Controls that apply to all data for a systems environment can BEST be described as (page 7-13) A. general controls B. application controls C. policy controls D. big data controls 2. Ensuring that IT supports the organization's objectives and strategies if the goal of (page 7-11) A. IT risk management B. IT management controls C. IT governance DIT environmental controls 3. Failure to sufficiently restrict unauthorized use of computer resources can BEST be described as (page 7-10) A. Access risk B. Privacy risk C. Fraud risk D. Access risk 4. 5. Practices intended to provide assurance that the organization is structured with clearly defined lines of reporting and responsibility are known as (page 7-15) A. IT Standards. B. IT Governance Controls C-IT Technical Controls DIT Management Controls 6. Reasonable assurance, as it pertains to internal control, means that (6-21) A. The objectives of internal control vary depending on the method of data processing used. B. A well-designed system of internal controls will prevent or detect all errors and fraud. C. Inherent limitations of internal control preclude a system of internal control from providing absolute assurance that objectives will be achieved. D. Management cannot override controls and employees cannot circumvent controls through collusion. The amount of risk an organization is willing to accept in pursuit of its business objectives is known as (pages 6-22 and 6-23) A. risk appetite B. controllable risk C. risk tolerance D. residual risk 7