Certified Government Auditing Professional (CGAP) Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Government Auditing Professional (CGAP) Exam with interactive quizzes! Enhance your understanding with flashcards and detailed explanations. Aim for success and feel confident on exam day.

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which control is most related to a physical security program in information technology?

  1. Monitoring system changes.

  2. Disaster contingency plan.

  3. Procurement and maintenance of software licenses.

  4. Edit for completeness tests.

The correct answer is: Disaster contingency plan.

A disaster contingency plan is fundamentally tied to a physical security program in information technology as it encompasses protocols and strategies designed to protect and restore physical assets in case of a disaster. This can include events such as natural disasters, fires, or other incidents that threaten the organization's physical infrastructure, including servers, data centers, and other technology resources. The plan outlines how an organization will respond to various threats, ensuring that critical systems and data can be recovered and restored, ultimately safeguarding the integrity and availability of information assets. By securing physical locations and developing a comprehensive response strategy, the organization strengthens its overall security posture, allowing for a quick recovery from disruptive events. In contrast, monitoring system changes primarily deals with tracking alterations to systems and processes, which is more related to logical security than physical security. The procurement and maintenance of software licenses focus on compliance and software management rather than the physical safeguarding of assets. Edit for completeness tests refers to the validation of data input, which does not align closely with the physical aspects of security. Thus, the disaster contingency plan most directly reflects a commitment to physical security in the realm of information technology.

More Questions Like This