Cisa Exam Cram 2

  1. Obtaining user approval of program changes is very effective for controlling application changes and maintenance.

  2. A clause for requiring source code escrow in an application vendor agreement is important to ensure that the source code remains available even if the application vendor goes out of business.

  3. Library control software restricts source code to read-only access.

  4. Decision trees use questionnaires to lead the user through a series of choices to reach a conclusion.

  5. Regression testing is used in program development and change management to determine whether new changes have introduced any errors in the remaining unchanged code.

  6. Source code escrow protects an application purchaser's ability to fix or change an application in case the application vendor goes out of business.

  7. Determining time and resource requirements for an application-development project is often the most difficult part of initial efforts in application development.

  8. The project sponsor is ultimately responsible for providing requirement specifications to the software-development team.

  9. A primary high-level goal for an auditor who is reviewing a system-development project is to ensure that business objectives are achieved. This objective guides all other systems-development objectives.

  10. Regression testing should use data from previous tests to obtain accurate conclusions regarding the effects of changes or corrections to a program, and ensure that those changes and corrections have not introduced new errors.

  11. Whenever an application is modified, the entire program, including any interface systems with other applications or systems, should be tested to determine the full impact of the change.

  12. An IS auditor should carefully review the functional requirements in a systems-development project to ensure that the project is designed to meet business objectives.

  13. The quality of the metadata produced from a data warehouse is the most important consideration in the warehouse's design.

  14. Procedures to prevent scope creep are baselined in the Design Phase of the SystemsDevelopment Life Cycle (SDLC) model.

  15. Function point analysis (FPA) provides an estimate of the size of an information system based on the number and complexity of a system's inputs, outputs, and files.

  16. Application controls should be considered as early as possible in the systems-development process, even in the development of the project's functional specifications.

  17. User management assumes ownership of a systems-development project and the resulting system.

  18. Rapid Application Development (RAD) is used to develop strategically important systems faster, reduce development costs, and still maintain high quality.

Категории