An IS auditor is assigned to audit a software development project which is more than 80 percent complete,
but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should
the IS auditor take?
Power up P3
Quiz
•
Computers
•
Professional Development
•
Hard
Azurri Domini
FREE Resource
50 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
An IS auditor is assigned to audit a software development project which is more than 80 percent complete,
but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should
the IS auditor take?
Report that the organization does not have effective project management
Recommend the project manager be changed
Review the IT governance structure
Review the conduct of the project and the business case
Answer explanation
Before making any recommendations, an IS auditor needs to understand the project and the factors that have contributed to making the project over budget and over schedule. The organization may have effective project management practices and sound IT governance and still be behind schedule or over
budget. There is no indication that the project manager should be changed without looking into the reasons for the overrun.
2.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following is the PRIMARY safeguard for securing software and data within an information
processing facility?
Security awareness
Reading the security policy
Security committee
Logical access controls
Answer explanation
To retain a competitive advantage and meet basic business requirements, organizations must ensure that the integrity of the information stored on their computer systems preserve the confidentiality of sensitive
data and ensure the continued availability of their information systems. To meet these goals, logical access controls must be in place. Awareness (choice A) itself does not protect against unauthorized access or
disclosure of information. Knowledge of an information systems security policy (choice B), which should be known by the organization's employees, would help to protect information, but would not prevent the unauthorized access of information. A security committee (choice C) is key to the protection of information
assets, but would address security issues within a broader perspective
3.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following should an IS auditor review to understand project progress in terms of time, budget
and deliverables for early detection of possible overruns and for projecting estimates at completion
(EACs)?
Function point analysis
Earned value analysis
Cost budget
Program Evaluation and Review Technique
Answer explanation
Earned value analysis (EVA) is an industry standard method for measuring a project's progress at any
given point in time, forecasting its completion date and final cost, and analyzing variances in the schedule
and budget as the project proceeds. It compares the planned amount of work with what has actually been
completed, to determine if the cost, schedule and work accomplished are progressing in accordance with
the plan. EVA works most effectively if a well-formed work breakdown structure exists. Function point
analysis (FPA) is an indirect measure of software size and complexity and, therefore, does not address the
elements of time and budget. Cost budgets do not address time. PERT aids in time and deliverables
management, but lacks projections for estimates at completion (EACs) and overall financial management
4.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
A legacy payroll application is migrated to a new application. Which of the following stakeholders should be
PRIMARILY responsible for reviewing and signing-off on the accuracy and completeness of the data before
going live?
IS auditor
Database administrator
Project manager
Data owner
Answer explanation
During the data conversion stage of a project, the data owner is primarily responsible for reviewing and
signing-off that the data are migrated completely, accurately and are valid. An IS auditor is not responsible for reviewing and signing-off on the accuracy of the converted datA. However, an IS auditor should ensure that there is a review and sign-off by the data owner during the data conversion stage of the project. A database administrator's primary responsibility is to maintain the integrity of the database and make the database available to users. A database administrator is not responsible for reviewing migrated datA. A project manager provides day-to-day management and leadership of the project, but is not responsible for the accuracy and integrity of the data
5.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
Which of the following situations would increase the likelihood of fraud?
Application programmers are implementing changes to production programs
Application programmers are implementing changes to test programs
Operations support staff are implementing changes to batch schedules
Database administrators are implementing changes to data structures
Answer explanation
Production programs are used for processing an enterprise's datA. It is imperative that controls on changes
to production programs are stringent. Lack of control in this area could result in application programs being modified to manipulate the data.Application programmers are required to implement changes to test programs. These are used only in development and do not directly impact the live processing of data. The implementation of changes to batch schedules by operations support staff will affect the scheduling of the batches only
6.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
The purpose of a checksum on an amount field in an electronic data interchange (EDI) communication of financial transactions is to ensure:
integrity.
authenticity
authorization
nonrepudiation
Answer explanation
A checksum calculated on an amount field and included in the EDI communication can be used to identify unauthorized modifications. Authenticity and authorization cannot be established by a checksum alone and need other controls. Nonrepudiation can beensured by using digital signatures
7.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:
in transit to the computer
between related computer runs
during data preparation
during the return of the data to the user department
50 questions
Az-900 Prep 2
Quiz
•
Professional Development
48 questions
Core Java Concepts Quiz (1)
Quiz
•
Professional Development
45 questions
Security+ Incident Response and Computer Forensics
Quiz
•
Professional Development
50 questions
Robotic Process Automation by Chayan Bhattacharjee
Quiz
•
Professional Development
50 questions
M3 R5 ( Chapter 2)
Quiz
•
Professional Development
48 questions
47.Test doPost
Quiz
•
Professional Development
51 questions
ITF+ Study Quiz 3
Quiz
•
Professional Development
50 questions
pppk peranata
Quiz
•
Professional Development
15 questions
Multiplication Facts
Quiz
•
4th Grade
25 questions
SS Combined Advisory Quiz
Quiz
•
6th - 8th Grade
40 questions
Week 4 Student In Class Practice Set
Quiz
•
9th - 12th Grade
40 questions
SOL: ILE DNA Tech, Gen, Evol 2025
Quiz
•
9th - 12th Grade
20 questions
NC Universities (R2H)
Quiz
•
9th - 12th Grade
15 questions
June Review Quiz
Quiz
•
Professional Development
20 questions
Congruent and Similar Triangles
Quiz
•
8th Grade
25 questions
Triangle Inequalities
Quiz
•
10th - 12th Grade