Interested to Buy Any Domain ? << Click Here >> for more details...
When auditing the requirements phase of a software
acquisition, the IS auditor should:
A. assess the feasibility of the project timetable.
B. assess the vendor?s proposed quality processes.
C. ensure that the best software package is acquired.
D. review the completeness of the specifications.
- 2 Answers
- 12378 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: D
The purpose of the requirements phase is to specify the
functionality of the proposed system; therefore the IS
auditor would concentrate on the completeness of the
specifications. The decision to purchase a package from a
vendor would come after the requirements have been
completed. Therefore choices B and C are incorrect. Choice A
is incorrect because a project timetable normally would not
be found in a requirements document.
| Is This Answer Correct ? | 7 Yes | 0 No |
Answer / antoine
B. assess the vendor?s proposed quality processes.
| Is This Answer Correct ? | 2 Yes | 4 No |
An IS auditor evaluating data integrity in a transaction driven system environment should review atomicity, to determine whether: A. the database survives failures (hardware or software). B. each transaction is separated from other transactions. C. integrity conditions are maintained. D. a transaction is completed or not, or a database is updated or not.
An organization is developing a new business system. Which of the following will provide the MOST assurance that the system provides the required functionality? A. Unit testing B. Regression testing C. Acceptance testing D. Integration testing
A probable advantage to an organization that has outsourced its data processing services is that: A. needed IS expertise can be obtained from the outside. B. greater control can be exercised over processing. C. processing priorities can be established and enforced internally. D. greater user involvement is required to communicate user needs.
While copying files from a floppy disk a user introduced a virus into the network. Which of the following would MOST effectively detect the existence of the virus? A: A. scan of all floppy disks before use B. virus monitor on the network file server C. scheduled daily scan of all network drives D. virus monitor on the user's personal computer
Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks? A. Check digit B. Existence check C. Completeness check D. Reasonableness check
The BEST defense against network eavesdropping is: A. encryption. B. moving the defense perimeter outward. C. reducing the amplitude of the communication signal. D. masking the signal with noise.
Which of the following processes describes risk assessment? Risk assessment is: A. subjective. B. objective. C. mathematical. D. statistical.
Which of the following is an output control objective? A. Maintenance of accurate batch registers B. Completeness of batch processing C. Appropriate accounting for rejections and exceptions D. Authorization of file updates
An IS auditor is assigned to perform a post implementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor: A. implemented a specific control during the development of the application system. B. designed an embedded audit module exclusively for auditing the application system. C. participated as a member of the application system project team, but did not have operational responsibilities. D.provided consulting advice concerning application system best practices.
Failure to adequately define or manage the requirements for a system can result in a number of risks. The GREATEST risk is: A. inadequate user involvement. B. inadequate allocation of resources. C. scope creep. D. an incorrect estimation of the critical path.
When auditing security for a data center, an IS auditor should look for the presence of a voltage regulator to ensure that the: A. hardware is protected against power surges. B. integrity is maintained if the main power is interrupted. C. immediate power will be available if the main power is lost. D. hardware is protected against long-term power fluctuations.
In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. there is a strategic information technology planning methodology in place. D. the plan correlates business objectives to IS goals and objectives.
Cisco Certifications 
