Power up P3

Power up P3

Professional Development

50 Qs

quiz-placeholder

Similar activities

CS- Data Security Level 6

CS- Data Security Level 6

Professional Development

48 Qs

28.Test Negative Scenarios

28.Test Negative Scenarios

Professional Development

48 Qs

#01 CISSP: Full Coverage Mastery Exam 1 - Challenging

#01 CISSP: Full Coverage Mastery Exam 1 - Challenging

Professional Development

50 Qs

Comptia A+ Core 1 pt.2

Comptia A+ Core 1 pt.2

University - Professional Development

50 Qs

Critical Thinking

Critical Thinking

Professional Development

50 Qs

Revision database

Revision database

Professional Development

45 Qs

Computer Hardware Quiz

Computer Hardware Quiz

Professional Development

55 Qs

SC-01.2

SC-01.2

Professional Development

50 Qs

Power up P3

Power up P3

Assessment

Quiz

Computers

Professional Development

Hard

Created by

Azurri Domini

FREE Resource

50 questions

Show all answers

1.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An IS auditor is assigned to audit a software development project which is more than 80 percent complete,

but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should

the IS auditor take?

Report that the organization does not have effective project management

Recommend the project manager be changed

Review the IT governance structure

Review the conduct of the project and the business case

Answer explanation

Before making any recommendations, an IS auditor needs to understand the project and the factors that have contributed to making the project over budget and over schedule. The organization may have effective project management practices and sound IT governance and still be behind schedule or over

budget. There is no indication that the project manager should be changed without looking into the reasons for the overrun.

2.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following is the PRIMARY safeguard for securing software and data within an information

processing facility?

Security awareness

Reading the security policy

Security committee

Logical access controls

Answer explanation

To retain a competitive advantage and meet basic business requirements, organizations must ensure that the integrity of the information stored on their computer systems preserve the confidentiality of sensitive

data and ensure the continued availability of their information systems. To meet these goals, logical access controls must be in place. Awareness (choice A) itself does not protect against unauthorized access or

disclosure of information. Knowledge of an information systems security policy (choice B), which should be known by the organization's employees, would help to protect information, but would not prevent the unauthorized access of information. A security committee (choice C) is key to the protection of information

assets, but would address security issues within a broader perspective

3.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following should an IS auditor review to understand project progress in terms of time, budget

and deliverables for early detection of possible overruns and for projecting estimates at completion

(EACs)?

Function point analysis

Earned value analysis

Cost budget

Program Evaluation and Review Technique

Answer explanation

Earned value analysis (EVA) is an industry standard method for measuring a project's progress at any

given point in time, forecasting its completion date and final cost, and analyzing variances in the schedule

and budget as the project proceeds. It compares the planned amount of work with what has actually been

completed, to determine if the cost, schedule and work accomplished are progressing in accordance with

the plan. EVA works most effectively if a well-formed work breakdown structure exists. Function point

analysis (FPA) is an indirect measure of software size and complexity and, therefore, does not address the

elements of time and budget. Cost budgets do not address time. PERT aids in time and deliverables

management, but lacks projections for estimates at completion (EACs) and overall financial management

4.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A legacy payroll application is migrated to a new application. Which of the following stakeholders should be

PRIMARILY responsible for reviewing and signing-off on the accuracy and completeness of the data before

going live?

IS auditor

Database administrator

Project manager

Data owner

Answer explanation

During the data conversion stage of a project, the data owner is primarily responsible for reviewing and

signing-off that the data are migrated completely, accurately and are valid. An IS auditor is not responsible for reviewing and signing-off on the accuracy of the converted datA. However, an IS auditor should ensure that there is a review and sign-off by the data owner during the data conversion stage of the project. A database administrator's primary responsibility is to maintain the integrity of the database and make the database available to users. A database administrator is not responsible for reviewing migrated datA. A project manager provides day-to-day management and leadership of the project, but is not responsible for the accuracy and integrity of the data

5.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following situations would increase the likelihood of fraud?

Application programmers are implementing changes to production programs

Application programmers are implementing changes to test programs

Operations support staff are implementing changes to batch schedules

Database administrators are implementing changes to data structures

Answer explanation

Production programs are used for processing an enterprise's datA. It is imperative that controls on changes

to production programs are stringent. Lack of control in this area could result in application programs being modified to manipulate the data.Application programmers are required to implement changes to test programs. These are used only in development and do not directly impact the live processing of data. The implementation of changes to batch schedules by operations support staff will affect the scheduling of the batches only

6.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:

integrity.

authenticity

authorization

nonrepudiation

Answer explanation

A checksum calculated on an amount field and included in the EDI communication can be used to identify unauthorized modifications. Authenticity and authorization cannot be established by a checksum alone and need other controls. Nonrepudiation can beensured by using digital signatures

7.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:

in transit to the computer

between related computer runs

during data preparation

during the return of the data to the user department

Create a free account and access millions of resources

Create resources
Host any resource
Get auto-graded reports
or continue with
Microsoft
Apple
Others
By signing up, you agree to our Terms of Service & Privacy Policy
Already have an account?