10 Perfect compliance with an IT Control Framework is not a guarantee of security because The EU's General Data Protection Regulation superseded all other frameworks They do not address the Internet of Things (IoT) None of the current IT Control Framework are certified by the US Federal Govt New threats and vulnerabilities are constantly emerging 16 Jose is an auditor for a regional auditing firm His firm has been retained by The Kroger Company Which of the following could compromise his independence The auditor typically buys groceries at Kroger The auditor does not follow the International Standards for Professional Practice The auditor's mother is the VP for Marketing at Kroger The auditor has invested in a mutual fund and the fund has invested in Kroger 17 Declan wasn't happy with the document destruction service he had retained to dispose of sensitive paper documents He learned from a friend that the destruction service often sent paper directly to a recycling service instead of shredding the documents Declan's procurement effort did not include checking to see if the destruction service had appropriate certifications Declan Neglected to conduct meaningful due diligence Failed to provide secure onsite storage in his office Should not dwell on trivial matters like this nothing will happen Accepted the risk of not destroying unneeded sensitive data 18 Logan (an auditor) has completed testing for the IT General Controls audit and is preparing for the Exit Conference with management One matter related to the authentication system is important for management to address because it affects a number of people, but presents little risk and could be resolved quickly Logan is also certain management can appropriately address the problem without the need for further oversight What level of reporting would be the most appropriate Major Report Finding Finding for Recovery Minor Report Finding Management Letter or Exit Conference Agenda 19 Who audits the auditors Other auditors The Board of Directors Trustees Arthur Andersen LLP The Police (Sting, Andy Summers, Stewart Copeland) 20 The proper order of the audit process is Notification Letter, Entrance Conference, Preliminary Meetings, Fieldwork, Exit Conference, and Final Report Notification Letter, Entrance Conferences, Preliminary Meetings, Drink Coffee, Procrastinate, Conduct Tests in a Big Hurry, Dream Up Some Findings, Hastily Write Report, and Go on Vacation Exit Conference, Notification Letter, Entrance Conference, Preliminary Meetings, Final Report Preliminary Meetings, Notification Letter, Entrance Conferences, Fieldwork, Final Report, Exit Conference

The Answer is in the image, click to view ...

Question: 10. Perfect compliance with an IT Control Framework is not a guarantee of security because: The EU's General Data Protection Regulation superseded all other frameworks

10. Perfect compliance with an IT Control Framework is not a guarantee of security because:

		The EU's General Data Protection Regulation superseded all other frameworks
		They do not address the Internet of Things (IoT)
		None of the current IT Control Framework are certified by the US Federal Govt
		New threats and vulnerabilities are constantly emerging

16. Jose is an auditor for a regional auditing firm. His firm has been retained by The Kroger Company. Which of the following could compromise his independence?

		The auditor typically buys groceries at Kroger.
		The auditor does not follow the International Standards for Professional Practice.
		The auditor's mother is the VP for Marketing at Kroger.
		The auditor has invested in a mutual fund and the fund has invested in Kroger.

17. Declan wasn't happy with the document destruction service he had retained to dispose of sensitive paper documents. He learned from a friend that the destruction service often sent paper directly to a recycling service instead of shredding the documents. Declan's procurement effort did not include checking to see if the destruction service had appropriate certifications. Declan:

		Neglected to conduct meaningful due diligence
		Failed to provide secure onsite storage in his office
		Should not dwell on trivial matters like this; nothing will happen
		Accepted the risk of not destroying unneeded sensitive data

18. Logan (an auditor) has completed testing for the IT General Controls audit and is preparing for the Exit Conference with management. One matter related to the authentication system is important for management to address because it affects a number of people, but presents little risk and could be resolved quickly. Logan is also certain management can appropriately address the problem without the need for further oversight. What level of reporting would be the most appropriate?

		Major Report Finding
		Finding for Recovery
		Minor Report Finding
		Management Letter or Exit Conference Agenda

19. Who audits the auditors?

		Other auditors
		The Board of Directors / Trustees
		Arthur Andersen LLP
		The Police (Sting, Andy Summers, Stewart Copeland)

20. The proper order of the audit process is:

		Notification Letter, Entrance Conference, Preliminary Meetings, Fieldwork, Exit Conference, and Final Report
		Notification Letter, Entrance Conferences, Preliminary Meetings, Drink Coffee, Procrastinate, Conduct Tests in a Big Hurry, Dream Up Some Findings, Hastily Write Report, and Go on Vacation.
		Exit Conference, Notification Letter, Entrance Conference, Preliminary Meetings, Final Report
		Preliminary Meetings, Notification Letter, Entrance Conferences, Fieldwork, Final Report, Exit Conference

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related General Management Questions!

6. The Acme Corporation is concerned for the safety of its customers, specifically hazard-prone but lovable coyotes. Acme has decided to seek UL certification (formerly Underwriters Laboratories) for...

10. Perfect compliance with an IT Control Framework is not a guarantee of security because: The EU's General Data Protection Regulation superseded all other frameworks They do not address the...

16. Members of organized crime have implemented a phishing scheme intended to trick employees into visiting a website which could lead to the installation of ransomware. This is an example of a:...

Question 6 Perfect compliance with an IT Control Framework is not a guarantee of security because: New threats and vulnerabilities are constantly emerging None of the current IT Control Framework are...

How does the article Fixing Facebook: Fake news, privacy, and platform governance relate to the ted talk video what obligations do social media platforms have to the greater good? Ted talk video...

Put together 10-20 slide presentation with recorded audio that demonstrates how you would present and deliver your capstone project to your intended audience. Your presentation should be persuasive,...

Audit Procedures Imagine that the policy and procedures you developed for Part I and Part II have been adopted and implemented in your company/agency/firm. Draft audit procedures to test the efficacy...

"READ AND CRITICALLY ANALYZE THE ARTICLE" (could you please make it at least five sentences each paragraph without just repeating question) (please follow the formatting) THANK YOU ! FIRST PARAGRAPH...

Throughout this course, I have gained a comprehensive understanding of management practices in Europe, encompassing cultural insights, diverse approaches, processes, laws, regulations, and the role...

Power Grid Engineering Associates, Inc., provides consulting services to commercial electric utilities. The consulting firms contribution- margin ratio is 25 percent, and its annual fixed expenses...

What does the new clip mean by the U.S. dollar under pressure?

Why is the calculation of Earnings and Profits ( E&P ) important? When is this an issue? Who is impacted and under what circumstances?

atch the compensation objectives with their meanings. Efficiency Efficiency drop zone empty. Fairness Fairness drop zone empty. Compliance Compliance drop zone empty. Improving performance and...