Interested to Buy Any Domain ? << Click Here >> for more details...
When a new system is to be implemented within a short time
frame, it is MOST important to:
A. finish writing user manuals.
B. perform user acceptance testing.
C. add last-minute enhancements to functionalities.
D. ensure that code has been documented and reviewed.
- 1 Answers
- 7700 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
It would be most important to complete the user acceptance
testing so as to ensure that the system, which is to be
implemented is working correctly. The completion of the user
manuals is similar to the performance of code reviews. If
time is tight, the last thing one would want to do is add
another enhancement. It would be necessary to freeze the
code and complete the testing, then make any other changes
as future enhancements. It would be appropriate to have the
code documented and reviewed, but unless the acceptance
testing is completed, there is no guarantee that the system
will work correctly and meet user requirements.
| Is This Answer Correct ? | 9 Yes | 0 No |
Which of the following audit procedures would an IS auditor be LEAST likely to include in a security audit? A. Review the effectiveness and utilization of assets. B. Test to determine that access to assets is adequate. C. Validate physical, environmental and logical access policies per job profiles. D. Evaluate asset safeguards and procedures that prevent unauthorized access to the assets.
Which of the following types of controls is designed to provide the ability to verify data and record values through the stages of application processing? A. Range checks B. Run-to-run totals C. Limit checks on calculated amounts D. Exception reports
An organization is considering connecting a critical PC-based system to the Internet. Which of the following would provide the BEST protection against hacking? A. An application-level gateway B. A remote access server C. A proxy server D. Port scanning
Which of the following is a practice that should be incorporated into the plan for testing disaster recovery procedures? A. Invite client participation. B. Involve all technical staff. C. Rotate recovery managers. D. Install locally stored backup.
The difference between whitebox testing and blackbox testing is that whitebox testing: A. involves the IS auditor. B. is performed by an independent programmer team. C. examines a program's internal logical structure. D. uses the bottom-up approach.
Which of the following risks would be increased by the installation of a database system? A. Programming errors B. Data entry errors C. Improper file access D. Loss of parity
Which of the following is the MOST reasonable option for recovering a noncritical system? A. Warm site B. Mobile site C. Hot site D. Cold site
The risk that an IS auditor uses an inadequate test procedure and concludes that material errors do not exist when, in fact, they do, is an example of: A. inherent risk. B.control risk. C. detection risk. D. audit risk.
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
Which of the following is an advantage of an integrated test facility (ITF)? A. It uses actual master files or dummies and the IS auditor does not have to review the source of the transaction. B. Periodic testing does not require separate test processes. C. It validates application systems and tests the ongoing operation of the system. D. It eliminates the need to prepare test data.
An audit charter should: A. be dynamic and change often to coincide with the changing nature of technology and the audit profession. B. clearly state audit objectives for the delegation of authority for the maintenance and review of internal controls. C. document the audit procedures designed to achieve the planned audit objectives. D. outline the overall authority, scope and responsibilities of the audit function.
Sign-on procedures include the creation of a unique user ID and password. However, an IS auditor discovers that in many cases the user name and password are the same. The BEST control to mitigate this risk is to: A. change the company's security policy. B. educate users about the risk of weak passwords. C. build in validations to prevent this during user creation and password change. D. require a periodic review of matching user ID and passwords for detection and correction.
Cisco Certifications 
