POLYTECHNIC UNIVERSITY OF THE PHILSAuditing on CIS EnvironmentQuiz on Chapter 5

NAME: ___________________________________________ Course/Year:_________________ Date:________________________

TRUE OR FALSE1. The objective of systems planning is to link systems projects to the strategic objectives of the firm.2. An accountant’s responsibility in the SDLC is to ensure that the system applies proper accounting conventions and rules and possesses

adequate control.3. In the conceptual design phase of the System Development Life Cycle (SDLC), task force members are focused on selecting the new

system design.4. When determining the operational feasibility of a new system, the expected ease of transition from the old system to the new system

should be considered.5. Instead of implementing an application in a single big-bang release, modern systems are delivered in parts continuously and quickly.6. When the nature of the project and the needs of the user permit, most organizations will seek a pre-coded commercial software package

rather than develop a system in-house.7. All of the steps in the Systems Development Life Cycle apply to software tat is developed in-house and to commercial software.8. Mixing technologies from many vendors improves technical feasibility.9. The first step in the SDLC is to develop a systems strategy.10. System maintenance is often viewed as the first phase of a new development cycle.11. The payback method is often more useful than the net present value method for evaluating systems projects because the effective lives

of information system tend to be short and shorter payback projects are often desirable.12. Intangible benefits are not physical, but can be measured and expressed in financial terms.13. Maintenance access to systems increases the risk that logic will be corrupted either by the accident or intent to defraud.14. Source program library controls should prevent and detect unauthorized access to application programs.15. The user test and acceptance procedure is the last point at which the user can determine the system’s acceptability prior to it going into

service.

MULTIPLE CHOICE16. Which control is not associated with new systems development activities:

a. Reconciling program version numbers c. user involvementb. Program testing d. internal audit participation

17. Which test of controls will provide evidence that the system as originally implemented was free from material errors and free from fraud? Review of the documentation indicates thata. A cost benefit analysis was conductedb. The detailed design was an appropriate solution to the user’s problemc. Tests were conducted at the individual module and total system levels prior to implementationd. Problem detected during the conversion period were corrected in the maintenance phase

18. Routine maintenance activities require all of the following controls excepta. Documentation updates b. testing c. formal authorization d. internal audit approval

19. Which statement is correct?a. Compiled programs are very susceptible to unauthorized modificationb. The source program library stores application programs in source code formc. Modifications are made to programs in machine code languaged. The source program library management system increases operating efficiency

20. Which control is not a part of the soured program library management system?a. Using passwords to limit access to application programsb. Assigning a test name to all programs undergoing maintenancec. Combining access to the development and maintenance test librariesd. Assigning version numbers to programs to record program modifications

21. Which control ensures that production files cannot be accessed without specific permission?a. Database Management System c. Source Program Library Management Systemb. Recovery Operations Function d. Computer Services Function

22. Program testinga. Involved individual modules only, not the full system c. requires creation of meaningful test datab. Need not be repeated once the system is implemented d. is primarily concerned with usability

23. When the auditor reconciles the program version numbers, which audit objective is being tested?a. Protect applications from unauthorized changesb. Ensure applications are free from errorc. Protect production libraries from unauthorized accessd. Ensure incompatible functions have been identified and segregated

24. Which is not a level of a data flow diagram?a. Conceptual level b. context level c. intermediate level d. elementary level

25. The benefits of the object oriented approach to systems design include all of the following excepta. This approach does not require input from accountants and auditorsb. Development time is reducedc. A standard module once tested does not have to be retested until changes are maded. System maintenance activities are simplified

26. A cost benefit analysis is a part of the detailed _________ feasibility studya. Operational b. schedule c. legal d. economic

27. Examples of one-time costs include all of the following excepta. Hardware acquisition b. insurance c. site preparation d. programming

28. A commercial software system that is completely finished, tested and ready for implementation is called aa. Backbone system b. vendor-supported system c. benchmark system d. turnkey system

29. Which step is least likely to occur when choosing a commercial software package?a. A detailed review of the source code c. preparation of a request for proposalb. Contact with user groups d. comparison of the results of a benchmark problem

30. The output of the detailed design phase of the System Development Life Cycle (SDLC) is aa. Fully documented system report c. detailed system design reportb. Systems selection report d. systems analysis report

31. The detailed design report contains all of the following excepta. Input screen formats b. alternative conceptual designs c. report layouts d. process logic

32. Site preparation costs include all or the following excepta. Crane used to install equipt b. freight charges c. supplies d. reinforcement of the bldg. floor

33. The testing of individual program modules is a part of ___________________ costsa. Software acquisition b. system design c. data conversion d. programming

34. A tangible benefita. Can be measured and expressed in financial term c. might decrease costb. Might increase revenues d. all of the above

35. Intangible benefitsa. Are easily measuredb. Are of relatively little importance in making information system decisionsc. Are sometimes estimated using customer satisfaction surveysd. When measured, d not lend themselves to manipulation