Interested to Buy Any Domain ? << Click Here >> for more details...
While reviewing an ongoing project, the IS auditor notes that the development team has spent eight hours of activity on the first day against a budget of 24 hours (over three days). The projected time to complete the remainder of the activity is 20 hours. The IS auditor should report that the project:
A. is behind schedule.
B. is ahead of schedule.
C. is on schedule.
D. cannot be evaluated until the activity is completed.
- 1 Answers
- 6091 Views
- I also Faced
- E-Mail Answers
The correct answer is A
A. Earned value analysis (EVA) is based on the premise that if a project task is assigned 24 hours for completion, it can be reasonably completed during that time frame. According to EVA, the project is behind schedule because the value of the eight hours spent on the task should be only four hours, considering that 20 hours of effort remain to be completed.
B. The project is not ahead of schedule because the work remaining exceeds the time allotted.
C. The project is not on schedule because only 16 hours remain to do 20 hours work.
D. The amount of work left has been evaluated at 20 hours and the time left on the project is 16 hours, so the auditor can evaluate the current status of the project.
Question #: 318 CISA Job Practice Task Statement: 3.4
| Is This Answer Correct ? | 5 Yes | 0 No |
Which of the following user profiles should be of MOST concern to the IS auditor, when performing an audit of an EFT system? A. Three users with the ability to capture and verifiy their own messages B. Five users with the ability to capturr and send their own messages C. Five users with the ability to verificy other users and to send of their own messages D. Three users with the ability to capture and verifiy the messages of other users and to send their own messages
Which of the following is the MOST critical and contributes the MOST to the quality of data in a data warehouse? A. Accuracy of the source data B. Credibility of the data source C. Accuracy of the extraction process D. Accuracy of the data transformation
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
Which of the following testing methods is MOST effective during the initial phases of prototyping? A. System B. Parallel C. Volume D. Top-down
Use of asymmetric encryption in an Internet e-commerce site, where there is one private key for the hosting server and the public key is widely distributed to the customers, is MOST likely to provide comfort to the: A. customer over the authenticity of the hosting organization. B. hosting organization over the authenticity of the customer. C. customer over the confidentiality of messages from the hosting organization. D. hosting organization over the confidentiality of messages passed to the customer.
An advantage in using a bottom-up versus a top-down approach to software testing is that: A. interface errors are detected earlier. B. confidence in the system is achieved earlier. C. errors in critical modules are detected earlier. D. major functions and processing are tested earlier.
The rate of change of technology increases the importance of: A. outsourcing the IS function. B. implementing and enforcing good processes. C. hiring personnel willing to make a career within the organization. D. meeting user requirements.
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
To make an electronic funds transfer (EFT), one employee enters the amount field and another employee reenters the same data again, before the money is transferred. The control adopted by the organization in this case is: A. sequence check. B. key verification. C. check digit. D. completeness check.
The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.
Which of the following access control functions is LEAST likely to be performed by a database management system (DBMS) software package? A. User access to field data B. User sign-on at the network level C. User authentication at the program level D. User authentication at the transaction level
The success of control self-assessment (CSA) depends highly on: A. Having line managers assume a portion of the responsibility for control monitoring. B. Assigning staff managers the responsibility for building, but not monitoring, controls. C. The implementation of stringent control policy and rule- driven controls. D. The implementation of supervision and the monitoring of control assigned duties
Cisco Certifications 
