Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CITP > Internal Controls & IT General Controls 2(b)(ii) - SDLC > Flashcards

Internal Controls & IT General Controls 2(b)(ii) - SDLC Flashcards

1
Q

Name the 9 Phases under the “Systems Development Life Cycle” (SDLC):

A

PI DAD-P-TIM

(1) Strategic IT planning
(2) Info Requirements
(3) Conceptual Design
(4) Eval of alt solutions
(5) Detailed Systems Design
(6) Programming or Purchasing
(7) Testing
(8) Implement
(9) Monitoring and maintenance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the 1st phase of the Systems Development Life Cycle (SDLC) and its purpose?

A

IT Strategic Planning:

  • Purpose to ensure proposed change has business case that demonstrates how project will achieve goals and objectives, and how it adds value
  • Thorough written IT strategy and capital budget process incl’g written objectives
  • Ex doc: Strategic plan, BoD minutes, IT capital budget, feasibility studies, project authorization by IT governance body
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the 2nd phase of the Systems Development Life Cycle (SDLC) and its purpose?

A

Info Requirements (systems analysis):

  • Systems analysts, project mgrs or IT gathers req’mts for proposed system by talking to project sponsor, functional area end users and relevant parties to determine functionality software should include:
  • As info req’mts gathered, document in standardized form and follow SDLC best practices
  • Key issues that should be included in mature orgs are expert input on controls, any info security issues and scope of data to be collected (what is needed for effective BI later)
  • Ex of doc’s: Info Req’mts docs, systems analysis report
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the difference btwn AppDev and SysDev?

A
  • SysDev is broader than AppDev and includes systems of technologies
  • AppDev is about an application or core grp of interrelated apps
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the 3rd phase of the Systems Development Life Cycle (SDLC) and its purpose?

A
  • Conceptual Design
  • IT develops “Conceptual Design” based on info gathered in “Systems Analysis”/”Info Req’mts” phase
  • Conceptual design should diagram proposed system for vendors to bid, or programmers and analysts to make ETA and resources to complete the project
  • Ex docs: Diagram or doc of design, summarized data flow diagram (DFD), systems flowchart, programming flowchart,
  • Develop technical blueprint and specs for solution to fulfill business requirements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the 4th phase of the Systems Development Life Cycle (SDLC) and its purpose?

A
  • Eval alternative solutions
  • May lead to sending request for proposal (RFP) to vendors for bids.
  • Alternatives might be to:
    (1) Build - entity’s programmers code
    or
    (2) Buy - outsource programming to vendor.
  • Ex docs: Doc of process, PMO minutes, feasibility study, cost-benefit analysis, system selection report
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the 5th phase of the Systems Development Life Cycle (SDLC) and its purpose?

A
  • 5th (of 9) Phase is “Detailed Systems Design”
  • Whether build or buy choice, need detailed schematic of proposed systems’ functionality, including:
    (1) Input docs (source docs) processing details, and
    (2) Output docs (screens, printouts)
  • Ex docs: Design schematic, normalized data doc, systems design process doc: detailed DFD, entity-relationship (ER) diagram, relational model diagram, data dictionary
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the 7th phase of the Systems Development Life Cycle (SDLC) and what is involved?

A
  • 7 (of 9) Phase is “Testing”
  • Critical success factor in reducing IT risks associated w/ change mgmt
  • Test offline before deployed online
  • Process should be planned, managed and documented
  • Mgmt develop testing plan (checklist) of procedures, including signatures of those performing testing and end users verify successful testing
  • Establish “staging area” where systems similar to enterprise system is housed and used strictly for testing (allows isolated app or hardware to be plugged into enterprise interfaced system of hardware and software where best, broadest test can be performed)
  • Testing more critical if writes own code bc risk of errors in code is greater
  • Ex docs: Testing checklist/plan, testing results documented, user testing signoff, testing results approval/signoff by project sponsor and/or project mgr, project plan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Under the “Systems Development Life Cycle” (SDLC), what is the 8th phase and its purpose?

A
  • IMPLEMENTATION of app or hardware
  • Occurs after testing performed
  • Although testing occurred, still some significant risk in implementation
  • IT dept have some higher level of alertness, watch performance to be ready to handle unexpected problems
  • Ex of docs: Implement plan, doc of implementation, post implement review, user acceptance report, technical hardware and software solution for the business problem
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Under the “Systems Development Life Cycle” (SDLC), what is the 9th phase and its purpose?

A
  • Monitoring and maintenance
  • 2 purposes related to IT risks and SDLC would be:
    (1) Effective Operations - Impacts automated business processes and controls associated w/ significant financial systems
    (2) Determine Need for Change - Reduces risk in diff manner by keeping effectiveness of systems and technologies at high level
  • Ex of docs: Maintenance approval doc’s, support services doc, IT help desk doc’s (tickets, performance charts)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of a “Systems Development Life Cycle” (SDLC)?

A
  • SDLC principles are best practices
  • Presence of SDLC best practices IS a control in itself
  • Serve as benchmarks for evaluating and measuring effectiveness of entity’s change mgmt controls, esp for custom software
  • Following SDLC best practices minimizes IT risks associated w/ change mgmt
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Under the “Systems Development Life Cycle” (SDLC), what are examples of documentation associated w/ each of the 9 SDLC Phases?

A

(1) Strategic Planning - Strat plan, BoD, minutes, IT capital budget, feasibility
studies, project auth by IT governance body
(2) Info Req’mts - Info req’mts doc, systems analysis report
(3) Conceptual Design - Diagram or doc of design, summarized data flow diagram (DFD), systems flowchart, programming flowchart
(4) Alternative Systems Eval - Process doc, PMO minutes, feasibility study, cost-benefit analysis, system selection report
(5) Detail Systems Design - Design schematic, normalized data doc, systems design process doc: detailed DFD, entity-relationship (ER) diagram, relational model diagram, data dictionary
(6) Build/Buy - RFP, PO, SLA/contract w/ SO, auth for
internal IT for AppDev, doc of meeting(s)
(7) Testing - Checklist/plan, results doc, user signoff, results approval/signoff by project sponsor and/or project mgr, project plan
(8) Systems Implement - Implement plan, doc of implementation, post implementation review, user acceptance report
(9) Monitoring and Maintenance - Approval docs, support services doc, IT help desk doc’s (tickets and results, performance charts)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CITP (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions