ISACA: Serving IT Governance Professionals

English
Chinese (Simplified)
Chinese (Traditional)
Deutsch
Espanol
Francais
Hebrew
Italiano
Japanese
Korean
Nederlands
Polski
Portuguese

Advanced Search

ABOUT
Membership
CERTIFICATION
Education
COBIT
Knowledge Center
Journal
Bookstore

What We Offer & Whom We Serve

@ISACA Newsletter

Licensing and Promotion

Volunteering

IT Governance
Institute

	Professional Membership
	Student Membership
	Academic Membership

	Local Chapter Information
	Join Today
	Professional Growth Global Community Advance Your Career


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

Why Certify

How to Earn CPE

Maintain Your Certification

Write an Exam Question

US DoD Information

Exam Registration

CONFERENCES

ONLINE LEARNING

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM

Call for Papers

Browse All Events

Exhibitors and Sponsors


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs

Browse Knowledge Center topics

Where networking and knowledge intersect.

	BMIS (Information Security)
	COBIT 5 \| COBIT 4.1
	ITAF (IT Assurance\Audit)
	Research (Deliverables\Projects)
	Risk IT (IT Risk Management)
	Standards (Assurance\Audit\Control)
	Val IT (Value Delivery)

Featured Resources

Career Centre

Legislative Reporting

Current Issue

Past Issues

Author Blog

CPE Quizzes

Submit an Article

COBIT Process Assessment Model (PAM): Using COBIT 5

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

A New Auditor's Guide to Planning, Performing and Presenting IT Audits

Top Sellers

Security, Audit and Control Features SAP ERP, 3rd Edition

English: CISA Practice Question Database v12 (CD-ROM)

IT Project Management:30 Steps to Success

IT Governance: Policies & Procedures, 2012 Edition

The Operational Risk Handbook for Financial Companies

ISACA
My ISACA

Join ISACA
Feedback
Shopping Cart

Sign In

ISACA > Journal > Past Issues > 2011 > Volume 2 > Quiz 135

Quiz 135

Journal
- Current Issue
- JOnline
- Past Issues
  - 2013
  - 2012
  - 2011
    - Volume 6
    - Volume 5
    - Volume 4
    - Volume 3
    - Volume 2
    - Volume 1
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
- Journal Author Blog
- Submit an Article
- Advertise
- CPE Quizzes
- Current Digital Journal
- Journal Mobile Apps

Based on Volume 6, 2010

Please note: In order to obtain your CPE certificate for having passed the quiz, you must turn off your pop-up blocker.

Dutta and Koritala Article
Salido Article
Hamidovic Article
Strait Article
Garber Article

CPE Quiz # 135

Based on ISACA Journal Volume 6, 2010

A passing score of 75 percent qualifies for one (1) hour of CISA/CISM/CGEIT/CRISC Continuing Professional Education (CPE) Credit

Your results will appear in a new window.

Enter your name below so it displays on the quiz results page:

Name:

Dutta and Koritala Article

1. Many organizations have, or are now in the process of developing, strategies to supplement their manual and costly internal controls with automated, reliable and cost-effective controls and controls solutions to effectively mitigate risk.
TrueFalse2. Controls solutions that focus on only one environment ignore a true enterprise reach, failing to deliver the comprehensive solution to mitigate end-to-end risk.
TrueFalse3. In evaluating the organization’s commitment to enhanced products, the following factors need to be considered: the actual amount of revenue invested in product development and the number of major and minor product releases each year, including enhancements and fixes.
TrueFalse

Salido Article

4. The proposed approach to data governance for security, privacy, confidentiality and compliance calls for modifying or replacing the organization’s existing information security management systems or IT governance processes.
TrueFalse5. Security standards and control frameworks tend to focus primarily on protecting the overall IT infrastructure and on aligning investments in that infrastructure with the organization’s business goals.
TrueFalse6. Organizations should place as much emphasis on security and privacy for data that are being transferred as they do for the original data set.
TrueFalse7. Organizations also need to systematically evaluate whether the technologies that protect their data confidentiality, integrity and availability are sufficient to reduce risk to the lowest level.
TrueFalse

Hamidovic Article

8. In Bosnia and Herzegovina, the taxation retention period for the original application for entry into a unified system is 10 years from the date of submission of the application, while the data entered into the database in electronic form have to be kept permanently.
TrueFalse9. Traditionally, corporations have considered the evidentiary implications of electronic documents only when they are required for litigation, or when forensic practitioners have focused on collecting IT evidence as artifacts of an investigation.
TrueFalse10. ISO 15489 may help organizations plan and implement an ICT continuity strategy.
TrueFalse11. One way to proactively address electronic records management is to follow a standardized records management process, such as the one recommended in ISO 27001:2005.
TrueFalse

Strait Article

12. Building a business case for a records management initiative begins with providing the description of the scope of the records management initiative, along with details of the future state to be achieved at the end of the initiative.
TrueFalse13. A cross-disciplinary team will aid in collecting the information needed to create a business case for investing in records management.
TrueFalse14. Expanding how and where records management is applied is being recognized as an enabler for reducing storage costs and improving the efficiency of routine operations.
TrueFalse

Garber Article

15. Audits and separate reviews determine internal control effectiveness continuously.
TrueFalse16. The degree of monitoring key controls may vary based on the relative risk and value of each control.
TrueFalse17. Indirect information such as key performance indicators (KPIs) can provide an excellent source for determining potential indirect monitoring measures.
TrueFalse18. Indirect information can provide positive assurance that a control is operating effectively.TrueFalse

Your results will appear in a new window.

Please note: This quiz requires a JavaScript-enabled browser. If the quiz is not displayed above, you either do not have a browser which supports JavaScript or JavaScript support has been disabled.

© 2013 ISACA. All Rights Reserved

Site Map
Contact Us
Press Room
Terms of Use
ISACA PRIVACY POLICY – YOUR PRIVACY RIGHTS
IP Guidelines