From Book: DATABASE SECURITY AND AUDITING: Protecting Data Integrity and Accessibility

Author: HASSAN A. AFYOUNI

Review Questions 1. The purpose of the auditing process is to make sure that the system is working and functional. True or false? 2. A security audit verifies that the system complies with industry standards, government regulations, or partner and client policies. True or false? 3. An audit trail is a document generated by an individual conducting the audit; it contains auditing findings. True or false? 4. Database auditing is the process of examining and validating documents, data, processes, proce- dures, systems, or activities to ensure that the audited entity complies with its original objectives. True or false? 5. An external audit is conducted to investigate the financial or operational state of a company and is brought about randomly by the government because of suspicious activities or accusations. True or false? 6. List three side effects of excessive database auditing. 7. Give an example of an application in which auditing is implemented. 8. State the differences between internal and external audits and provide an example of each. 9. Using a business situation, list the activities that are executed for each phase of the auditing process. 10. List the four purposes of having auditing objectives. 11. List five auditing activities, and for each activity provide a real-life example. 12. List two reasons for an internal audit and provide a real-life example. 13. List two reasons for an external audit and provide a real-life example. 14. Define the term "auditing environment" and include the components of the auditing environment