1. What advice does the FBI provide in protecting against computer fraud? Do you feel that the Government is doing sufficient job in this area?
2. Define COBIT and it's control objective. Do you feel the frameowrk is detailed enough to serve your orgnization? Why or why not?
3. What are the components of a good policy framework? Provide an example of each of these components.
4. What is the Deming cycle approach? How does this approach help improve quality?
5. Why is it important for IT Auditors to know about the legal environment of information systems?