After the merger of two organizations, which of the following is the MOST important task for an IS auditor to perform?
Correct Answer: C
Question 17
As an IS auditor it is very important to understand software release management process. Which of the following software release normally contains small enhancements and fixes?
Correct Answer: B
Section: Information System Operations, Maintenance and Support Explanation/Reference: Minor releases incorporate a number of fixes for known problems into the baseline, or trusted state, of an item. Minor releases usually increment the version number at the first decimal place. For example, version 6.10 would change to version 6.20. For CISA exam you should know below information about software release management: Software Release Management is the process of ensuring releases can be reliably planned, scheduled and successfully transitioned (deployed) to Test and Live Environments. Software Release Management is not just about "automating the path to production" although that is certainly an important part. It also about adopting a holistic view of application changes, using the "Release" as the container to ensure that changes are packaged, released and tested in a repeatable and controlled manner. Release Management is often likened to the conductor of an orchestra, with the individual changes to be implemented the various instruments within it. Software Release Management is intrinsically linked with the more well understood and adopted Software Change and Configuration Management disciplines. Software Release management is a process through which software is made available to user. Each update or upgrade of a Configuration Item is referred to as a release. There are three levels of releases. These levels related to releasing hardware or software into your IT infrastructure. Some may be a single change, others may implement many changes at a time. Major - A major release usually introduces new capabilities or functions. Major releases may accumulate all the changes from previous minor releases. Major releases advance the version number by a full increment, for example, from version 5.70 to version 6. Minor - Minor releases incorporate a number of fixes for known problems into the baseline, or trusted state, of an item. Minor releases usually increment the version number at the first decimal place. For example, version 6.10 would change to version 6.20. Emergency - Emergency releases are quick fixes to repair unexpected problems or temporary measures to prevent the interruption of critical services. The following were incorrect answers: Major - A major release usually introduces new capabilities or functions. Major releases may accumulate all the changes from previous minor releases. Major releases advance the version number by a full increment, for example, from version 5.70 to version 6. Emergency - Emergency releases are quick fixes to repair unexpected problems or temporary measures to prevent the interruption of critical services. General software Release - Not a valid type of software release. The following reference(s) were/was used to create this question: CISA review manual 2014 Page number 244
Question 18
Which of the following is a reason for implementing a decentralized IT governance model?
Correct Answer: C
Question 19
An IS auditor concludes that an organization has a quality security policy. Which of the following is MOST important to determine next? The policy must be:
Correct Answer: D
Question 20
Which of the following analytical methods would be MOST useful when trying to identify groups with similar behavior or characteristics in a large population?
