Chapter 3 - Information system acquisition, development and implementation Flashcards Preview

CISA > Chapter 3 - Information system acquisition, development and implementation > Flashcards

Flashcards in Chapter 3 - Information system acquisition, development and implementation Deck (13)
Loading flashcards...

what is a swim lane diagram?

A swim lane diagram deconstructs business processes.


what is a context diagram?

A context diagram outlines the major business processes and the parties with which the business interacts.


what is a entity relationship diagram?

A Entity relationship diagram shows entities and how they interact with each other


What need to be included in the IS audit report after the system testing stage?

Auditor needs to tell management if the system meets business requirements, if the system has appropriate controls, and if it's ready to be put into production. Report also needs to identify risks.


What are the advantages and disadvantages of an IDE (intergrated development environment)?

1. lower development cost
2. provide more programming resources
3. provide rapid response time because the program libraries are on a server and modifications are performed on a workstation

1. Potential for multiple version of the program
2. unauthorised access
3. Potentially accidentally overriding valid changes


what is an OBS (Object Breakdown Structure)?

OBS represents compoenent solutions and their relationship to each other in a table or graphically. It makes it easier to visualise the scope of the project. And prevent compoenents from being overlooked.


When is RFP preferred?

Request for Proposal is preferred in systemintegration projects such as supplu chain management and ERP. Before develop RFP, company may develop RFI to solicits software vendors for advice about problems in the existing systems.

An Invitation to Tender (ITT) is preferred where acquiring hardware, a network, or a database is involved.


What is the most often associated risk with system development using 4GLs?

4GLs are usually not suitable for data intensive operations. Instead, they are used mainly for graphic user interface design or as simple query/report generators


What is the dynamic analysis tool used for testing software modules?

A black box test is a dynamic analysis tool for testing software modules, During the testing, a black box works first in a cohesive manner as one single unit, consisting of numerous modules and second, with the user data that flows across software modules.


What is BPR?

Business process reengineering is the process of responding to competitive and economic pressures, and customer demands to survive in the current business environment.It is usually done y automating system processes so that there are fewer manual interventions and manual controls.

The key to BPR is that change efforts are consistent with the overall culture and strategic plan of the organisation. There are documented lessons learned, and the reengineering team is making an effort to minimise any negative impact.


What is the major concern of BPR?

Key controls may be reengineered out of a business process.


What is ISO/IEC 25010:2011?

It is an international standard to assess the quality of software products. It provides the definition of the characteristic and associated quality evaluation process to be used when specifying the requirements for, and evaluating the quality of, software products throughout the lifecycle.

It includes: Functionality, Reliability, Usability, Efficiency, Maintainability, Portability


Which device extends the network and has the capacity to store frames and act a a storage and forward device?