Interested to Buy Any Domain ? << Click Here >> for more details...
A company has contracted with an external consulting firm to
implement a commercial financial system to replace its
existing in-house developed system. In reviewing the
proposed development approach, which of the following would
be of GREATEST concern?
A. Acceptance testing is to be managed by users.
B. A quality plan is not part of the contracted deliverables.
C. Not all business functions will be available on initial
implementation.
D. Prototyping is being used to confirm that the system
meets business requirements.
- 3 Answers
- 12012 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
A quality plan is an essential element of all projects. It
is critical that the contracted supplier be required to
produce such a plan. The quality plan for the proposed
development contract should be comprehensive and encompass
all phases of the development and include which business
functions will be included and when. Acceptance is normally
managed by the user area, since they must be satisfied that
the new system will meet their requirements. If the system
is large, a phased-in approach to implementing the
application is a reasonable approach. Prototyping is a valid
method of ensuring that the system will meet business
requirements.
| Is This Answer Correct ? | 10 Yes | 0 No |
Answer / guest
B. A quality plan is not part of the contracted deliverables
| Is This Answer Correct ? | 2 Yes | 0 No |
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.
An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The IS auditor's report should recommend that: A. the deputy CEO be censured for his failure to approve the plan. B. a board of senior managers be set up to review the existing plan. C. the existing plan be approved and circulated to all key management and staff. D. a manager coordinate the creation of a new or revised plan within a defined time limit.
Which of the following is a function of an IS steering committee? A. Monitoring vendor controlled change control and testing B. Ensuring a separation of duties within the information's processing environment C. Approving and monitoring major projects, the status of IS plans and budgets D. Responsible for liaison between the IS department and the end users
In large corporate networks having supply partners across the globe, network traffic may continue to rise. The infrastructure components in such environments should be scalable. Which of the following firewall architectures limits future scalability? A. Appliances B. Operating system based C. Host based D. Demilitarized
Automated teller machines (ATMs) are a specialized form of a point-of-sale terminal that: A. allows for cash withdrawal and financial deposits only. B. are usually located in populous areas to deter theft or vandalism. C. utilizes protected telecommunication lines for data transmissions. D. must include high levels of logical and physical security.
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: A. the users may not remember to manually encrypt the data before transmission. B. the site credentials were sent to the financial services company via email. C. personnel at the consulting firm may obtain access to sensitive data. D. the use of a shared user ID to the FTP site does not allow for user accountability.
Which of the following would an IS auditor expect to find in a console log? A. Names of system users B. Shift supervisor identification C. System errors D. Data edit errors
Which of the following are data file controls? A. Internal and external labeling B. Limit check and logical relationship checks C. Total items and hash totals D. Report distribution procedures
Which of the following is the MOST fundamental step in effectively preventing a virus attack? A. Executing updated antivirus software in the background on a periodic basis B. Buying standard antivirus software, which is installed on all servers and workstations C. Ensuring that all software is checked for a virus in a separate PC before being loaded into the production environment D. Adopting a comprehensive antivirus policy and communicating it to all users
Which of the following is MOST important to have provided for in a disaster recovery plan? A. Backup of compiled object programs B. Reciprocal processing agreement C. Phone contact list D. Supply of special forms
An internal audit department, that organizationally reports exclusively to the chief financial officer (CFO) rather than to an audit committee, is MOST likely to: A. have its audit independence questioned. B. report more business-oriented and relevant findings. C. enhance the implementation of the auditor's recommendations. D. result in more effective action being taken on the recommendations.
Cisco Certifications 
