3a) For your own organisation (or one you know well), describe the procedures that need to be followed when archiving, retrieving and deleting information. Your answer should cover procedures for both electronic and paper-based information. 3b) When following the procedures outlined in Question 3a above, are there any legal requirements to consider? 4. Why is
What kind of analysis should be performed when considering if an internal control procedure should be implemented? 16. Which of the following are examples of fault tolerant systems. 17. Control totals are an example of a(n) 18.
What it is responsible for is the synchronizing frames, error checking, and the flow control. The third layer of the seven layers of (OSI) network model is the Network layer. The responsibility of the Network layer is managing the logical address information in packets and the delivery. The responsibility in managing logical addressing information and make sure that it is correctly sent to the right destination. The direct data packet generated by Network Layer using information that is stored in a table known as routing table.
Technical Paper: Risk Assessment Latoria Wilson Dr. Glenn Hines CIS 502 9/8/13 Introduction The risk assessment of Global Finance, Inc. identified vulnerabilities in the areas of Management, Operational and Technical Security. Vulnerabilities are weaknesses that may be exploited by a threat or group of threats. These vulnerabilities can be mitigated by recommended safeguards. Safeguards are security features and controls that, when added to or included in the information technology environment, mitigate the risk associated with the operation to manageable levels. A complete discussion of the vulnerabilities and recommended safeguards are found in this report.
Next look at the schema of each organization unit. Once the schema information is determined,
129 This statement sets standards for disclosing information about an entity’s capital structure. It applies to all entities. This statement was ussued in February 1997. B. Find definitions for the following: 1.
Using each frameworks section summaries an overall hybrid framework can be created that may be best suited for this project. NIST 800-53 ISO/IEC 27002 ISO/IEC 27011 Control Risk Management Supplemental Guidance Policy Control Enhancements Organization Organization References Asset Managment Asset Managment Priority and Baseline Allocation Human resources Human resources Physical and Environmental Physical and Environmental Communications and Operations Communications and Operations Access Control Access Control Acquisition, Development, Maintenance Acquisition, Development, Maintenance Incident Management Incident Management Business Continuity Business Continuity Compliance Telecommunications extended control set A hybrid framework summy would look like the following table: Hybrid Framework Policy Risk Management Asset Managment Business Continuity Priority
6-19 a) 2 b) 3 c) 1 6-20 a) 1 b) 2 c) 1 6-27 a) The implied or expressed representations of management concerning classes of transactions and related accounts in the financial statements are referred to as management assertions. General transaction related audit objectives ensure that the auditor has the flexibility to decide which audit evidence will be appropriate to satisfy management assertions. The specific transaction related audit objectives are objectives of each material class of transaction developed after the general transaction audit objectives have been determine. The relationship among these three concepts is the occurrence, completeness, accuracy, classification timing and post and summarization assertions.
The chief information officer (CIO) explains that the diagram is being updated and awaiting final approval. The IS auditor should FIRST: A. expand the scope of the IS audit to include the devices that are not on the network diagram. B. evaluate the impact of the undocumented devices on the audit scope. C. note a control deficiency because the network diagram has not been updated. D. plan follow-up audits of the undocumented devices.
Pan Europa investment policy had limitations to select projects that would best achieve benefits of strategic importance. The financial tests were the payback period and internal rate of return, which meant that the time value of money was ignored. As part of strategy formulation Pan Europa should perform a strategic analysis using SWOT analysis to determine the current performance and desired performance. The company vision and mission should then be developed. The Balanced Score Card shall then translate the company’s vision and mission into desired objectives and performance measures that can be quantified and appraised.