Show
Chapter 2 Auditing IT Governance Controls Review Questions 1. What is IT governance? Response: IT governance is a relatively new subset of corporate governance that focuses on the management and assessment of strategic IT resources. 2. What are the objectives of IT governance? Response: The key objectives of IT governance are to reduce risk and ensure that investments in IT resources add value to the corporation. 3. What is distributed data processing? Response: Distributed data processing involves reorganizing the central IT function into small IT units that are placed under the control of end users. The IT units may be distributed according to business function, geographic location, or both. All or any of the IT functions may be distributed. The degree to which they are distributed will vary depending upon the philosophy and objectives of the organization’s management. 4. What are the advantages and disadvantages of distributed data processing? Response: The advantages of DDP are: a. cost reductions b. improved cost control responsibility c. improved user satisfaction d. back up flexibility The disadvantages (risks) are: a. inefficient use of resources b. destruction of audit trails c. inadequate segregation of duties d. difficulty acquiring qualified professionals e. lack of standards 5. What types of tasks become redundant in a distributed data processing system? Response: Autonomous systems development initiatives distributed throughout the firm can result in each user area reinventing the wheel rather than benefiting from the work of others. For example, application programs created by one user, which could be used with little or no change by others, will be redesigned from scratch rather than shared. Likewise, data common to many users may be recreated for each, resulting in a high level of data redundancy. This situation has implications for data accuracy and consistency. . Consider the following computer applications: (1) At a catalog sales firm, as phone orders are entered into their computer, both inventory and credit are immediately checked. Which statement below is true for these applications? 59) Consider the following computer applications: (1) At a catalog sales firm, as phone orders are entered into their computer, both inventory and credit are immediately checked. Which statement below is true for these applications? Which of the following personnel is responsible for determining the computer processing needs of the various users *?Which of the following personnel is responsible for determining the computer processing needs of the various users? The systems analyst.
Which of the following personnel is responsible for the proper functioning of the security features built into the operating system?21. Which of the following personnel is responsible for the proper functioning of the security features built into the operating system? A. The systems programmer.
Should internal auditors be members of systems development teams that design and implement an information system Why or why not?DQ 9.2: Should internal auditors be members of system development teams that design and implement an AIS? Why or why not? No, auditor's role in systems development should be limited to an independent review of systems development activities.
What is the auditors role in systems analysis?The System Auditor
The role of auditor begins at the initial stage of system development so that resulting system is secure. It describes an idea of utilization of system that can be recorded which helps in load planning and deciding on hardware and software specifications.
|