Question

7.

COBIT 5 takes the view that all IT processes should provide clear links between all of the following except:

Multiple Choice

• IT controls.

• IT components.

• IT governance requirements.

• IT processes.

20. What is the primary objective of data security controls?

Multiple Choice

To establish a framework for controlling the design, security, and use of computer programs throughout an organization.

To formalize standard, rules, and procedures to ensure the organization's control are properly executed.

To ensure that data storage media are subject to authorization prior to access, change, or destruction.

To monitor the use of system software to prevent unauthorized access to system software and computer programs.

24.

Which of the following business rules illustrates a proper implementation of internal control?

Multiple Choice

• The employee that performs part of the conversion work can’t also perform other work in the conversion process.

• The employee that authorizes production can’t be the same employee that issues raw materials.

• The person that receives the finished items can’t also place them into their assigned warehouse location.

• The employee that inspects the work can’t be the same employee that discards defective items.

Answer 1

(Q) COBIT 5 takes the view that all IT processes should provide clear links between all of the following except:

(Ans) Option B - IT components

• COBIT 5 takes the view that all IT processes should provide clear links between all of the following except the IT components

(Q) What is the primary objective of data security controls?

(Ans) Option C - To ensure that storage media are subject to authorization prior to access, change, or destruction

• The primary objective of data security is to protect data. This includes ensuring that storage media are subject to authorization prior to access, change, or destruction.

(Q) Which of the following business rules illustrates a proper implementation of internal control?​​​​​​​

(Ans) Option B - The employee that authorizes production can’t be the same employee that issues raw materials.

• The employee that authorizes production can’t be the same employee that issues raw materials illustrates a proper implementation of internal control. Its a form of segregation duties which helps in reducing unethical activities