Ensurepass

 

QUESTION 451

The use of object-oriented design and development techniques would MOST likely:

 

A.

facilitate the ability to reuse modules.

B.

improve system performance.

C.

enhance control effectiveness.

D.

speed up the system development life cycle.

 

Correct Answer: A

Explanation:

One of the major benefits of object-oriented design and development is the ability to reuse modules. The other options do not normally benefit from the object-oriented technique.

 

 

QUESTION 452

Which of the following techniques would BEST help an IS auditor gain reasonable assurance that a project can meet its target date?

 

A.

Estimation of the actual end date based on the completion percentages and estimated time to complete, taken from status reports

B.

Confirmation of the target date based on interviews with experienced managers and staff involved in the completion of the project deliverables

C.

Extrapolation of the overall end date based on completed work packages and current resources

D.

Calculation of the expected end date based on current resources and remaining available project budget

 

Correct Answer: C

Explanation:

Direct observation of results is better than estimations and qualitative information gained from interviews or status reports. Project managers and involved staff tend to underestimate the time needed for completion and the necessary time buffers fordependencies between tasks, while overestimating the completion percentage for tasks underway (80:20 rule). The calculation based on remaining budget does not take into account the speed at which the project has been progressing.

 

 

QUESTION 453

An IS auditor has been asked to participate in project initiation meetings for a critical project. The IS auditor’s MAIN concern should be that the:

 

A.

complexity and risks associated with the project have been analyzed.

B.

resources needed throughout the project have been determined.

C.

project deliverables have been identified.

D.

a contract for external parties involved in the project has been completed.

 

Correct Answer: A

Explanation:

Understanding complexity and risk, and actively managing these throughout a project are critical to a successful outcome. The other choices, while important during the course of the project, cannot be fully determined at the time the project is initiated, and are often contingent upon the risk and complexity of the project.

 

 

QUESTION 454

Responsibility and reporting lines cannot always be established when auditing automated systems since:

 

A.

diversified control makes ownership irrelevant.

B.

staff traditionally changes jobs with greater frequency.

C.

ownership is difficult to establish where resources are shared.

D.

duties change frequently in the rapid development of technology.

 

Correct Answer: C

Explanation:

Because of the diversified nature of both data and application systems, the actual owner of data and applications may be hard to establish.

 

 

QUESTION 455

An organization is implementing a new system to replace a legacy system. Which of the following conversion practices creates the GREATEST risk?

 

A.

Pilot

B.

Parallel

C.

Direct cutover

D.

Phased

 

Correct Answer: C

Explanation:

Direct cutover implies switching to the new system immediately, usually without the ability to revert to the old system in the event of problems. All other alternatives are done gradually and thus provide greater recoverability and are therefore less risky.

 

 

QUESTION 456

When identifying an earlier project completion time, which is to be obtained by paying a premium for early completion, the activities that should be selected are those:

 

A.

whose sum of activity time is the shortest.

B.

that have zero slack time.

C.

that give the longest possible completion time.

D.

whose sum of slack time is the shortest.

 

Correct Answer: B

Explanation:

A critical path’s activity time is longer than that for any other path through the network. This path is important because if everything goes as scheduled, its length gives the shortest possible completion time for the overall project. Activities onthe critical path become candidates for crashing, i.e., for reduction in their time by payment of a premium for early completion. Activities on the critical path have zero slack time and conversely, activities with zero slack time are on a critical path. By successively relaxing activities on a critical path, a curve showing total project costs vs. time can be obtained.

 

 

QUESTION 457

To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is:

 

A.

during data preparation.

B.

in transit to the computer.

C.

between related computer runs.

D.

during the return of the data to the user department.

 

Correct Answer: A

Explanation:

During data preparation is the best answer, because it establishes control at the earliest point.

 

 

QUESTION 458

An IS auditor finds that a system under development has 12 linked modules and each item of data can carry up to 10 definable attribute fields. The system handles several million transactions a year. Which of these techniques could an IS auditor use to estimate the size of the development effort?

 

A.

Program evaluation review technique (PERT)

B.

Counting source lines of code (SLOC)

C.

Function point analysis

D.

White box testing

 

Correct Answer: C

Explanation:

Function point analysis is an indirect method of measuring the size of an application by considering the number and complexity of its inputs, outputs and files. It is useful for evaluating complex applications. PERT is a project management techniquethat helps with both planning and control. SLOC gives a direct measure of program size, but does not allow for the complexity that may be caused by having multiple, linked modules and a variety of inputs and outputs. White box testing involves a detailed review of the behavior of program code, and is a quality assurance technique suited to simpler applications during the design and build stage of development.

 

 

QUESTION 459

Once an organization has finished the business process reengineering (BPR) of all its critical operations, an IS auditor would MOST likely focus on a review of:

 

A.

pre-BPR process flowcharts.

B.

post-BPR process flowcharts.

C.

BPR project plans.

D.

continuous improvement and monitoring plans.

 

Correct Answer: B

Explanation:

An IS auditor’s task is to identify and ensure that key controls have been incorporated into the reengineered process. Choice A is incorrect because an IS auditor must review the process as it is today, not as it was in the past. Choices C and D areincorrect because they are steps within a BPR project.

QUESTION 460

An IS auditor is reviewing a project that is using an Agile software development approach. Which of the following should the IS auditor expect to find?

 

A.

Use of a process-based maturity model such as the capability maturity model (CMM)

B.

Regular monitoring of task-level progress against schedule

C.

Extensive use of software development tools t
o maximize team productivity

D.

Postiteration reviews that identify lessons learned for future use in the project

 

Correct Answer: D

Explanation:

A key tenet of the Agile approach to software project management is team learning and the use of team learning to refine project management and software development processes as the project progresses. One of the best ways to achieve this is that, atthe end of each iteration, the team considers and documents what worked well and what could have worked better, and identifies improvements to be implemented in subsequent iterations. CMM and Agile really sit at opposite poles. CMM places heavy emphasis on predefined formal processes and formal project management and software development deliverables. Agile projects, by contrast, rely on refinement of process as dictated by the particular needs of the project and team dynamics. Additionally, less importance is placed on formal paper- based deliverables, with the preference being effective informal communication within the team and with key outside contributors. Agile projects produce releasable software in short iterations, typically ranging from 4 to 8 weeks. This, in itself, instills considerable performance discipline within the team. This, combined with short daily meetings to agree on what the team is doing and the identification of any impediments, renders task-level tracking against a schedule redundant. Agile projects do make use of suitable development tools; however, tools are not seen as the primary means of achieving productivity. Team harmony, effective communications and collective ability to solve challenges are of

 

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.