A strength of an implemented quality system based on ISO
9001 is that it:
A. guarantees quality solutions to business problems.
B. results in improved software life cycle activities.
C. provides clear answers to questions concerning
cost-effectiveness.
D. does not depend on the maturity of the implemented
quality system.
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
A strength of an implemented quality system based on ISO
9001 is that it enhances improvements in software life cycle
activities, quality assurance and quality control.
Weaknesses of the system include that it can fail to provide
clear answers to questions concerning productivity,
reliability or cost-effectiveness of the system. A quality
system is not a guarantee of quality solutions to business
problems since poorly defined user requirements will
adversely affect the design of the software. Depending on
the maturity of the implemented quality system stages can
vary from not implemented to fully implemented procedures.
Is This Answer Correct ? | 3 Yes | 0 No |
Answer / clem
A strngth of an implemented quality system based on ISO
9001 is that it provides consistent process and ensures
feed back.
Is This Answer Correct ? | 0 Yes | 0 No |
Which of the following is a substantive test?
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
The PRIMARY purpose of compliance tests is to verify whether: A. controls are implemented as prescribed. B. documentation is accurate and current. C. access to users is provided as specified. D. data validation procedures are provided.
To prevent an organization's computer systems from becoming part of a distributed denial-of-service attack, IP packets containing addresses that are listed as unroutable can be isolated by: A. establishing outbound traffic filtering. B. enabling broadcast blocking. C. limiting allowable services. D. network performance monitoring.
During a review of the controls over the process of defining IT service levels, an IS auditor would MOST likely interview the: A. systems programmer. B. legal staff. C. business unit manager. D. application programmer.
A sequence of bits appended to a digital document that is used to secure an e-mail sent through the Internet is called a: A. digest signature. B. electronic signature. C. digital signature. D. hash signature.
When a PC that has been used for the storage of confidential data is sold on the open market the: A. hard disk should be demagnetized. B. hard disk should be mid-level formatted.s C. data on the hard disk should be deleted. D. data on the hard disk should be defragmented.
Which of the following choices BEST ensures the effectiveness of controls related to interest calculation inside an accounting system? A. Re-performance B. Process walk-through C. Observation D. Documentation review
To affix a digital signature to a message, the sender must first create a message digest by applying a cryptographic hashing algorithm against: A. the entire message and thereafter enciphering the message digest using the sender's private key. B. any arbitrary part of the message and thereafter enciphering the message digest using the sender's private key. C. the entire message and thereafter enciphering the message using the sender's private key. D. the entire message and thereafter enciphering the message along with the message digest using the sender's private key.
Which of the following is a threat? A. Lack of security B. Loss of goodwill C. Power outage D. Information services
When implementing an application software package, which of the following presents the GREATEST risk? A. Uncontrolled multiple software versions B. Source programs that are not synchronized with object code C. Incorrectly set parameters D. Programming errors
When conducting an audit of client/server database security, the IS auditor would be MOST concerned about the availability of: A. system utilities. B. application program generators. C. system security documentation. D. access to stored procedures.