A company has contracted with an external consulting firm to
implement a commercial financial system to replace its
existing in-house developed system. In reviewing the
proposed development approach, which of the following would
be of GREATEST concern?
A. Acceptance testing is to be managed by users.
B. A quality plan is not part of the contracted deliverables.
C. Not all business functions will be available on initial
implementation.
D. Prototyping is being used to confirm that the system
meets business requirements.
Answers were Sorted based on User's Feedback
Answer / guest
Answer: B
A quality plan is an essential element of all projects. It
is critical that the contracted supplier be required to
produce such a plan. The quality plan for the proposed
development contract should be comprehensive and encompass
all phases of the development and include which business
functions will be included and when. Acceptance is normally
managed by the user area, since they must be satisfied that
the new system will meet their requirements. If the system
is large, a phased-in approach to implementing the
application is a reasonable approach. Prototyping is a valid
method of ensuring that the system will meet business
requirements.
Is This Answer Correct ? | 10 Yes | 0 No |
Answer / guest
B. A quality plan is not part of the contracted deliverables
Is This Answer Correct ? | 2 Yes | 0 No |
During which of the following steps in the business process reengineering should the benchmarking team visit the benchmarking partner? A. Observation B. Planning C. Analysis D. Adaptation
Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features
Structured programming is BEST described as a technique that: A. provides knowledge of program functions to other programmers via peer reviews. B. reduces the maintenance time of programs by the use of small-scale program modules. C. makes the readable coding reflect as closely as possible the dynamic execution of the program. D. controls the coding and testing of the high-level functions of the program in the development process.
Which of the following would not prevent the loss of an asset but would assist in recovery by transferring part of the risk to a third party? A. Full system backups B. Insurance C. Testing D. Business impact analysis
A proposed transaction processing application will have many data capture sources and outputs in both paper and electronic form. To ensure that transactions are not lost during processing, the IS auditor should recommend the inclusion of: A. validation controls. B. internal credibility checks. C. clerical control procedures. D. automated systems balancing.
Which of the following is necessary to have FIRST in the development of a business continuity plan? A. Risk-based classification of systems B. Inventory of all assets C. Complete documentation of all disasters D. Availability of hardware and software
Which of the following is intended to detect the loss or duplication of input? A. Hash totals B. Check digits C. Echo checks D. Transaction codes
IS auditors who have participated in the development of an application system might have their independence impaired if they: A. perform an application development review. B. recommend control and other system enhancements. C. perform an independent evaluation of the application after its implementation. D. are involved actively in the design and implementation of the application system.
52. Which of the following tests confirm that the new system can operate in its target environment?
Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected
The method of routing traffic through split cable facilities or duplicate cable facilities is called: A. alternative routing. B. diverse routing. C. redundancy. D. circular routing.
IS auditors reviewing access control should review data classification to ensure that encryption parameters are classified as: A. sensitive. B. confidential. C. critical. D. private.