Which of the following should be the GREATEST concern for an IS auditor performing a post- implementation review for a major system upgrade?

• A.Changes are promoted to production by the development group.
• B.Developers have access to the testing environment.
• C.Object code can be accessed by the development group.
• D.Change approvals are not formally documented.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MAIN risk associated with adding a new system functionality during the development phase without following a project change management process?

• A.The project may fail to meet the established deadline
• B.The new functionality may not meet requirements
• C.The added functionality has been documented
• D.The project may go over budget

Comment: *

Name: *

Email: *

Verification: *

Which of the following is a management technique that enables organizations to develop strategically
important systems faster, while reducing development costs and maintaining quality?

• A.Function point analysis
• B.Critical path methodology
• C.Rapid application development
• D.Program evaluation review technique

Comment: *

Name: *

Email: *

Verification: *

A malicious code that changes itself with each file it infects is called a:

• A.logic bomb.
• B.stealth virus.
• C.trojan horse.
• D.polymorphic virus.

Comment: *

Name: *

Email: *

Verification: *

Which of the following characteristics pertaining to databases is not true?

• A.A data model should exist and all entities should have a significant name.
• B.Justifications must exist for normalized data.
• C.No NULLs should be allowed for primary keys.
• D.All relations must have a specific cardinality.

Comment: *

Name: *

Email: *

Verification: *