Interested to Buy Any Domain ? << Click Here >> for more details...
When reviewing a system development project at the project
initiation stage, an IS auditor finds that the project team
is following the organization's quality manual. To meet
critical deadlines the project team proposes to fast track
the validation and verification processes, commencing some
elements before the previous deliverable is signed off.
Under these circumstances, the IS auditor would MOST likely:
A. report this as a critical finding to senior management.
B. accept that different quality processes can be adopted
for each project.
C. report to IS management the team's failure to follow
quality procedures.
D. report the risks associated with fast tracking to the
project steering committee.
- 1 Answers
- 6383 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
It is important that quality processes are appropriate to
individual projects. Attempts to apply inappropriate
processes will often find their abandonment under pressure.
A fast-tracking process is an acceptable option under
certain circumstances. However, it is important that the
project steering committee is informed of the risks
associated with this (i.e., possibility of rework if changes
are required).
| Is This Answer Correct ? | 9 Yes | 0 No |
After a full operational contingency test, the IS auditor performs a review of the recovery steps and concludes that the elapsed time until the technological environment and systems were actually functioning, exceeded the required critical recovery time. Which of the following should the auditor recommend? A. Perform an integral review of the recovery tasks. B. Broaden the processing capacity to gain recovery time. C. Make improvements in the facility's circulation structure. D. Increase the amount of human resources involved in the recovery.
After installing a network, an organization installed a vulnerability assessment tool or security scanner to identify possible weaknesses. Which is the MOST serious risk associated with such tools? A. Differential reporting B. False positive reporting C. False negative reporting D. Less detail reporting
An IT steering committee would MOST likely perform which of the following functions? A. Placement of a purchase order with the approved IT vendor B. Installation of systems software and application software C. Provide liaison between IT department and user department D. Interview staff for the IT department
A data administrator is responsible for: A. maintaining database system software. B. defining data elements, data names and their relationship. C. developing physical database structures. D. developing data dictionary system software.
In the course of performing a risk analysis, an IS auditor has identified threats and potential impacts. Next, an IS auditor should: A. identify and assess the risk assessment process used by management. B. identify information assets and the underlying systems. C. disclose the threats and impacts to management. D. identify and evaluate the existing controls.
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity
An organization wants to enforce data integrity principles and achieve faster performance/execution in a database application. Which of the following design principles should be applied? A. User (customized) triggers B. Data validation at the front end C. Data validation at the back end D. Referential integrity
Which of the following audit procedures would an IS auditor normally perform FIRST when reviewing an organization's systems development methodology? A. Determine procedural adequacy. B. Analyze procedural effectiveness. C. Evaluate level of compliance with procedures. D. Compare established standards to observed procedures.
A request for a change to a report format in a module (subsystem) was made. After making the required changes, the programmer should carry out: A. unit testing. B. unit and module testing. C. unit, module and regression testing. D. module testing.
Which of the following network topologies yields the GREATEST redundancy in the event of the failure of one node? A. Mesh B. Star C. Ring D. Bus
An IS auditor when reviewing a network used for Internet communications, will FIRST examine the: A. validity of passwords change occurrences. B. architecture of the client-server application. C. network architecture and design. D. firewall protection and proxy servers.
Cisco Certifications 
