Interested to Buy Any Domain ? << Click Here >> for more details...
Topic :: Reviews
IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.
1 4971During a review of a customer master file an IS auditor discovered numerous customer name duplications arising from variations in customer first names. To determine the extent of the duplication the IS auditor would use: A. test data to validate data input. B. test data to determine system sort capabilities. C. generalized audit software to search for address field duplications. D. generalized audit software to search for account field duplications.
1 8875In reviewing the IS short-range (tactical) plan, the IS auditor should determine whether: A. there is an integration of IS and business staffs within projects. B. there is a clear definition of the IS mission and vision. C. there is a strategic information technology planning methodology in place. D. the plan correlates business objectives to IS goals and objectives.
1 9281An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The basis of an organization's disaster recovery plan is to reestablish live processing at an alternative site where a similar, but not identical hardware configuration is already established. The IS auditor should: A. take no action as the lack of a current plan is the only significant finding. B. recommend that the hardware configuration at each site should be identical. C. perform a review to verify that the second configuration can support live processing. D. report that the financial expenditure on the alternative site is wasted without an effective plan.
1 5044An IS auditor is reviewing the database administration function to ascertain whether adequate provision has been made for controlling data. The IS auditor should determine that the: A. function reports to data processing operations. B. responsibilities of the function are well defined. C. database administrator is a competent systems programmer. D. audit software has the capability of efficiently accessing the database.
1 7174An IS auditor's MAJOR concern as a result of reviewing a business process reengineering (BPR) project should be whether the: A. newly designed business process has key controls in place. B. changed process will affect organization structure, finances and personnel. C. roles for suppliers have been redefined. D. process has been documented before and after reengineering.
1 5100When reviewing the quality of an IS department's development process, the IS auditor finds that they do not use any formal, documented methodology and standards. The IS auditor's MOST appropriate action would be to: A. complete the audit and report the finding. B. investigate and recommend appropriate formal standards. C. document the informal standards and test for compliance. D. withdraw and recommend a further audit when standards are implemented.
1 4215An IS auditor reviewing an organization's IT strategic plan should FIRST review: A. the existing IT environment. B. the business plan. C. the present IT budget. D. current technology trends.
1 6831When reviewing a system development project an IS auditor would be PRIMARILY concerned with whether: A. business objectives are achieved. B. security and control procedures are adequate. C. the system utilizes the strategic technical infrastructure. D. development will comply with the approved quality management processes
1 3871An IS auditor reviewing an organization's IS disaster recovery plan should verify that it is: A. tested every 6 months. B. regularly reviewed and updated. C. approved by the chief executive officer (CEO). D. communicated to every departmental head in the organization.
2 10675An IS auditor conducting a review of disaster recovery planning at a financial processing organization has discovered the following: * The existing disaster recovery plan was compiled two years ago by a systems analyst in the organization's IT department using transaction flow projections from the operations department. * The plan was presented to the deputy CEO for approval and formal issue, but it is still awaiting his attention. * The plan has never been updated, tested or circulated to key management and staff, though interviews show that each would know what action to take for their area in the event of a disruptive incident. The IS auditor's report should recommend that: A. the deputy CEO be censured for his failure to approve the plan. B. a board of senior managers be set up to review the existing plan. C. the existing plan be approved and circulated to all key management and staff. D. a manager coordinate the creation of a new or revised plan within a defined time limit.
1 4399The PRIMARY objective of a logical access controls review is to: A. review access controls provided through software. B. ensure access is granted per the organization's authorities. C. walkthrough and assess access provided in the IT environment. D. provide assurance that computer hardware is protected adequately against abuse.
1 14464An IS auditor reviewing database controls discovered that changes to the database during normal working hours were handled through a standard set of procedures. However, changes made after normal hours required only an abbreviated number of steps. In this situation, which of the following would be considered an adequate set of compensating controls? A. Allow changes to be made only with the DBA user account. B. Make changes to the database after granting access to a normal user account C. Use the DBA user account to make changes, log the changes and review the change log the following day. D. Use the normal user account to make changes, log the changes and review the change log the following day.
1 7938An IS auditor conducting a review of software usage and licensing discovers that numerous PCs contain unauthorized software. Which of the following actions should the IS auditor take? A. Personally delete all copies of the unauthorized software. B. Inform auditee of the unauthorized software, and follow up to confirm deletion. C. Report the use of the unauthorized software to auditee management and the need to prevent recurrence. D. Take no action, as it is a commonly accepted practice and operations management is responsible for monitoring such use.
1 9358During the review of a biometrics system operation, the IS auditor should FIRST review the stage of: A. enrollment. B. identification. C. verification. D. storage.
1 4983
When a non-conformance is noted during these "reviews", what happens next?
About peer reviews ?
PLEASE SEND ME THE DOCUMENTS IF ANY ONE HAVE REGARDING THE IMPACT ANALYSYS,REVIEWS
types of reviews?Advantages of reviews? Diff between process and procedure? diff b/w verification and validation? diff b/w cmm,cmmi? exp tqm,gqm,iso,ieee? Roles and responsibilities of tester? Ricks,types of ricks? what r Quality factors?
I am asked to create Usability testing methodology document, basically listing the Procedures & methodology to/for: a. Entry criteria Exit criteria for usability test b. Deliverables d. Methods of doing Reviews and inspection e. Methods of Reporting f. at which testing phase usability testing is done in v model Is there any sample document/template available on Internet? Any help will be greatly appreciated.
explain with examples what r the roles & Responsiblities of a functional consultant who reviews the Test Scripts, Test Cases and Test Execution Results of AP, FA and GL.
Sir, Iam Applied in rrb for the posts of Junior Engineer.I want to know about the or question previews to study well.Pl send it to shukla_varun1985@yahoo.com.
To my surprise,my visa interview was too short and shocking. I had 1310 in gre and 109 in toefl. I completed BE in Elect and comm with 75% in 2007 and had been working in a multinational software company since then. i applied for masters in elect and comm in Lamar university with 60% fee waiver.. here goes the interview VO:( took my documents) how many universities??(raising his eyebrow) Me:2 VO: Looking at me with questioning eyes? Me: Lamar university, Texas and Cleveland State University, Ohio. VO: Why did u apply for Cleveland University? Me: This is a good university, i got good reviews about this university from online forums and communities and it was offering me right courses in computer networking along with other courses in Electrical Engineering..... VO: Interrupted... it is not a very high ranking university, how can u say its a good university? Me: Ranking of the university was not my sole criteria... VO: Interrupted... ohh!!! (sarcastically) what was your criteria? Me: I focused on the department and the courses that were being offered.. Moreover, I got good feedback.... VO: Go.. Me: ok. can u give me the reason? VO: next one come.. I don't understand what went wrong?
1.explain end to end process of qc,2.how many tabs are in qc9.0,qc10.0 3.what is review, how many reviews are following in aproject 4.how will you get the requirements 5.why do we choose testing 6.how to export tc's and requirements to qc through add-ins
Performance reporting tools and techniques include all of the following except: A. Earned value analysis B. Statistical sampling C. Variance analysis D. Performance reviews
The purpose of a quality audit includes all of the following except: A. Examines the work of the project and formally accepts the work results B. Determines how the project is progressing and makes corrections C. Identifies lessons learned D. Reviews quality management activities to ensure the right quality elements are being examined
All of the following are tools and techniques of the Performance Reporting process except: A. Variance analysis B. Performance reporting C. Information distribution D. Performance reviews
You are a project manager for Dutch Harbor Consulting. Your latest project involved the upgrade of an organization's operating system on 236 servers. You performed this project under contract. You are in the Contract Closeout process and have reviewed the contracting process to identify lessons learned. What is the name of the tool and technique of Contract Closeout you used to perform this function? A. Procurement audits B. Performance reviews C. Performance audits D. Procurement reviews
You are a project manager for Penguin Software. Your company creates custom software programs for hospitals and large dental offices. You have just completed a project and are performing earned value analysis, trend analysis, and performance reviews. Which of the following is true? A. This is performance measurement documentation, which is an input to the Contract Closeout process B. This is performance measurement documentation, which is an input to the Administrative Closure process C. These are performance reporting tools and techniques of the Administrative Closure process D. These are performance reporting tools and techniques of the Contract Closeout process
Could reviews or inspections be considered part of testing?
