5.a. Quiz Roles of various function of IT

Question 1

(1)Which of the following authority is ultimately responsible for the development of an IS security
policy:

A. IS department.
B. security committee.
C. IS audit department.
D. board of directors.

Answer 1

Answer: D. board of directors.

Explanation:
Board of directors in any organization have ultimate responsibility for the development of IS security function. Security committee performs as per the direction of board. The IS department is responsible for the execution of the policy. IS audit department need to ensure proper implementation of IS security policy and in case of any deviation need to report to management

Question 2

(2)Senior Management’s involvement is very vital in the development of:

A. strategic plans.
B. IS security guidelines.
C. IS security procedures.
D. IS Functions.

Answer 2

Answer: A. strategic plans.

Explanation:
Strategic plans are the basis for achieving organization’s goal and objectives. Involvement of senior management is critical for ensuring that the plan is aligned with business objectives. Other options are all structured to support the overall strategic plan.

Question 3

(3)Which of the following is a function of an IS steering committee?

A. Managing outsourced vendors for IS services.
B. Proper segregation of duties for IS processes.
C. Approving and monitoring major projects, the status of IS plans and budgets.
D. Implementing IS security procedures

Answer 3

Answer: C. Approving and monitoring major projects, the status of IS plans and budgets

Explanation:
IS steering committee basically monitors the implementation of IT projects in the organizations.
The IS steering committee typically serves as a general review board for major IS projects and
should not become involved in routine operations; therefore, one of its functions is to approve and
monitor major projects, the status of IS plans and budgets. Other functions are not the function of
IS steering committee.

Question 4

(4) Who is primarily responsible for IT governance:

A. IT strategy committee.
B. board of directors.
C. IT steering committee.
D. audit committee.

Answer 4

Answer: B. board of directors.

Explanation:
Board of directors in any organization have ultimate responsibility for the IT governance. IT strategy
committee advises the board and IT steering committee monitors the board approved IT
governance policy and facilitates deployment of IT resources for specific projects in support of
business plans. The audit committee looks after audit issues and control part.

Question 5

(5) Which of the following team should assume overall responsibility for system development projects?

A. audit committee
B. project steering committee
C. user management
D. Systems development management

Answer 5

Answer: B. Project steering committee

Explanation:
Project steering committee is ultimately responsible for total project management for IT related projects. They provide direction and monitors costs and project schedules. Audit committee do not involve in monitoring the projects. User management and system development management are involved in projects to the extent of their role however responsibility lies with project steering committee. User management assumes ownership of the project and resulting system. They should review and approve deliverable as they are defined and accomplished

Question 6

(6) Which of the following should take ownership of project for system development?

A. User management
B. Project strategy committee.
C. Project steering committee
D. Systems development management

Answer 6

Answer: A. User management

Explanation:
User management assumes ownership of the project. Project should be defined by user management. Also, they should review and approve deliverable to ensure that project is as per their requirement. Role of Strategy Committee is to advise board on IT initiatives. The project steering committee provides overall direction and is also responsible for monitoring project costs and project schedules. Systems development management is responsible for providing technical support.

Question 7

(7)IS department is in process of floating the request for proposal (RFP) for the acquisition of an application system. Who would MOST likely to approve content of RFP:

A. project steering committee.
B. project sponsor.
C. project manager.
D. IS Strategy committee.

Answer 7

Answer: A. project steering committee.

Explanation:
The project steering committee provides overall direction and is also responsible for monitoring
project costs and project schedules .A project steering committee usually consists of a senior representative from each function that will be affected by the new system and would be the most appropriate group to approve the RFP. The project sponsor provides funding for the project. IS strategy committee advices board of directors on IT initiatives.

Question 8

(8) Who among the following is responsible for internal control in the organization:

A. Accounting department.
B. management.
C. the external auditor.
D. IS auditor.

Answer 8

Answer: B. management.

Explanation:
Management is ultimately responsible for effectiveness of internal control mechanism. Designing,
implementing and maintaining a system of internal controls, including the prevention and
detection of fraud is the responsibility of management.

Question 9

(9)Requirement specifications is ultimately responsibility of :

A. Top Management
B. Project sponsor
C. System analyst
D. Steering committee

Answer 9

Answer: B. Project sponsor

Explanation:
The project sponsor is the manager in charge of the business function, the owner of the data and
the owner of the system under development. Providing functional specifications through functional
users is the responsibility of the project sponsor.

Question 10

(10) An organization has established a steering committee to oversee its application development
program. Following is the function of the steering committee:

A. documentation of requirements.
B. escalation of project issues.
C. design of interface controls.
D. specification of reports.

Answer 10

Answer: B. escalation of project issues.

Explanation:
The function of the steering committee is to ensure the success of the project. If there are factors or
issues that potentially could affect planned results, the steering committee should escalate them

Question 11

(11) Accountability for the maintenance of appropriate security measures over information assets
resides with the:

A. security administrator.
B. database administrator.
C. resource owners.
D. IT group.

Answer 11

Answer: C. resource owners.

Explanation:
Resource owners are accountable for protection of their resources. Management should ensure that
all information assets (data and systems) have an appointed owner who makes decisions about classification and access rights. System owners typically delegate day-to-day custodianship to the
systems delivery/operations group and security responsibilities to a security administrator. Owners,
however, remain accountable for the maintenance of appropriate security measures.

Question 12

(12) Who of the following is ultimately responsible for providing requirement specifications to the software development project team?

A. Team leader
B. Project sponsor
C. System analyst
D. Steering committee

Answer 12

Answer: B. Project sponsor

Explanation:
The project sponsor is the manager in charge of the business function, the owner of the data and
the owner of the system under development. Providing functional specifications through functional
users is the responsibility of the project sponsor. The other choices are incorrect.

Question 13

(13)Who assumes ownership of a systems-development project and the resulting system?

A. User management
B. Project steering committee
C. IT management
D. Systems developers

Answer 13

Answer: A

Explanation:
User management assumes ownership of a systems-development project and the resulting system