reports that more than 50 percent of current business security vulnerabilities are found within software applications rather than the network boundaries.
17. According to the American Society for Quality Control, best practices are determined through continuously identifying, understanding and adapting outstanding practices and processes found inside and outside of organizations.
18. Two best practices within code construction are secure software checklists and software inspections.
|
Your results will appear in a new window.
|
Please note: This quiz requires a JavaScript-enabled browser.
If the quiz is not displayed above, you either do not have a browser which
supports JavaScript or JavaScript support has been disabled.
|
|
|