Certified Information Systems Auditor (CISA) Question:

IT control objectives are useful to IS auditors, as they provide the basis for understanding the:

Answer:

1. desired result or purpose of implementing specific control procedures.
2. best IT security control practices relevant to a specific entity.
3. techniques for securing information.
4. security policy.

Answer: A

Previous Question	Next Question
Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and systems?	In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: