Question:Which ONE of the following would be classed as a contingency control in an information system?
A. System recovery procedures
B. Data validation procedures
C. Password-only access to the system
D. Audit trails
The correct answer is: System recovery procedures
Rationale: System recovery procedures are set in place for activation in the event of breakdown, to get the system up and running again: this is a contingency control, because it plans for a 'worst case scenario'.
Password access is an example of a security control: protecting data from unauthorised modification, disclosure or destruction of data.
Audit trails (showing who has accessed a system and what they have done) and data validation (checking that input data is not incomplete or unreasonable) are examples of integrity controls: controls which maintain the completeness and correctness of data in the system.
Pitfalls: There is a lot of vocabulary and procedure in this area: make sure that you could answer questions on a variety of different data security controls.
高顿网校温馨提醒
各位考生,2015年ACCA备考已经开始,为了方便各位学员能更加系统地掌握考试大纲的重点知识,帮助大家充分备考,体验实战,高顿网校开通了全免费的
ACCA题库(包括精题真题和全真模考系统),题库里附有详细的答案解析,学员可以通过多种题型加强练习。
戳这里进入ACCA免费题库>>>
写评论
