CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 218
1. An IS auditor has been asked to participate in project initiation meetings for a critical project. The IS auditor's MAIN concern should be that the:
A) complexity and risks associated with the project have been analyzed.
B) resources needed throughout the project have been determined.
C) project deliverables have been identified.
D) a contract for external parties involved in the project has been completed.
2. An IS auditor invited to a development project meeting notes that no project risks have been documented. When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impacting the project, a risk manager will be hired. The appropriate response of theIS auditor would be to:
A) stress the importance of spending time at this point in the project to consider and document risks, and to develop contingency plans.
B) accept the project manager's position as the project manager is accountable for the outcome of the project.
C) offer to work with the risk manager when one is appointed.
D) inform the project manager that the IS auditor will conduct a review of the risks at the completion of the requirements definition phase of the project.
3. While evaluating software development practices in an organization, an IS auditor notes that the quality assurance (QA) function reports to project management.The MOST important concern for an IS auditor is the:
A) effectiveness of the QA function because it should interact between project management and user management
B) efficiency of the QA function because it should interact with the project implementation team.
C) effectiveness of the project manager because the project manager should interact with the QA function.
D) efficiency of the project manager because the QA function will need to communicate with the project implementation team.
4. When reviewing a project where quality is a major concern, an IS auditor should use the project management triangle to explain that:
A) increases in quality can be achieved, even if resource allocation is decreased.
B) increases in quality are only achieved if resource allocation is increased.
C) decreases in delivery time can be achieved, even if resource allocation is decreased.
D) decreases in delivery time can only be achieved if quality is decreased.
5. An IS auditor is assigned to audit a software development project which is more than 80 percent complete, but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should the IS auditor take?
A) Report that the organization does not have effective project management.
B) Recommend the project manager be changed.
C) Review the IT governance structure.
D) Review the conduct of the project and the business case.
A) complexity and risks associated with the project have been analyzed.
B) resources needed throughout the project have been determined.
C) project deliverables have been identified.
D) a contract for external parties involved in the project has been completed.
2. An IS auditor invited to a development project meeting notes that no project risks have been documented. When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impacting the project, a risk manager will be hired. The appropriate response of theIS auditor would be to:
A) stress the importance of spending time at this point in the project to consider and document risks, and to develop contingency plans.
B) accept the project manager's position as the project manager is accountable for the outcome of the project.
C) offer to work with the risk manager when one is appointed.
D) inform the project manager that the IS auditor will conduct a review of the risks at the completion of the requirements definition phase of the project.
3. While evaluating software development practices in an organization, an IS auditor notes that the quality assurance (QA) function reports to project management.The MOST important concern for an IS auditor is the:
A) effectiveness of the QA function because it should interact between project management and user management
B) efficiency of the QA function because it should interact with the project implementation team.
C) effectiveness of the project manager because the project manager should interact with the QA function.
D) efficiency of the project manager because the QA function will need to communicate with the project implementation team.
4. When reviewing a project where quality is a major concern, an IS auditor should use the project management triangle to explain that:
A) increases in quality can be achieved, even if resource allocation is decreased.
B) increases in quality are only achieved if resource allocation is increased.
C) decreases in delivery time can be achieved, even if resource allocation is decreased.
D) decreases in delivery time can only be achieved if quality is decreased.
5. An IS auditor is assigned to audit a software development project which is more than 80 percent complete, but has already overrun time by 10 percent and costs by 25 percent. Which of the following actions should the IS auditor take?
A) Report that the organization does not have effective project management.
B) Recommend the project manager be changed.
C) Review the IT governance structure.
D) Review the conduct of the project and the business case.
1. Right Answer: A
Explanation: Understanding complexity and risk, and actively managing these throughout a project are critical to a successful outcome. The other choices, while important during the course of the project, cannot be fully determined at the time the project is initiated, and are often contingent upon the risk and complexity of the project.
2. Right Answer: A
Explanation: the majority of project risks can typically be identified before a project begins, allowing mitigation/avoidance plans to be put in place to deal with the risks. A project should have a clear link back to corporate strategy and tactical plans to support this strategy. The process of setting corporate strategy, setting objectives and developing tactical plans should include the consideration of risks. Appointing a risk manager is a good practice but waiting until the project has been impacted by risks is misguided. Risk management needs to be forward looking; allowing risks to evolve into issues that adversely impact the project represents a failure of risk management. With or without a risk manager, persons within and outside of the project team need to be consulted and encouraged to comment when they believe new risks have emerged or risk priorities have changed. The IS auditor has an obligation to the project sponsor and the organization to advise on appropriate project manage me practices. Waiting for the possible appointment of a risk manager represents an unnecessary and dangerous delay to implementing risk management.
3. Right Answer: A
Explanation: To be effective the quality assurance (QA) function should be independent of project management. The QA function should never interact with the project implementation team since this can impact effectiveness. The project manager does not interact with the QA function, which should not impact the effectiveness of the project manager. The QA function does not interact with the project implementation team, which should not impact the efficiency of the project manager.
4. Right Answer: A
Explanation: The three primary dimensions of a project are determined by the deliverables, the allocated resources and the delivery time. The area of the project management triangle, comprised of these three dimensions, is fixed. Depending on the degree of freedom, changes in one dimension might be compensated by changing either one or both remaining dimensions. Thus, if resource allocation is decreased an increase in quality can be achieved, if a delay in the delivery time of the project will be accepted. The area of the triangle always remains constant.
5. Right Answer: D
Explanation: Before making any recommendations, an IS auditor needs to understand the project and the factors that have contributed to making the project over budget and over schedule. The organization may have effective project management practices and sound IT governance and still be behind schedule or over budget. There is no indication that the project manager should be changed without looking into the reasons for the overrun.
Explanation: Understanding complexity and risk, and actively managing these throughout a project are critical to a successful outcome. The other choices, while important during the course of the project, cannot be fully determined at the time the project is initiated, and are often contingent upon the risk and complexity of the project.
2. Right Answer: A
Explanation: the majority of project risks can typically be identified before a project begins, allowing mitigation/avoidance plans to be put in place to deal with the risks. A project should have a clear link back to corporate strategy and tactical plans to support this strategy. The process of setting corporate strategy, setting objectives and developing tactical plans should include the consideration of risks. Appointing a risk manager is a good practice but waiting until the project has been impacted by risks is misguided. Risk management needs to be forward looking; allowing risks to evolve into issues that adversely impact the project represents a failure of risk management. With or without a risk manager, persons within and outside of the project team need to be consulted and encouraged to comment when they believe new risks have emerged or risk priorities have changed. The IS auditor has an obligation to the project sponsor and the organization to advise on appropriate project manage me practices. Waiting for the possible appointment of a risk manager represents an unnecessary and dangerous delay to implementing risk management.
3. Right Answer: A
Explanation: To be effective the quality assurance (QA) function should be independent of project management. The QA function should never interact with the project implementation team since this can impact effectiveness. The project manager does not interact with the QA function, which should not impact the effectiveness of the project manager. The QA function does not interact with the project implementation team, which should not impact the efficiency of the project manager.
4. Right Answer: A
Explanation: The three primary dimensions of a project are determined by the deliverables, the allocated resources and the delivery time. The area of the project management triangle, comprised of these three dimensions, is fixed. Depending on the degree of freedom, changes in one dimension might be compensated by changing either one or both remaining dimensions. Thus, if resource allocation is decreased an increase in quality can be achieved, if a delay in the delivery time of the project will be accepted. The area of the triangle always remains constant.
5. Right Answer: D
Explanation: Before making any recommendations, an IS auditor needs to understand the project and the factors that have contributed to making the project over budget and over schedule. The organization may have effective project management practices and sound IT governance and still be behind schedule or over budget. There is no indication that the project manager should be changed without looking into the reasons for the overrun.
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment