A validation which ensures that input data are matched to
predetermined reasonable limits or occurrence rates, is
A. Reasonableness check.
B. Validity check.
C. Existence check.
D. Limit check.
Software maintainability BEST relates to which of the
following software attributes?
A. Resources needed to make specified modifications.
B. Effort needed to use the system application.
C. Relationship between software performance and the
D. Fulfillment of user needs.
The purpose of debugging programs is to:
A. generate random data that can be used to test programs
before implementing them.
B. protect, during the programming phase, valid changes from
being overwritten by other changes.
C. define the program development and maintenance costs to
be include in the feasibility study.
D. ensure that program abnormal terminations and program
coding flaws are detected and corrected.
When auditing the requirements phase of a software
acquisition, the IS auditor should:
A. assess the feasibility of the project timetable.
B. assess the vendor?s proposed quality processes.
C. ensure that the best software package is acquired.
D. review the completeness of the specifications.
Which of the following is a measure of the size of an
information system based on the number and complexity of a
system?s inputs, outputs and files?
A. Function point (FP)
B. Program evaluation review technique (PERT)
C. Rapid application design (RAD)
D. Critical path method (CPM)
Which of the following would MOST likely ensure that a
system development project meets business objectives?
A. Maintenance of program change logs
B. Development of a project plan identifying all development
C. Release of application changes at specific times of the year
D. User involvement in system specification and acceptance
The PRIMARY purpose of undertaking a parallel run of a new
system is to:
A. verify that the system provides required business
B. validate the operation of the new system against its
C. resolve any errors in the program and file interfaces.
D. verify that the system can process the production load.
The MOST appropriate person to chair the steering committee
for a system development project with significant impact on
a business area would be the:
A. business analyst.
B. chief information officer.
C. project manager.
D. executive level manager.
Which of the following is necessary to have FIRST in the
development of a business continuity plan?
A. Risk-based classification of systems
B. Inventory of all assets
C. Complete documentation of all disasters
D. Availability of hardware and software
During an IT audit of a large bank, an IS auditor observes
that no formal risk assessment exercise has been carried out
for the various business applications to arrive at their
relative importance and recovery time requirements. The risk
that the bank is exposed to is that the:
A. business continuity plan may not have been calibrated to
the relative risk that disruption of each application poses
to the organization.
B. business continuity plan may not include all relevant
applications and therefore may lack completeness in terms of
C. business impact of a disaster may not have been
accurately understood by the management.
D. business continuity plan may lack an effective ownership
by the business owners of such applications.
The window of time recovery of information processing
capabilities is based on the:
A. criticality of the processes affected.
B. quality of the data to be processed.
C. nature of the disaster.
D. applications that are mainframe based.