WGU D469 Performance Assessment Fully
Questions With Complete Solution
Which of the following should be of GREATEST concern to an IS auditor when reviewing an information
security policy? The policy:
A. is driven by an IT department's objectives.
B. is published, but users are not required to read the policy.
C. does not include information security procedures.
D. has not been updated in over a year. - ANSWER - A. is driven by an IT department's objectives.
Business objectives drive the information security policy, and the information security policy drives the
selection of IT department objectives. A policy driven by IT objectives is at risk of not being aligned with
business goals.
An IS auditor reviews an organizational chart PRIMARILY for:
A. an understanding of the complexity of the organizational structure.
B. investigating various communication channels.
C. understanding the responsibilities and authority of individuals.
D. investigating the network connected to different employees. - ANSWER - C. understanding the
responsibilities and authority of individuals.
An organizational chart provides information about the responsibilities and authority of individuals in
the organization
IT governance is PRIMARILY the responsibility of the:
A. chief executive officer.
B. board of directors.
C. IT steering committee.
D. audit committee. - ANSWER - B. board of directors.
, IT governance is primarily the responsibility of the executives and shareholders (as represented by the
board of directors).
To aid management in achieving IT and business alignment, an IS auditor should recommend the use of:
A. control self-assessments.
B. a business impact analysis.
C. an IT balanced scorecard.
D. business process reengineering. - ANSWER - C. an IT balanced scorecard.
This provides the bridge between IT objectives and business objectives by supplementing the traditional
financial evaluation with measures to evaluate customer satisfaction, internal processes and the ability
to innovate.
An IS audit department is planning to minimize the risk of short-term employees. Activities contributing
to this objective are documented procedures, knowledge sharing, cross-training and:
A. succession planning.
B. staff job evaluation.
C. responsibilities definitions.
D. employee award programs. - ANSWER - A. succession planning.
An IS auditor is evaluating a newly developed IT policy for an organization. Which of the following
factors does the IS auditor consider MOST important to facilitate compliance with the policy upon its
implementation?
A. Existing IT mechanisms enabling compliance
B. Alignment of the policy to the business strategy
C. Current and future technology initiatives
D. Regulatory compliance objectives defined in the policy - ANSWER - A. Existing IT mechanisms enabling
compliance
Questions With Complete Solution
Which of the following should be of GREATEST concern to an IS auditor when reviewing an information
security policy? The policy:
A. is driven by an IT department's objectives.
B. is published, but users are not required to read the policy.
C. does not include information security procedures.
D. has not been updated in over a year. - ANSWER - A. is driven by an IT department's objectives.
Business objectives drive the information security policy, and the information security policy drives the
selection of IT department objectives. A policy driven by IT objectives is at risk of not being aligned with
business goals.
An IS auditor reviews an organizational chart PRIMARILY for:
A. an understanding of the complexity of the organizational structure.
B. investigating various communication channels.
C. understanding the responsibilities and authority of individuals.
D. investigating the network connected to different employees. - ANSWER - C. understanding the
responsibilities and authority of individuals.
An organizational chart provides information about the responsibilities and authority of individuals in
the organization
IT governance is PRIMARILY the responsibility of the:
A. chief executive officer.
B. board of directors.
C. IT steering committee.
D. audit committee. - ANSWER - B. board of directors.
, IT governance is primarily the responsibility of the executives and shareholders (as represented by the
board of directors).
To aid management in achieving IT and business alignment, an IS auditor should recommend the use of:
A. control self-assessments.
B. a business impact analysis.
C. an IT balanced scorecard.
D. business process reengineering. - ANSWER - C. an IT balanced scorecard.
This provides the bridge between IT objectives and business objectives by supplementing the traditional
financial evaluation with measures to evaluate customer satisfaction, internal processes and the ability
to innovate.
An IS audit department is planning to minimize the risk of short-term employees. Activities contributing
to this objective are documented procedures, knowledge sharing, cross-training and:
A. succession planning.
B. staff job evaluation.
C. responsibilities definitions.
D. employee award programs. - ANSWER - A. succession planning.
An IS auditor is evaluating a newly developed IT policy for an organization. Which of the following
factors does the IS auditor consider MOST important to facilitate compliance with the policy upon its
implementation?
A. Existing IT mechanisms enabling compliance
B. Alignment of the policy to the business strategy
C. Current and future technology initiatives
D. Regulatory compliance objectives defined in the policy - ANSWER - A. Existing IT mechanisms enabling
compliance
