Which of the following is a role of an IS steering committee?
A. Initiate computer applications.
B. Ensure efficient use of data processing resources.
C. Prepare and monitor system implementation plans.
D. Review the performance of the systems department.
- 1 Answers
- 4300 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
Ideally an IS steering committee should consist of members
from all significant business areas in an organization.
Their goal is to review and act upon all requests for new
system needs in accordance with the corporate mission and
objectives. To this end, it is the responsibility of the
committee to ensure the efficient use of data processing
resources, set the priorities, examine costs and provide
support for various projects.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation? A. Specific developments only B. Business requirements only C. All phases of the installation must be documented D. No need to develop a customer specific documentation
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
An IS auditor reviewing back-up procedures for software need only determine that: A. object code libraries are backed up. B. source code libraries are backed up. C. both object and source codes libraries are backed up. D. program patches are maintained at the originating site.
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
Which of the following group/individuals should assume overall direction and responsibility for costs and timetables of system development projects? A. User management B. Project steering committee C. Senior management D. Systems development management
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
An organization is experiencing a growing backlog of undeveloped applications. As part of a plan to eliminate this backlog, end-user computing with prototyping, supported by the acquisition of an interactive application generator system is being introduced. Which of the following areas is MOST critical to the ultimate success of this venture? A. Data control B. Systems analysis C. Systems programming D. Application programming
The security level of a private key system depends on the number of: A. encryption key bits. B. messages sent. C. keys. D. channels used.
The most common problem in the operation of an intrusion detection system (IDS) is: A. the detection of false positives. B. receiving trap messages. C. reject error rates. D. denial-of-service attacks.
An IS auditor performing a review of the EFT operations of a retailing company would verify that the customers credit limit is checked before funds are transferred by reviewing the EFT: A. system's interface. B. switch facility. C. personal identification number generating procedure. D. operation backup procedures.
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
Cisco Certifications 
