Download New Updated (July) Isaca CISA Actual Test 541-550

Ensurepass

 

QUESTION 541

Which of the following is the most important element in the design of a data warehouse?

 

A.

Quality of the metadata

B.

Speed of the transactions

C.

Volatility of the data

D.

Vulnerability of the system

 

Correct Answer: A

Explanation:

Quality of the metadata is the most important element in the design of a data warehouse. A data warehouse is a copy of transaction data specifically structured for query and analysis. Metadata aim to provide a table of contents to the information stored in the data warehouse. Companies that have built warehouses believe that metadata are the most important component of the warehouse.

 

 

QUESTION 542

During the development of an application, the quality assurance testing and user acceptance testing were combined. The MAJOR concern for an IS auditor reviewing the project is that there will be:

 

A.

increased maintenance.

B.

improper documentation of testing.

C.

inadequate functional testing.

D.

delays in problem resolution.

 

Correct Answer: C

Explanation:

The major risk of combining quality assurance testing and user acceptance testing is that functional testing may be inadequate. Choices A, B and D are not as important.

 

 

QUESTION 543

At the completion of a system development project, a postproject review should include which of the following?

 

A.

Assessing risks that may lead to downtime after the production release

B.

Identifying lessons learned that may be applicable to future projects

C.

Verifying the controls in the delivered system are working

D.

Ensuring that test data are deleted

 

Correct Answer: B

Explanation:

A project team has something to learn from each and every project. As risk assessment is a key issue for project management, it is important for the organization to accumulate lessons learned and integrate them into future projects. An assessment ofpotential downtime should be made with the operations group and other specialists before implementing a system. Verifying that controls are working should be covered during the acceptance test phase and possibly, again, in the postimplementation review. Test data should be retained for future regression testing.

 

 

QUESTION 544

The phases and deliverables of a system development life cycle (SDLC) project should be determined:

 

A.

during the initial planning stages of the project.

B.

after early planning has been completed, but before work has begun.

C.

throughout the work stages, based on risks and exposures.

D.

only after all risks and exposures have been identified and the IS auditor has recommended appropriate controls.

 

Correct Answer: A

Explanation:

It is extremely important that the project be planned properly and that the specific phases and deliverables be identified during the early stages of the project.

 

 

QUESTION 545

Change control for business application systems being developed using prototyping could be complicated by the:

 

A.

iterative nature of prototyping.

B.

rapid pace of modifications in requirements and design.

C.

emphasis on reports and screens.

D.

lack of integrated tools.

 

Correct Answer: B

Explanation:

Changes in requirements and design happen so quickly that they are seldom documented or approved. Choices A, C and D are characteristics of prototyping, but they do not have an adverse effect on change control.

 

QUESTION 546

Documentation of a business case used in an IT development project should be retained until:

 

A.

the end of the system’s life cycle.

B.

the project is approved.

C.

user acceptance of the system.

D.

the system is in production.

 

Correct Answer: A

Explanation:

A business case can and should be used throughout the life cycle of the product. It serves as an anchor for new (management) personnel, helps to maintain focus and provides valuable information on estimates vs. actuals. Questions like, ‘why dowe do that,”what was the original intent’ and ‘how did we perform against the plan’ can be answered, and lessons for developing future business cases can be learned. During the development phase of a project one shouldalways validate the business case, as it is a good management instrument. After finishing a project and entering production, the business case and all the completed research are valuable sources of information that should be kept for further reference

 

 

QUESTION 547

A company has contracted with an external consulting firm to implement a commercial financial system to replace its existing system developed in-house. in reviewing the proposed development approach, which of the following would be of GREATESTconcern?

 

A.

Acceptance testing is to be managed by users.

B.

A quality plan is not part of the contracted deliverables.

C.

Not all business functions will be available on initial implementation.

D.

Prototyping is being used to confirm that the system meets business requirements.

 

Correct Answer: B

Explanation:

A quality plan is an essential element of all projects. It is critical that the contracted supplier be required to produce such a plan. The quality plan for the proposed development contract should be comprehensive and encompass all phases of the development and include which business functions will be included and when. Acceptance is normally managed by the user area, since they must be satisfied that the new system will meet their requirements. If the system is large, a phased-in approach to implementing the application is a reasonable approach. Prototyping is a valid method of ensuring that the system will meet business requirements.

 

 

QUESTION 548

A manufacturing firm wants to automate its invoice payment system. Objectives state that the system should require considerably less time for review and authorization and the system should be capable of identifying errors that require follow up. Which of the following would BEST meet these objectives?

 

A.

Establishing an inter-networked system of client servers with suppliers for increased efficiencies

B.

Outsourcing the function to a firm specializing in automated payments and accounts receivable/invoice processing

C.

Establishing an EDI system of electronic business documents and transactions with key suppliers, computer to computer, in a standard format

D.

Reengineering the existing processing and redesigning the existing system

 

Correct Answer: C

Explanation:

EDI is the best answer. Properly implemented (e.g., agreements with trading partners transaction standards, controls over network security mechanisms in conjunction with application controls), EDI is best suited to identify and follow up on errors more quickly, given reduced opportunities for review and authorization.

 

 

QUESTION 549

Which of the following risks could result from inadequate software baselining?

 

A.

Scope creep

B.

Sign-off delays

C.

Software integrity violations

D.

inadequate controls

 

Correct Answer: A

Explanation:

A software baseline is the cut-off point in the design and development of a system beyond which additional requirements or modifications to the design do not or cannot occur without undergoing formal strict procedures for approval based on a businesscost-benefit analysis. Failure to adequately manage the requirements of a system through baselining can result in a number of risks. Foremost among these risks is scope creep, the process through which requirements change during development. ChoicesB, C and D may not always result, but choice A is inevitable.

 

 

QUESTION 550

An IS auditor who has discovered unauthorized transactions during a review of EDI transactions is likely to recommend improving the:

 

A.

EDI trading partner agreements.

B.

physical controls for terminals.

C.

authentication techniques for sending and receiving messages.

D.

program change control procedures.

 

Correct Answer: C

Explanation:

Authentication techniques for sending and receiving messages play a key role in minimizing exposure to unauthorized transactions. The EDI trading partner agreements would minimize exposure to legal issues.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.