Interested to Buy Any Domain ? << Click Here >> for more details...
Once an organization has finished the business process
reengineering (BPR) of all its critical operations, the IS
auditor would MOST likely focus on a review of:
A. pre-BPR process flowcharts.
B. post-BPR process flowcharts.
C. BPR project plans.
D. continuous improvement and monitoring plans.
- 2 Answers
- 7828 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
The IS auditor's task is to identify and ensure that key
controls have been incorporated into the reengineered
process. Choice A is incorrect because an IS auditor must
review the process as it is today, not as it was in the
past. Choices C and D are incorrect because they are steps
within a BPR project.
| Is This Answer Correct ? | 6 Yes | 0 No |
Which of the following would be the LEAST likely indication that complete or selected outsourcing of IS functions should be considered? A. The applications development backlog is greater than three years. B. It takes one year to develop and implement a high-priority system. C. More than 60 percent of programming costs are spent on system maintenance. D. Duplicate information systems functions exist at two sites.
An IS auditor discovers that an organization?s business continuity plan provides for an alternate processing site that will accommodate fifty percent of the primary processing capability. Based on this, which of the following actions should the IS auditor take? A. Do nothing, because generally, less than twenty-five percent of all processing is critical to an organization?s survival and the backup capacity, therefore is adequate. B. Identify applications that could be processed at the alternate site and develop manual procedures to backup other processing. C. Ensure that critical applications have been identified and that the alternate site could process all such applications. D. Recommend that the information processing facility arrange for an alternate processing site with the capacity to handle at least seventy-five percent of normal processing.
The purpose of debugging programs is to: A. generate random data that can be used to test programs before implementing them. B. protect valid changes from being overwritten by other changes during programming. C. define the program development and maintenance costs to be include in the feasibility study. D. ensure that abnormal terminations and coding flaws are detected and corrected.
To develop a successful business continuity plan, end user involvement is critical during which of the following phases? A. Business recovery strategy B. Detailed plan development C. Business impact analysis D. Testing and maintenance
The corporate office of a company having branches worldwide, developed a control self-assessment program (CSA) for all its offices. Which of the following is the MOST important requirement for a successful CSA? A. Skills of the workshop facilitator B. Simplicity of the questionnaire C. Support from the audit department D. Involvement of line managers
Which of the following is a control over database administration activities? A. A database checkpoint to restart processing after a system failure B. Database compression to reduce unused space C. Supervisory review of access logs D. Backup and recovery procedures to ensure database availability
When auditing the requirements phase of a software acquisition, the IS auditor should: A. assess the feasibility of the project timetable. B. assess the vendor?s proposed quality processes. C. ensure that the best software package is acquired. D. review the completeness of the specifications.
The implementation of cost-effective controls in an automated system is ultimately the responsibility of the: A. system administrator. B. quality assurance function. C. business unit management. D. chief of internal audit.
A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it: A. can identify high-risk areas that might need a detailed review later. B. allows IS auditors to independently assess risk. C. can be used as a replacement for traditional audits. D. allows management to relinquish responsibility for control.
Which of the following is a telecommunication device that translates data from digital form to analog form and back to digital? A. Multiplexer B. Modem C. Protocol converter D. Concentrator
What is a risk associated with attempting to control physical access to sensitive areas, such as computer rooms, through card keys, locks, etc.? A. Unauthorized individuals wait for controlled doors to open and walk in behind those authorized. B. The contingency plan for the organization cannot effectively test controlled access practices. C. Access cards, keys, and pads can be easily duplicated allowing easy compromise of the control. D. Removing access for people no longer authorized is complex.
After implementation of a disaster recovery plan (DRP), pre-disaster and post-disaster operational cost for an organization will: A. decrease. B. not change (remain the same). C. increase. D. increase or decrease depending upon nature of the business.
Cisco Certifications 
