12. Review of the audit( also called transaction) log is an example of which of the following types of security control? 13. Which of the following statements presents an example of a general control for a computerized system? 14. Controls in the information technology area are classified into the categories of preventive, detective, and corrective. Which of the following is a preventive control?
15. A company ' s new time clock process requires hourly employees to select an identification number and then choose the clock-in or clock-out button. A video camera captures an image of the employee using the system. Which of the following exposures can the new system be expected to change the least?
16. Which of the following is an example of a detective control?
17. In the COSO " cube " model, each of the following is a control objective except
18. In the COSO " cube " model, this component of internal control enables an organization ' s people to identify, process, and exchange the information needed to manage and control operations.
19. This component of internal control concerns the policies and procedures that ensure that actions are taken to address the risks related to the achievement of management ' s objectives. 20. This fundamental component of internal control is the core or foundation of any system of internal control. 21. This component of internal control concerns testing the system and its data. 22. According to COSO, which of the following is a compliance objective? 23. This is the process of identifying, analyzing, and managing the risks involved in achieving the organization ' s objectives. 24. In the COSO( 2011) " cube " model, each of the following are components of internal control except
25. According to the 17 COSO control principles, risk reduction primarily relates to which fundamental component of internal control: