Chapter 5 Part 2

Question 1

Purpose is to produce a detailed description of the proposed
system that both satisfies the system requirements identified
during systems analysis and is in accordance with the
conceptual design.

Answer 1

PHASE 5: Detailed Design

Question 2

• independent one made up of programmers,
analysts, users, and internal auditors.
• Job is to simulate the operation of the system to
uncover errors, omissions, and ambiguities in the
design.

Answer 2

Quality assurance group

Question 3

Select a programming language from among the various
languages available and suitable to the application

Answer 3

PHASE 6: Application Programming and Testing

Question 4

• requires the programmer to specify the precise
order in which the program logic is executed.
• often called third-generation languages (3GLs)
– FORTRAN, C, and PL1.

Answer 4

A. Procedural Language (e.g. COBOL)

Question 5

• no longer procedural.
• the program’s code is not executed in a
predefined sequence.
• external actions or “events” that are initiated by
the user dictate the control flow of the program.

Answer 5

B. Event-driven languages (e.g. Visual Basic)

Question 6

Central to achieving the benefits of the object-
oriented approach.

Answer 6

C. Object-Oriented Languages. (e.g. Java or C++)

Question 7

Three (3) Benefits of Program system

Answer 7

1. Programming efficiency
2. Maintenance efficiency
3. Control.

Question 8

Database structures are created and populated with data,
equipment is purchased and installed, employees are
trained, the system is documented, and the new system is
installed.

Answer 8

PHASE 7: System Implementation

Question 9

• When all modules have been coded and tested,
they must be brought together and tested as a
whole

Answer 9

Testing the Entire System

Question 10

• provides the auditor with essential information about
how the system works.

Answer 10

Documenting the System

Question 11

Requirements in documenting the system

Answer 11

1. Designer and Programmer Documentation
2. Operator Documentation
3. User Documentation
4. User Handbook
5. Tutorials
6. Help Features

Question 12

to debug errors and perform maintenance on
the system.

Answer 12

Designer and Programmer Documentation

Question 13

Computer operators use documentation called
a run manual, which describes how to run the
system.

Answer 13

Operator Documentation

Question 14

describing how to use the system.

Answer 14

User Documentation

Question 15

user documentation often takes the form of a
user handbook, as well as online
documentation.

Answer 15

User Handbook

Question 16

Online tutorials can be used to train the novice
or the occasional user.

Answer 16

Tutorials

Question 17

Online help features range from simple to
sophisticated.
- Simple help feature (an error message
displayed on the screen)
- Sophisticated help feature (context-related)

Answer 17

Help Features

Question 18

User’s Skill Level:

Answer 18

1. Novices
2. Occasional users
3. Frequent light users
4. Frequent power users

Question 19

The process of converting from the old system to the new
one is called the

Answer 19

Cutover

Question 20

Three (3) Approaches of cutover

Answer 20

1. Cold Turkey Cutover (“Big Bang” approach)
2. Phased Cutover
3. Parallel Operation Cutover

Question 21

firm switches to the new system and
simultaneously terminate the old system.
- often the easiest and least costly approach.

Answer 21

Cold Turkey Cutover (“Big Bang” approach)

Question 22

By phasing in the new system in modules, we
reduce the risk of a devastating system failure.
- However, the phased approach can create
incompatibilities between new subsyst

Answer 22

Phased Cutover

Question 23

involves running the old system and the new system simultaneously for a period of time.

Answer 23

Parallel Operation Cutover

Question 24

The physical features of the system should be reviewed
to see if they meet user needs.

Answer 24

Systems Design Adequacy.

Question 25

• A formal process by which application programs
undergo changes to accommodate changes in
user needs.
• Maintenance represents a significant resource
outlay compared to initial development costs.

Answer 25

PHASE 8 : Systems Maintenance

Question 26

All systems must be properly authorized to ensure their economic justification and feasibility.

Answer 26

Systems Authorization Activities

Question 27

Users must be actively involved in the systems development process.

Answer 27

User Specification Activities

Question 28

translate the user specifications into a set of detailed technical specifications of a system that meets the user’s needs.

Answer 28

Technical Design Activities

Question 29

The internal auditor plays an important role in the control of systems development activities, particularly in organizations whose users lack technical expertise.

Answer 29

Internal Audit Participation

Question 30

Just before implementation, the individual
modules of the system must be tested as a
unified whole.

Answer 30

User Test and Acceptance Procedures

Question 31

Access to systems for maintenance purposes
increases the possibility of systems errors.
- Logic may be corrupted either by the
accidental introduction of errors or intentional
acts to defraud.

Answer 31

Maintenance Authorization, Testing, and
Documentation

Question 32

In spite of the preceding maintenance
procedures, application integrity can be
jeopardized by individuals who gain
unauthorized access to programs.

Answer 32

Source Program Library (SPL) Controls

Question 33

THE WORST-CASE SITUATION: NO CONTROLS
Two (2) Serious Forms of Exposure:

Answer 33

1. Access to programs is completely unrestricted
2. Because of these control weaknesses, programs are
   subject to unauthorized changes.

Question 34

Assigning passwords provides one form of
access control over the SPL.

Answer 34

Password Control.

Question 35

programs are copied into the programmer’s
library for maintenance and testing.

Answer 35

Separate Test Libraries

Question 36

An important feature of SPL management
software is the creation of reports that enhance
management control and the audit function.

Answer 36

Audit Trail and Management Reports

Question 37

The SPLMS assigns a version number
automatically to each program stored on the
SPL.

Answer 37

Program Version Numbers

Question 38

SPL management systems use powerful
maintenance commands to alter or eliminate
program passwords, alter the program version
(modification) number, and temporarily modify
a program without generating a record of the
modification.

Answer 38

Controlling Access to Maintenance Commands

Question 39

Audit Procedures Related to System Maintenance

Answer 39

1. Identify Unauthorized Changes
2. Identify Application Errors
3. Test Access to Libraries