Interested to Buy Any Domain ? << Click Here >> for more details...
An IS auditor who is participating in a systems development
project should:
A. recommend appropriate control mechanisms regardless of cost.
B. obtain and read project team meeting minutes to determine
the status of the project.
C. ensure that adequate and complete documentation exists
for all project phases.
D. not worry about his/her own ability to meet target dates
since work will progress regardless.
- 1 Answers
- 4917 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
An IS auditor who is participating in a systems development
life cycle project should ensure that adequate and complete
documentation exists for all project phases. Recommendations
for controls to minimize risks and exposures should consider
the relative costs involved. The IS auditor should attend
project team meetings and offer advice throughout, and the
IS auditor should be held to the same qualitative project
completion measures as the rest of the team.
| Is This Answer Correct ? | 7 Yes | 2 No |
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
The rate of change of technology increases the importance of: A. outsourcing the IS function. B. implementing and enforcing good processes. C. hiring personnel willing to make a career within the organization. D. meeting user requirements.
During an audit of a telecommunications system the IS auditor finds that the risk of intercepting data transmitted to and from remote sites is very high. The MOST effective control for reducing this exposure is: A. encryption. B. callback modems. C. message authentication. D. dedicated leased lines.
A programmer managed to gain access to the production library, modified a program that was then used to update a sensitive table in the payroll database and restored the original program. Which of the following methods would MOST effectively detect this type of unauthorized changes? A. Source code comparison B. Executable code comparison C. Integrated test facilities (ITF) D. Review of transaction log files
Which of the following is the MOST important criterion for the selection of a location for an offsite storage facility for IS backup files? The offsite facility must be: A. physically separated from the data center and not subject to the same risks. B. given the same level of protection as that of the computer data center. C. outsourced to a reliable third party. D. equipped with surveillance capabilities.
When logging on to an online system, which of the following processes would the system perform FIRST? A. Initiation B. Verification C. Authorization D. Authentication
Following the development of an application system, it is determined that several design objectives have not been achieved. This is MOST likely to have been caused by: A. insufficient user involvement. B. early dismissal of the project manager. C. inadequate quality assurance (QA) tools. D. noncompliance with defined approval points.
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
Which of the following audit procedures would MOST likely be used in an audit of a systems development project? A. Develop test transactions B. Use code comparison utilities C. Develop audit software programs D. Review functional requirements documentation
Which of the following would provide a mechanism whereby IS management can determine if the activities of the organization have deviated from the planned or expected levels? A. Quality management B. IS assessment methods C. Management principles D. Industry standards/benchmarking
Which of the following BEST describes the role of a systems analyst? A. Defines corporate databases B. Designs systems based on the needs of the user C. Schedules computer resources D. Tests and evaluates programmer and optimization tools
Cisco Certifications 
