ACC 409 FINAL EXAM QUESTIONS AND ANSWERS WITH
COMPLETE SOLUTIONS GRADED A++
What are the 5 phases of SDLC (Software Development Life Cycle)
Planning, Analysis, Design, Implementation, Maintenance/Monitoring
What happens in the planning phase (SDLC)?
Looks at the feasibility, business needs, and intention of a project.
Ex: Who is doing what and what needs to be completed
What happens in the analysis phase (SDLC)?
Refines the goals of the project into specified functions and operations of the intended
system.
Ex: Creating simple and detailed BPMNs and activity diagrams
What happens in the design phase (SDLC)?
Describes the desired features of the system
Ex: Creating UML diagram
What happens in the implementation phase (SDLC)?
Transforming the plan from the design phase to a functioning system.
Ex: Creating ER diagram
,What happens in the maintenance phase (SDLC)?
Making changes, corrections, additions, and upgrades to ensure the system continues
to meet the business requirements
Ex: Creating backups, virus checks, peer review
What are the differences between UML and ER diagram?
UML shows both multiplicities of classes
ER shows only the relationship between the classes
UML does not have association linking tables
ER has association linking tables
UML does not show PKs and FKs
ER uses PKs and FKs to create relationships (referential integrity rule)
UML does not have unique identifiers
ER has unique identifiers (entity integrity rule)
What is the smallest and largest unit in a database?
Smallest unit: fields, attributes, and columns
Largest unit: Tables
What is the Sarbanes Oxley Act of 2002 (SOX)? Why is it important? and what are
the 2 SOXs? lol
, The Sarbanes Oxley Act: Requires public companies registered with the SEC and their
auditors to annually assess and report on the design and effectiveness of internal
control over financial reporting.
It is important because it protects investors and shareholders from accounting errors
and fraud. Encourages auditors to use a risk-based top-down approach to identify the
key controls
SOX 302: internal control management
SOX 404: internal and external control management
What are the COSO Internal Control Framework?
C.R.I.M.E.
Control Environment
Risk Assessment: Looks at likelihood and conducts cost/benefit analysis
Information and Communication: Automation, Information up and down, Transformation
Monitoring Activities: Regular backup
(Existing) Control Activities: Segregation of duties
COSO vs COSO ERM
COSO ERM focuses on risk and is more broader than COSO
What is the COBIT Framework? Why is it important?
Created by ISACA, COBIT (Control Objectives for Information and related Technology)
is a generally accepted framework for IT governance and management.
COMPLETE SOLUTIONS GRADED A++
What are the 5 phases of SDLC (Software Development Life Cycle)
Planning, Analysis, Design, Implementation, Maintenance/Monitoring
What happens in the planning phase (SDLC)?
Looks at the feasibility, business needs, and intention of a project.
Ex: Who is doing what and what needs to be completed
What happens in the analysis phase (SDLC)?
Refines the goals of the project into specified functions and operations of the intended
system.
Ex: Creating simple and detailed BPMNs and activity diagrams
What happens in the design phase (SDLC)?
Describes the desired features of the system
Ex: Creating UML diagram
What happens in the implementation phase (SDLC)?
Transforming the plan from the design phase to a functioning system.
Ex: Creating ER diagram
,What happens in the maintenance phase (SDLC)?
Making changes, corrections, additions, and upgrades to ensure the system continues
to meet the business requirements
Ex: Creating backups, virus checks, peer review
What are the differences between UML and ER diagram?
UML shows both multiplicities of classes
ER shows only the relationship between the classes
UML does not have association linking tables
ER has association linking tables
UML does not show PKs and FKs
ER uses PKs and FKs to create relationships (referential integrity rule)
UML does not have unique identifiers
ER has unique identifiers (entity integrity rule)
What is the smallest and largest unit in a database?
Smallest unit: fields, attributes, and columns
Largest unit: Tables
What is the Sarbanes Oxley Act of 2002 (SOX)? Why is it important? and what are
the 2 SOXs? lol
, The Sarbanes Oxley Act: Requires public companies registered with the SEC and their
auditors to annually assess and report on the design and effectiveness of internal
control over financial reporting.
It is important because it protects investors and shareholders from accounting errors
and fraud. Encourages auditors to use a risk-based top-down approach to identify the
key controls
SOX 302: internal control management
SOX 404: internal and external control management
What are the COSO Internal Control Framework?
C.R.I.M.E.
Control Environment
Risk Assessment: Looks at likelihood and conducts cost/benefit analysis
Information and Communication: Automation, Information up and down, Transformation
Monitoring Activities: Regular backup
(Existing) Control Activities: Segregation of duties
COSO vs COSO ERM
COSO ERM focuses on risk and is more broader than COSO
What is the COBIT Framework? Why is it important?
Created by ISACA, COBIT (Control Objectives for Information and related Technology)
is a generally accepted framework for IT governance and management.
