The phases and deliverables of a system development life cycle (SDLC) project should be determined:

• A.during the initial planning stages of the project.
• B.after early planning has been completed, but before work has begun.
• C.throughout the work stages, based on risks and exposures.
• D.only after all risks and exposures have been identified and the IS auditor has recommended appropriate controls.

Comment: *

Name: *

Email: *

Verification: *

Above almost all other concerns, what often results in the greatest negative impact on the implementation of new application software?

• A.Failing to perform user acceptance testing
• B.Lack of user training for the new system
• C.Lack of software documentation and run manuals
• D.Insufficient unit, module, and systems testing

Comment: *

Name: *

Email: *

Verification: *

Which of the following controls should be implemented to BEST minimize system downtime for maintenance?

• A.Nightly full backups
• B.Clustering
• C.Virtualization
• D.Warm site

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the BEST time for an IS auditor to perform a post-implementation review?

• A.Before decommissioning the legacy system
• B.After the completion of user testing
• C.When the system has stabilized
• D.Immediately after the new system goes into production

Comment: *

Name: *

Email: *

Verification: *

When conducting a review of security incident management, an IS auditor found there are no defined escalation processes. All incidents are managed by the service desk. Which of the following should be the auditor's PRIMARY concern?

• A.Inefficient use of service desk resources
• B.Management's lack of high impact incidents
• C.Delays in resolving low priority trouble tickets
• D.Management's inability to follow up on incident resolution

Comment: *

Name: *

Email: *

Verification: *