Lingo
What is a preventive control?
A control that is intended to prevent a risk from occurring.
What type of control is this? "Privileged system access are restricted to authorized personnel."
a. Preventive; b. Detective; c. Corrective
a. Preventive
What are the common topics the team will usually cover during an audit kick-off meeting?
Examples: Audit period, teams, in-scope business processes and focus areas, audit timeline, management concerns or comments
What is a detective control?
A control that identifies violations and/or incidents that bypassed the preventive control.
What type of control is this? "All changes made to systems are documented and tracked."
a. Preventive; b. Detective; c. Corrective
b. Detective
What are the common topics the team will usually cover during an audit closing meeting?
Examples: Findings or / and recommendations
What is a corrective control?
A control that corrects errors or risks and prevent the recurrence of further errors.
What type of control is this? "Incidents are responded to and resolved in a timely manner."
a. Preventive; b. Detective; c. Corrective
c. Corrective
What meeting is it usually planned after an audit is announced?
Kick-off meeting
What is an automated control?
A control performed by an automated system, without interference of a person.
Changes to systems require appropriate planning, testing, approval and documentation.
a. Preventive; b. Detective; c. Corrective
a. Preventive
What meeting is it usually planned after an audit is announced?
Kick-off meeting
What is a manual control?
A control performed by a person without making direct use of automated systems.
Management performs a periodic review of changes to ensure that the change followed all appropriate procedures.
a. Preventive; b. Detective; c. Corrective
b. Detective
Which corporate programs/activities are IA IT team continuously monitoring?
Examples: Disaster recovery, corporate projects