2.5.a Quiz Roles of various function of IT (Doshi) Flashcards
Which of the following authority is ultimately responsible for the development of an IS security policy:
A. IS department.
B. security committee.
C. IS audit department.
D. board of directors.
D. board of directors.
Board of directors in any organization have ultimate responsibility for the development of IS security function. Security committee performs as per the direction of board. The IS department is responsible for the execution of the policy. IS audit department need to ensure proper implementation of IS security policy and in case of any deviation need to report to management
Senior Management’s involvement is very vital in the development of:
A. strategic plans.
B. IS security guidelines.
C. IS security procedures.
D. IS Functions.
A. strategic plans.
Strategic plans are the basis for achieving organization’s goal and objectives. Involvement of senior management is critical for ensuring that the plan is aligned with business objectives. Other options are all structured to support the overall strategic plan.
Which of the following is a function of an IS steering committee?
A. Managing outsourced vendors for IS services.
B. Proper segregation of duties for IS processes.
C. Approving and monitoring major projects, the status of IS plans and budgets.
D. Implementing IS security procedures
C. Approving and monitoring major projects, the status of IS plans and budgets
IS steering committee basically monitors the implementation of IT projects in the organizations.
The IS steering committee typically serves as a general review board for major IS projects and should not become involved in routine operations; therefore, one of its functions is to approve and monitor major projects, the status of IS plans and budgets. Other functions are not the function of IS steering committee.
Who is primarily responsible for IT governance:
A. IT strategy committee.
B. board of directors.
C. IT steering committee.
D. audit committee.
B. board of directors.
Board of directors in any organization have ultimate responsibility for the IT governance. IT strategy committee advises the board and IT steering committee monitors the board approved IT governance policy and facilitates deployment of IT resources for specific projects in support of business plans. The audit committee looks after audit issues and control part.
Which of the following team should assume overall responsibility for system development projects?
A. audit committee
B. project steering committee
C. user management
D. Systems development management
B. Project steering committee
Project steering committee is ultimately responsible for total project management for IT related projects. They provide direction and monitors costs and project schedules. Audit committee do not involve in monitoring the projects. User management and system development management are involved in projects to the extent of their role however responsibility lies with project steering committee. User management assumes ownership of the project and resulting system. They should review and approve deliverable as they are defined and accomplished
Which of the following should take ownership of project for system development?
A. User management
B. Project strategy committee.
C. Project steering committee
D. Systems development management
A. User management
User management assumes ownership of the project. Project should be defined by user management. Also, they should review and approve deliverable to ensure that project is as per their requirement. Role of Strategy Committee is to advise board on IT initiatives. The project steering committee provides overall direction and is also responsible for monitoring project costs and project schedules. Systems development management is responsible for providing technical support.
IS department is in process of floating the request for proposal (RFP) for the acquisition of an application system. Who would MOST likely to approve content of RFP:
A. project steering committee.
B. project sponsor.
C. project manager.
D. IS Strategy committee.
A. project steering committee.
The project steering committee provides overall direction and is also responsible for monitoring project costs and project schedules .A project steering committee usually consists of a senior representative from each function that will be affected by the new system and would be the most appropriate group to approve the RFP. The project sponsor provides funding for the project. IS strategy committee advices board of directors on IT initiatives.
Who among the following is responsible for internal control in the organization:
A. Accounting department.
B. management.
C. the external auditor.
D. IS auditor.
B. management.
Management is ultimately responsible for effectiveness of internal control mechanism. Designing, implementing and maintaining a system of internal controls, including the prevention and detection of fraud is the responsibility of management.
Requirement specifications is ultimately responsibility of:
A. Top Management
B. Project sponsor
C. System analyst
D. Steering committee
B. Project sponsor
The project sponsor is the manager in charge of the business function, the owner of the data and the owner of the system under development. Providing functional specifications through functional users is the responsibility of the project sponsor.
An organization has established a steering committee to oversee its application development program. Following is the function of the steering committee:
A. documentation of requirements.
B. escalation of project issues.
C. design of interface controls.
D. specification of reports.
B. escalation of project issues.
The function of the steering committee is to ensure the success of the project. If there are factors or issues that potentially could affect planned results, the steering committee should escalate them
Accountability for the maintenance of appropriate security measures over information assets resides with the:
A. security administrator.
B. database administrator.
C. resource owners.
D. IT group.
C. resource owners.
Resource owners are accountable for protection of their resources. Management should ensure that all information assets (data and systems) have an appointed owner who makes decisions about classification and access rights. System owners typically delegate day-to day custodianship to the systems delivery/operations group and security responsibilities to a security administrator. Owners, however, remain accountable for the maintenance of appropriate security measures.
Who of the following is ultimately responsible for providing requirement specifications to the software development project team?
A. Team leader
B. Project sponsor
C. System analyst
D. Steering committee
B. Project sponsor
The project sponsor is the manager in charge of the business function, the owner of the data and the owner of the system under development. Providing functional specifications through functional users is the responsibility of the project sponsor. The other choices are incorrect.
Who assumes ownership of a systems-development project and the resulting system?
A. User management
B. Project steering committee
C. IT management
D. Systems developers
A. User management
User management assumes ownership of a systems development project and the resulting system