In the development of an important application affecting the
entire organization, which of the following would be the
MOST appropriate project sponsor?
A. The information systems manager
B. A member of executive management
C. An independent management consultant
D. The manager of the key user department
- 1 Answers
- 4148 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: B
The project sponsor puts his/her name on a project to
emphasize its importance to the organization, and to ensure
the commitment and cooperation of management. Where the
development is both important, and affects the entire
organization, the sponsor must be of sufficient corporate
standing to require such cooperation. Therefore, a member of
the executive team is most appropriate. The manager of a
department may not command automatic support from peers, and
the IS manager and an independent consultant are
inappropriate sponsors of such a development.
| Is This Answer Correct ? | 7 Yes | 0 No |
The purpose for requiring source code escrow in a contractual agreement is to: A. ensure the source code is available if the vendor ceases to exist. B. permit customization of the software to meet specified business requirements. C. review the source code for adequacy of controls. D. ensure the vendor has complied with legal requirements.
An organization is considering installing a LAN in a site under construction. If system availability is the main concern, which of the following topologies is MOST appropriate? A. Ring B. Line C. Star D. Bus
A large chain of shops with EFT at point-of-sale devices has a central communications processor for connecting to the banking network. Which of the following is the BEST disaster recovery plan for the communications processor? A. Offsite storage of daily backups B. Alternative standby processor onsite C. Installation of duplex communication links D. Alternative standby processor at another network node
Programs that can run independently and travel from machine to machine across network connections, with the ability to destroy data or utilize tremendous computer and communication resources, are referred to as: A. trojan horses. B. viruses. C. worms. D. logic bombs.
Which of the following is an IS control objective? A. Output reports are locked in a safe place. B. Duplicate transactions do not occur. C. System backup/recovery procedures are updated periodically. D. System design and development meet users' requirements.
The MOST effective method of preventing unauthorized use of data files is: A. automated file entry. B. tape librarian. C. access control software. D. locked library.
Which of the following BEST describes the necessary documentation for an enterprise product reengineering (EPR) software installation? A. Specific developments only B. Business requirements only C. All phases of the installation must be documented D. No need to develop a customer specific documentation
Confidential data stored on a laptop is BEST protected by: A. storage on optical disks. B. logon ID and password. C. data encryption. D. physical locks.
Which of the following is the FIRST thing an IS auditor should do after the discovery of a trojan horse program in a computer system? A. Investigate the author. B. Remove any underlying threats. C. Establish compensating controls. D. Have the offending code removed.
The use of object-oriented design and development techniques would MOST likely: A. facilitate the ability to reuse modules. B. improve system performance. C. enhance control effectiveness. D. speed up the system development life cycle.
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
The use of coding standards is encouraged by IS auditors because they: A. define access control tables. B. detail program documentation. C. standardize dataflow diagram methodology. D. ensure compliance with field naming conventions.
Cisco Certifications 
