Domain 3 Task Statements

Question 1

Domain 3—Information Systems Acquisition, Development and Implementation (18%)

Answer 1

Provide assurance that the practices for the acquisition, development, testing and implementation of information systems meet the organization’s strategies and objectives.

Question 2

T3.1

Answer 2

Evaluate the business case for the proposed investments in information systems acquisition, development, maintenance and subsequent retirement to determine whether it meets business objectives.

Question 3

T3.2

Answer 3

Evaluate IT supplier selection and contract management processes to ensure that the organization’s service levels and requisite controls are met.

Question 4

T3.3

Answer 4

Evaluate the project management framework and controls to determine whether business requirements are achieved in a cost‐effective manner while managing risks to the organization.

Question 5

T3.4

Answer 5

Conduct reviews to determine whether a project is progressing in accordance with project plans, is adequately supported by documentation, and has timely and accurate status reporting.

Question 6

T3.5

Answer 6

Evaluate controls for information systems during the requirements, acquisition, development and testing phases for compliance with the organization’s policies, standards, procedures and applicable external requirements.

Question 7

T3.6

Answer 7

Evaluate the readiness of information systems for implementation and migration into production to determine whether project deliverables, controls and organization’s requirements are met.

Question 8

T3.7

Answer 8

Conduct post-implementation reviews of systems to determine whether project deliverables, controls and organization’s requirements are met.