100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
Eerder door jou gezocht
Eerder door jou gezocht
logo
CISA Questions (401 - 500) Questions & 100% Correct Answers €13,76   In winkelwagen
Snel navigeren naar
Voorbeeld
  2.  
  3. CISA
  4.  
  5. CISA

Tentamen (uitwerkingen)

CISA Questions (401 - 500) Questions & 100% Correct Answers
 6 keer bekeken  0 keer verkocht
  • Vak
  • CISA
  • Instelling
  • CISA

An IS auditor is reviewing the software development process for an organization. Which of the following functions would be appropriate for the end users to perform? Select an answer: A. Program output testing B. System configuration C. Program logic specification D. Performance tun...

[Meer zien]

Voorbeeld 4 van de 156  pagina's

Document informatie

  • 9 september 2024
  • 156
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden

Onderwerpen

  • cisa questions questions 100 corre
  • an is auditor is reviewing the software developmen

Geschreven voor

  • CISA
  • CISA

Verkoper

avatar-seller
ExamArsenal

Ontvangen beoordelingen

Voorbeeld van de inhoud

1 | P a g e | © copyright 2024/2025 | Grade A+




CISA Questions (401 - 500) Questions
& 100% Correct Answers
An IS auditor is reviewing the software development process for an organization.

Which of the following functions would be appropriate for the end users to

perform?




Select an answer:

A.

Program output testing




B.

System configuration




C.

Program logic specification




D.

Performance tuning


✓ :~~ You are correct, the answer is A.




Master01 | September, 2024/2025 | Latest update

, 2 | P a g e | © copyright 2024/2025 | Grade A+


A. A user can test program output by checking the program input and comparing it

with the system output. This task, although usually done by the programmer, can

also be done effectively by the user.




B. System configuration is usually too technical to be accomplished by a user and

this situation could create security issues. This could introduce a segregation of

duties issue.




C. Program logic specification is a very technical task that is normally performed

by a programmer. This could introduce a segregation of duties issue.




D. Performance tuning also requires high levels of technical skill and will not be

effectively accomplished by a user. This could introduce a segregation of duties

issue.




An IS auditor is reviewing system development for a health care organization with

two application environments—production and test. During an interview, the

auditor notes that production data are used in the test environment to test

program changes. What is the MOST significant potential risk from this situation?




Select an answer:

A.



Master01 | September, 2024/2025 | Latest update

, 3 | P a g e | © copyright 2024/2025 | Grade A+


The test environment may not have adequate controls to ensure data accuracy.




B.

The test environment may produce inaccurate results due to use of production

data.




C.

Hardware in the test environment may not be identical to the production

environment.




D.

The test environment may not have adequate access controls implemented to

ensure data confidentiality.

✓ :~~ You are correct, the answer is D.




A. The accuracy of data used in the test environment is not of significant concern

as long as these data are representative of the production environment.




B. Using production data in the test environment would not cause test results to be

inaccurate. If anything, using production data would improve the accuracy of

testing processes because the data would most closely mirror the production

environment. In spite of that fact, the risk of data disclosure or unauthorized


Master01 | September, 2024/2025 | Latest update

, 4 | P a g e | © copyright 2024/2025 | Grade A+


access in the test environment is still significant and, as a result, production data

should not be used in the test environment. This is especially important in a health

care organization where patient data confidentiality is critical and privacy laws in

many countries impose strict penalties on misuse of these data.




C. Hardware in the test environment should mirror the production environment to

ensure that testing is reliable. However, this does not relate to the risk from using

live data in a test environment. This is not the correct answer because it does not

relate to the risk presented in the scenario.




D. In many cases, the test environment is not configured with the same access

controls that are enabled in the production environment. For example,

programmers may have privileged access to the test environment (for testing), but

not to the production environment. If the test environment does not have

adequate access control, the production data are subject to risk of unauthorized

access and/or data disclosure. This is the most significant risk of the choices

listed.




The IS auditor is reviewing a recently completed conversion to a new enterprise

resource planning (ERP) system. As the final stage of the conversion process, the

organization ran the old and new systems in parallel for 30 days before allowing

the new system to run on its own. What is the MOST significant advantage to the

organization by using this strategy?



Master01 | September, 2024/2025 | Latest update

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper ExamArsenal. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €13,76. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 79223 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€13,76
  • (0)
  Kopen