Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following BEST describes an IT department?s
strategic planning process?
A. The IT department will have either short-range or
long-range plans depending on the organization?s broader
plans and objectives.
B. The IT department?s strategic plan must be time and
project oriented, but not so detailed as to address and help
determine priorities to meet business needs.
C. Long-range planning for the IT department should
recognize organizational goals, technological advances and
regulatory requirements.
D. Short-range planning for the IT department does not need
to be integrated into the short-range plans of the
organization since technological advances will drive the IT
department plans much quicker than organizational plans.
- 1 Answers
- 9774 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Long-range planning for the IT department should recognize
organizational goals, technological advances and regulatory
requirements. Typically, the IT department will have both
long-range and short-range plans that are consistent and
integrated with the organization?s plans. These plans must
be time- and project-oriented, as well as addressing the
organization?s broader plans for attaining the
organization?s goals.
| Is This Answer Correct ? | 6 Yes | 0 No |
Once an organization has finished the business process reengineering (BPR) of all its critical operations, the IS auditor would MOST likely focus on a review of: A. pre-BPR process flowcharts. B. post-BPR process flowcharts. C. BPR project plans. D. continuous improvement and monitoring plans.
There are several methods of providing telecommunications continuity. The method of routing traffic through split cable or duplicate cable facilities is: A. alternative routing. B. diverse routing. C. long-haul network diversity. D. last mile circuit protection.
Which of the following would normally be found in application run manuals? A. Details of source documents B. Error codes and their recovery actions C. Program flowcharts and file definitions D. Change records for the application source code
Which of the following is the primary purpose for conducting parallel testing? A. To determine if the system is cost-effective. B. To enable comprehensive unit and system testing. C. To highlight errors in the program interfaces with files. D. To ensure the new system meets user requirements.
The MOST appropriate person to chair the steering committee for a system development project with significant impact on a business area would be the: A. business analyst. B. chief information officer. C. project manager. D. executive level manager.
The review of router access control lists should be conducted during a/an: A. environmental review. B. network security review. C. business continuity review. D. data integrity review.
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
Creation of an electronic signature: A. encrypts the message. B. verifies where the message came from. C. cannot be compromised when using a private key. D. cannot be used with e-mail systems.
IS management has recently informed the IS auditor of its decision to disable certain referential integrity controls in the payroll system to provide users with a faster report generator. This will MOST likely increase the risk of: A. data entry by unauthorized users. B. a nonexistent employee being paid. C. an employee receiving an unauthorized raise. D. duplicate data entry by authorized users.
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
When conducting a review of business process re-engineering, an IS auditor found that a key preventive control had been removed. In this case, the IS auditor should: A. inform management of the finding and determine if management is willing to accept the potential material risk of not having that preventing control. B. determine if a detective control has replaced the preventive control during the process and if so, not report the removal of the preventive control. C. recommend that this and all control procedures that existed before the process was reengineered be included in the new process. D. develop a continuous audit approach to monitor the effects of the removal of the preventive control.
With the help of the security officer, granting access to data is the responsibility of: A. data owners. B. programmers. C. system analysts. D. librarians.
Cisco Certifications 
