An IT auditor is evaluating IT controls of a newly purchased information system. The auditor discovers that logging is not configured al database and application levels.
Operational management explains that they do not have enough personnel to manage the logs and they see no benefit in keeping logs. Which of the fallowing responses best explains risks associated with insufficient or absent logging practices?

A. The organization will be unable to develop preventative actions based on analytics.

B. The organization will not be able to trace and monitor the activities of database administers.

C. The organization will be unable to determine why intrusions and cyber incidents took place.

D. The organization will be unable to upgrade the system to newer versions.

Which of the following statements is true regarding cost-volume-profit analysis?

A. Contribution margin is the amount remaining from sales revenue after fixed expenses have been deducted.

B. Breakeven point is the amount of units sold to cover variable costs.

C. Breakeven occurs when the contribution margin covers fixed costs.

D. Following breakover1, he operating income will increase by the excess of fixed costs less the variable costs per units sold.

Which of the following is the best example of IT governance controls?

A. Controls that focus on segregation of duties, financial, and change management,

B. Personnel policies that define and enforce conditions for staff in sensitive IT areas.

C. Standards that support IT policies by more specifically defining required actions

D. Controls that focus on data structures and the minimum level of documentation required

A bond that matures after one year has a face value of S250,000 and a coupon of $30,000. if the market price of the bond is 5265,000, which of the following would be the market interest rate?

A. Less than 12 percent.

B. 12 percent

C. Between 12.01 percent and 12.50 percent.

D. More than 12 50 percent.

Which of the following attributes of data analytics relates to the growing number of sources from which data is being generated?

A. Volume.

B. Velocity.

C. Velocity.

D. Velocity.

A chief audit executive wants to implement an enterprisewide resource planning software. Which of the following internal audit assessments could provide overall assurance on the likelihood of the software implementation's success?

A. Readiness assessment.

B. Project risk assessment.

C. Post-implementation review.

D. Key phase review.

An organization has an immediate need for servers, but no time to complete capital acquisitions. Which of the following cloud services would assist with this situation?

A. Infrastructure as a Service (laaS).

B. Platform as a Service (PaaS).

C. Enterprise as a Service (EaaS).

D. Software as a Service (SaaS).

Which of the following is the most appropriate way lo record each partner's initial Investment in a partnership?

A. At the value agreed upon by the partners.

B. At book value.

C. At fair value

D. At the original cost.

Which of the following is most important for an internal auditor to check with regard to the database version?

A. Verify whether the organization uses the most recent database software version.

B. Verify whether the database software version is supported by the vendor.

C. Verify whether the database software version has been recently upgraded.

D. Verify whether .access to database version information is appropriately restricted.

During which of the following phases of contracting does the organization analyze whether the market is aligned with organizational objectives?

A. Initiation phase

B. Bidding phase

C. Development phase

D. Negotiation phase

Internal auditors want to increase the likelihood of identifying very small control and transaction anomalies in their testing that could potentially be exploited to cause material breaches. Which of the following techniques would best meet this objective?

A. Analysis of the full population of existing data.

B. Verification of the completeness and integrity of existing data.

C. Continuous monitoring on a repetitive basis.

D. Analysis of the databases of partners, such as suppliers.

Which of the following is an example of a key systems development control typically found in the In-house development of an application system?

A. Logical access controls monitor application usage and generate audit trails.

B. The development process is designed to prevent, detect, and correct errors that may occur.

C. A record is maintained to track the process of data from Input, to output to storage.

D. Business users' requirements are documented, and their achievement is monitored