Question: Question 26 Javier had a problem. The only way his project was feasible was if his team was allowed to implement a process that violated
Question 26
Javier had a problem. The only way his project was feasible was if his team was allowed to implement a process that violated company policy. He contacted the person responsible for the party and discovered there was a long-standing, but largely unknown, exception to the policy that would allow Javier's team to implement their process as planned. This long-standing ruling related to the company policy is called:
| Implicit Policy | ||
| Appealed Policy | ||
| Imposed Policy | ||
| Originated Policy |
Question 27
Declan wasn't happy with the document destruction service he had retained to dispose of sensitive paper documents. He learned from a friend that the destruction service often sent paper directly to a recycling service instead of shredding the documents. Declan's procurement effort did not include checking to see if the destruction service had appropriate certifications. Declan:
| Should not dwell on trivial matters like this; nothing will happen | ||
| Failed to provide secure onsite storage in his office | ||
| Accepted the risk of not destroying unneeded sensitive data | ||
| Neglected to conduct meaningful due diligence |
Question 28
Jose is an auditor for a regional auditing firm. His firm has been retained by The Kroger Company. Which of the following could compromise his independence?
| The auditor has invested in a mutual fund and the fund has invested in Kroger. | ||
| The auditor does not follow the International Standards for Professional Practice. | ||
| The auditor's mother is the VP for Marketing at Kroger. | ||
| The auditor typically buys groceries at Kroger. |
Question 29
Tyrone is an Assistant CIO. He needs to acquire an IT service for his company. He is certain the yearly cost of this service is going to be more than the $50,000 yearly payment threshold for procurement. That means he will have to go through the company's process to solicit bids from vendors, which will take months. The CIO wants this service now. Tyrone doesn't have months. What should Tyrone do?
| Pick a vendor and split the payment up into multiple transactions each less than $50,000 | ||
| Try to convince the CIO to assign this project to another manager | ||
| Discuss the matter with the Procurement Office and the CIO | ||
| Pick a vendor and sign the contract himself because this is a special case |
Question 30
Kareem is the CTO for company who offers an outsourced IT solution. Several potential customers have asked to see the results of audits of Kareem's company. Which of the following would be the best for Kareem to authorize salespersons to share with customers and prospects?
| A SAS 70 report | ||
| An SSAE 16 SOC 3 Report and a White Paper on the company's IT controls | ||
| An SSAE 16 Report, SOC 1 | ||
| An internal audit report on the state of the company's IT General Controls |
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts
Study Help