Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> CISA Certification
  2. Suggest New Category

During which phase of a system development process should an
IS auditor first raise the issue of application controls?

A. Construction

B. System design

C. Acceptance testing

D. Functional specification

Question Posted / guest


During which phase of a system development process should an IS auditor first raise the issue of ap..

Answer / guest

Answer: D

It is important that IS auditors raise control concerns as
early as possible. Frequently, the requirement for controls
is not clearly specific when developing the functional
specifications. The IS auditor should ensure that the
business areas specify their requirement for control at that
stage. The construction phase of the project is often too
late for the identification of the controls, since this may
require that changes be made in the design. Controls should
be designed in at the system design stage, but the types of
controls should have been identified as part of the
functional specification. The acceptance testing stage is
too late to identify controls, since this can require major
changes to the system.

Is This Answer Correct ?    5 Yes 0 No

Post New Answer

More CISA Certification Interview Questions

Connection-oriented protocols in the TCP/IP suite are implemented in the: A. transport layer. B. application layer. C. physical layer. D. network layer.

1 Answers  

Transmitting redundant information with each character or frame to facilitate detection and correction of errors is called: A. feedback error control. B. block sum check. C. forward error control. D. cyclic redundancy check.

1 Answers  

The editing/validation of data entered at a remote site would be performed MOST effectively at the: A. central processing site after running the application system. B. central processing site during the running of the application system. C. remote processing site after transmission to the central processing site. D. remote processing site prior to transmission of the data to the central processing site.

1 Answers  

In a TCP/IP-based network, an IP address specifies a: A. network connection. B. router/gateway. C. computer in the network. D. device on the network.

1 Answers  

When two or more systems are integrated, input/output controls must be reviewed by the IS auditor in the: A. systems receiving the output of other systems. B. systems sending output to other systems. C. systems sending and receiving data. D. interfaces between the two systems.

1 Answers  

Which of the following controls would BEST detect intrusion? A. User ids and user privileges are granted through authorized procedures. B. Automatic logoff is used when a workstation is inactive for a particular period of time. C. Automatic logoff of the system after a specified number of unsuccessful attempts. D. Unsuccessful logon attempts are monitored by the security administrator.

2 Answers  

Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks? A. Check digit B. Existence check C. Completeness check D. Reasonableness check

1 Answers   CISA,

The responsibilities of a disaster recovery relocation team include: A. obtaining, packaging and shipping media and records to the recovery facilities, as well as establishing and overseeing an offsite storage schedule. B. locating a recovery site if one has not been predetermined and coordinating the transport of company employees to the recovery site. C. managing the relocation project and conducting a more detailed assessment of the damage to the facilities and equipment. D. coordinating the process of moving from the hot site to a new location or to the restored original location.

1 Answers  

Which of the following is a function of an IS steering committee? A. Monitoring vendor controlled change control and testing B. Ensuring a separation of duties within the information's processing environment C. Approving and monitoring major projects, the status of IS plans and budgets D. Responsible for liaison between the IS department and the end users

1 Answers  

The use of statistical sampling procedures helps minimize: A. sampling risk. B. detection risk. C. inherent risk. D. control risk.

1 Answers  

A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.

1 Answers  

The development of an IS security policy is ultimately the responsibility of the: A. IS department. B. security committee. C. security administrator. D. board of directors.

1 Answers  

For more CISA Certification Interview Questions Click Here
Categories
  • Cisco Certifications Interview Questions Cisco Certifications (2321)
  • Microsoft Certifications Interview Questions Microsoft Certifications (171)
  • Sun Certifications Interview Questions Sun Certifications (45)
  • CISA Certification Interview Questions CISA Certification (744)
  • Oracle Certifications Interview Questions Oracle Certifications (64)
  • ISTQB Certification Interview Questions ISTQB Certification (109)
  • Certifications AllOther Interview Questions Certifications AllOther (295)