An IS auditor is assigned to audit a software development project which is more than 80 percent complete,
but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should
the IS auditor take?
Power up P3
Quiz
•
Computers
•
Professional Development
•
Hard
Azurri Domini
FREE Resource
50 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
An IS auditor is assigned to audit a software development project which is more than 80 percent complete,
but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should
the IS auditor take?
Report that the organization does not have effective project management
Recommend the project manager be changed
Review the IT governance structure
Review the conduct of the project and the business case
Answer explanation
Before making any recommendations, an IS auditor needs to understand the project and the factors that have contributed to making the project over budget and over schedule. The organization may have effective project management practices and sound IT governance and still be behind schedule or over
budget. There is no indication that the project manager should be changed without looking into the reasons for the overrun.
2.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following is the PRIMARY safeguard for securing software and data within an information
processing facility?
Security awareness
Reading the security policy
Security committee
Logical access controls
Answer explanation
To retain a competitive advantage and meet basic business requirements, organizations must ensure that the integrity of the information stored on their computer systems preserve the confidentiality of sensitive
data and ensure the continued availability of their information systems. To meet these goals, logical access controls must be in place. Awareness (choice A) itself does not protect against unauthorized access or
disclosure of information. Knowledge of an information systems security policy (choice B), which should be known by the organization's employees, would help to protect information, but would not prevent the unauthorized access of information. A security committee (choice C) is key to the protection of information
assets, but would address security issues within a broader perspective
3.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following should an IS auditor review to understand project progress in terms of time, budget
and deliverables for early detection of possible overruns and for projecting estimates at completion
(EACs)?
Function point analysis
Earned value analysis
Cost budget
Program Evaluation and Review Technique
Answer explanation
Earned value analysis (EVA) is an industry standard method for measuring a project's progress at any
given point in time, forecasting its completion date and final cost, and analyzing variances in the schedule
and budget as the project proceeds. It compares the planned amount of work with what has actually been
completed, to determine if the cost, schedule and work accomplished are progressing in accordance with
the plan. EVA works most effectively if a well-formed work breakdown structure exists. Function point
analysis (FPA) is an indirect measure of software size and complexity and, therefore, does not address the
elements of time and budget. Cost budgets do not address time. PERT aids in time and deliverables
management, but lacks projections for estimates at completion (EACs) and overall financial management
4.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
A legacy payroll application is migrated to a new application. Which of the following stakeholders should be
PRIMARILY responsible for reviewing and signing-off on the accuracy and completeness of the data before
going live?
IS auditor
Database administrator
Project manager
Data owner
Answer explanation
During the data conversion stage of a project, the data owner is primarily responsible for reviewing and
signing-off that the data are migrated completely, accurately and are valid. An IS auditor is not responsible for reviewing and signing-off on the accuracy of the converted datA. However, an IS auditor should ensure that there is a review and sign-off by the data owner during the data conversion stage of the project. A database administrator's primary responsibility is to maintain the integrity of the database and make the database available to users. A database administrator is not responsible for reviewing migrated datA. A project manager provides day-to-day management and leadership of the project, but is not responsible for the accuracy and integrity of the data
5.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following situations would increase the likelihood of fraud?
Application programmers are implementing changes to production programs
Application programmers are implementing changes to test programs
Operations support staff are implementing changes to batch schedules
Database administrators are implementing changes to data structures
Answer explanation
Production programs are used for processing an enterprise's datA. It is imperative that controls on changes
to production programs are stringent. Lack of control in this area could result in application programs being modified to manipulate the data.Application programmers are required to implement changes to test programs. These are used only in development and do not directly impact the live processing of data. The implementation of changes to batch schedules by operations support staff will affect the scheduling of the batches only
6.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:
integrity.
authenticity
authorization
nonrepudiation
Answer explanation
A checksum calculated on an amount field and included in the EDI communication can be used to identify unauthorized modifications. Authenticity and authorization cannot be established by a checksum alone and need other controls. Nonrepudiation can beensured by using digital signatures
7.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:
in transit to the computer
between related computer runs
during data preparation
during the return of the data to the user department
53 questions
Class 9. Data Manipulation
Quiz
•
Professional Development
55 questions
lorem ipsum AWS D4 cap.1-2
Quiz
•
Professional Development
50 questions
Final Exam - Data Entry & Retrieval Procedures
Quiz
•
Professional Development
50 questions
Networking Quiz _ 1
Quiz
•
Professional Development
50 questions
Computer Hardware and Software - Networking
Quiz
•
Professional Development
46 questions
CBT Sample 1 (Web)
Quiz
•
Professional Development
45 questions
A+ 1102 Study Quiz 3
Quiz
•
Professional Development
50 questions
pppk peranata
Quiz
•
Professional Development
25 questions
Equations of Circles
Quiz
•
10th - 11th Grade
30 questions
Week 5 Memory Builder 1 (Multiplication and Division Facts)
Quiz
•
9th Grade
33 questions
Unit 3 Summative - Summer School: Immune System
Quiz
•
10th Grade
10 questions
Writing and Identifying Ratios Practice
Quiz
•
5th - 6th Grade
36 questions
Prime and Composite Numbers
Quiz
•
5th Grade
14 questions
Exterior and Interior angles of Polygons
Quiz
•
8th Grade
37 questions
Camp Re-cap Week 1 (no regression)
Quiz
•
9th - 12th Grade
46 questions
Biology Semester 1 Review
Quiz
•
10th Grade