Question: QUESTION 23 The internal audit function in a Fortune 1000 company recently completed an audit of vulnerability management. One of the test objectives included

QUESTION 23 The internal audit function in a Fortune 1000 company recently

QUESTION 23 The internal audit function in a Fortune 1000 company recently completed an audit of vulnerability management. One of the test objectives included testing that IT operations complied with the policy requiring that all network facing technology assets (high-risk assets) be patched within 15 days of availability of the patch. Based on the audit results it appears that exception rate of patches tested is 25%. What recommendation should the auditor include in the internal audit report? A new control is needed for vulnerability management O The control is excessive and should be changed to the industry average of 30 days O Limit assets subject to the policy to enhance compliance O The control is ineffective and needs to be corrected

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Accounting Questions!

Q:

Castile Products, Incorporated Balance Sheet December 31 Assets Current assets: Cash Accounts receivable, net Merchandise inventory Prepaid expenses Total current assets Property and equipment, net...

Q:

The internal audit function in a Fortune 1000 company recently completed an audit of vulnerability management. One of the test objectives included testing that IT operations complied with the policy...

Q:

You are about to issue the auditors report for Ayewaso Company Ltd, a listed client. Half way through the year the company suffered a major computer systems failure which destroyed the accounting...

Q:

I was wondering if Scenerio 1 activies #1-4 from this article could be answered. Need Help. CASES: CASE 1 AUDITING ENTITY-LEVEL CONTROLS Learning Objectives Describe why entity-level controls are a...

Q:

I was wondering if Scenerio 1 activies #1-4 from this article could be answered. Need Help. CASES: CASE 1 AUDITING ENTITY-LEVEL CONTROLS Learning Objectives Describe why entity-level controls are a...

Q:

I was wondering if Scenerio 1 activies #1-4 from this article could be answered. Need Help. CASES: CASE 1 AUDITING ENTITY-LEVEL CONTROLS Learning Objectives Describe why entity-level controls are a...

Q:

The financial statements of The North West Company Inc. are presented in Appendix A at the end of this book. (a) Using the statement of earnings (statement of income), answer the following questions:...

Q:

hI, i REALLY NEED HELP WITH THIS PROJECT. Exercise: Research various global financial services organizations (for example, UBS AG, E-Trade, Schwab, ING, Bank of America, HSBC, RBS) through their...

Q:

Research various global financial services organizations (for example, UBS AG, E-Trade, Schwab, ING, Bank of America, HSBC, RBS) through their company websites and other publicly available...

Q:

****Your answer will ONLY be used as a guide and not turned in as my work, DO NOT TAKE THIS QUESTION AND THEN FLAG IT FOR THE HONOR CODE!*** Please help with the 3 finance questions below: -Each...

Q:

1. Why do human resources managers at Starbucks need to be kept informed about any changes in the number and timing of new store openings planned for the coming year 2. Why does Starbucks offer...

Q:

Spice asks Meyers to quantify price changes from changes in interest rates. To illustrate, Meyers computes the value change for the fixed-rate note in the table. Specifically, he assumes an increase...

Q:

Which of the following is not an investment grade credit rating? * BB + BBB + BBB BBB -

Q:

3. Let T be a lineal operator over a space of Banach. T is calles idempotent if T2 = T. Show that if T # 0,1 then it's spectral is o{0, 1}.

Q:

A former employs a servant to look after his form house. He instructs the servant to keep a watch on his goat. So that he does not harm the kitchen garden when the entrance-door is open. He is also...

Q:

Tori and some other childeen experimented with balls to see which ones rolled. First using a piece of cardboard to use as a ramp, they angled it on a block to the floor to test the balls. Then Tori...

Q:

to include this new information. Compare the results. Put a text box in your model with the numerical results requested, and repeat those same results from Exercise

Q:

A production system consists of four serial automatic workstations. The f rst part arrives at time zero, and then (exactly) every 9.8 minutes thereafter. All transfer times are assumed to be zero and...

Q:

A proposed production system consists of f ve serial automatic workstations. The processing times at each workstation are constant: 11, 10, 11, 11, and 12 (all times given in this exercise are in...