Information System Implementation Flashcards

1
Q

What are some attributes that best describe system “portability?”

A

A - ability of the software to be transferred from one environment to another

B - capability of software to maintain its level of performance under stated conditions

C - relationship between the performance of the software and the amount of resources used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What attribute best describes system “Functionality?”

A

THE existence of a set of functions and their specified properties

i.e. The functionality of a system represents the tasks, operations and purpose of the system in achieving its objective (i.e., supporting a business requirement).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why would change controls for business applications being developed (using prototyping) create complications?

A

Because of the rapid pace of modifications in requirements and design

i.e. These changes happen so quickly that they are seldom documented or approved

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

WHAT would be an IS auditor’s primary concern when system developers request a previous days production transaction file?

A

Unauthorized access to sensitive data may result

i.e. Unless sanitized, there is a risk of disclosing sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a “MOST” important step when a new system is to be implemented within a short period of time?

A

That User Acceptance Testing is Performed

i.e. This ensures that the system to be implemented is working correctly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

WHAT is a major risk involved with combing Quality Assurance Testing and User acceptance testing?

A

That there will be an improper acceptance of a program

i.e. The users may apply pressure to accept a program that meets their needs even though it does not meet quality assurance standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

WHAT would be a major concern for the design of a Data Warehouse?

A

The Quality of the metadata

i.e. Metadata describes the data in the (data) warehouse and aims to provide a table of contents to the stored information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

WHAT is “atomicity” the principle of data integrity known for?

A

For ensuring that a transaction is either completed in its entirety or not at all

i.e. If an error or interruption occurs, all changes made up to that point are backed out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a key advantage of using the “Bottom-up” versus the “Top-down” approach for software testing?

A

Errors in critical modules are detected earlier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the purpose of a sociability test?

A

To confirm that a new or modified system can operate in its target environment without adversely impacting existing systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

WHAT control would an IS Auditor recommend to ensure that transactions are not lost during the processing of transactions in an application?

A

Automated systems balancing

i.e. any imbalance between total inputs and total outputs would be reported for investigation and correction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

WHAT data validation edit would be MOST effective in detecting transposition and transcription errors?

A

Check digit

WHY? - Because it is a numeric value that is calculated mathematically and is appended to data to ensure that the original data have not been altered (e.g., an incorrect, but valid, value substituted for the original)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

WHAT testing stage would have the greatest impact on the implementation of new application software?

A

The “Acceptance Testing” stage

WHY? - Because its the final stage before the software is installed and is available for use (i.e. failure here could result in delays and cost overruns)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

WHAT is the ideal environment to conduct systems “stress testing?”

A

In a test environment using live workloads

i.e. This helps ensure that the system will operate effectively when moved into production.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

WHAT is an advantage of using sanitized live transactions in test data?

A

That those test transactions are representative of live processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or False.

The editing/validation of data entered at a remote site is performed MOST effectively at the remote processing site (then transmitted to the central processing site)

A

TRUE.

WHY? - Because it is important to have the data entered from a remote site edited and validated prior to transmission to the central processing site

17
Q

WHAT should the IS auditor review during the system testing phase of an application development project?

A

The “Error” Report

i.e. They should review error reports for their precision in recognizing erroneous data and review the procedures for resolving errors

18
Q

Who is primarily responsible during the data conversion stage of a project (E.g. signing-off on the accuracy and completeness of the data)?

A

The Data Owner

i.e. They are primarily responsible for reviewing and signing-off that the data has been migrated completely and accurately and is valid.

19
Q

WHAT is the best testing approach to ensure that internal application interface errors are identified quickly?

A

The “Top-down” Approach

Why? - Because it ensures that interface errors are detected early and testing of major functions is conducted early

20
Q

WHAT is the primary objective of conducting a “post-incident” review?

A

To examine both the cause and response to an incident

i.e. This provides an opportunity to improve internal control procedures. These lessons learned during the review helps to improve upon internal controls