2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
CISA Domain 3 Missed Questions: Information
Systems Development and Implementation;
Information Systems Implementation
Save
Terms in this set (56)
When auditing the A is the correct answer.
proposed acquisition of a Justification
new computer system, an The first concern of an IS auditor is to ensure that the
IS auditor should FIRST proposal meets the needs of the business. This should
ensure that: be established by a clear business case.
a clear business case has Compliance with security standards is essential, but it
been approved by is too early in the procurement process for this to be
management. an IS auditor's first concern.
corporate security Having users involved in the implementation process
standards will be met. is essential, but it is too early in the procurement
users will be involved in process for this to be an IS auditor's first concern.
the implementation plan. Meeting the needs of the users is essential, and this
the new system will meet should be included in the business case presented to
all required user management for approval.
functionality.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 1/43
,2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
D is the correct answer.
An IS auditor reviewing a
Justification
proposed application
If the OS is currently being used, it is compatible with
software acquisition
the existing hardware platform; if it were
should ensure that the:
incompatible, it would not operate properly.
operating system (OS)
The planned OS updates should be scheduled to
being used is compatible
minimize negative impacts on the organization, but
with the existing hardware
this is not an issue when considering the acquisition of
platform.
new software.
planned OS updates have
The installed OS should be equipped with the most
been scheduled to
recent versions and updates (with sufficient history
minimize negative impacts
and stability). Because this is installed, it is not a
on company needs.
consideration at the time of considering acquisition of
OS has the latest versions
a new application.
and updates.
In reviewing the proposed application, the auditor
product is compatible with
should ensure that the products to be purchased are
the current or planned OS.
compatible with the current or planned OS.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 2/43
,2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
A company has A is the correct answer.
implemented a new client- Justification
server enterprise resource Verification of the products produced will ensure that
planning (ERP) system. the produced products match the orders in the order
Local branches transmit system.
customer orders to a Logging can be used to detect inaccuracies but does
central manufacturing not, in itself, guarantee accurate processing.
facility. Which of the Hash totals will ensure accurate order transmission,
following would BEST but not accurate processing centrally.
ensure that the orders are Production supervisory approval is a time consuming,
processed accurately, and manual process that does not guarantee proper
the corresponding control.
products are produced?
Verifying production of
customer orders
Logging all customer
orders in the ERP system
Using hash totals in the
order transmitting process
Approving (production
supervisor) orders prior to
production
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 3/43
, 2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
Question B is the correct answer.
Once an organization has Justification
finished the business An IS auditor must review the process as it is today,
process reengineering not as it was in the past.
(BPR) of all its critical An IS auditor's task is to identify and ensure that key
operations, an IS auditor controls have been incorporated into the
would MOST likely focus reengineered process.
on a review of: Business process reengineering (BPR) project plans
pre-BPR process are a step within a BPR project.
flowcharts. These are steps within a BPR project.
post-BPR process
flowcharts.
BPR project plans.
continuous improvement
and monitoring plans.
B is the correct answer.
Justification
Contract management practices, although important,
Which of the following will
will not ensure successful development if the
BEST ensure the
specifications are incorrect.
successful offshore
When dealing with offshore operations, it is essential
development of business
that detailed specifications be created. Language
applications?
differences and a lack of interaction between
Stringent contract
developers and physically remote end users could
management practices
create gaps in communication in which assumptions
Detailed and correctly
and modifications may not be adequately
applied specifications
communicated. Inaccurate specifications cannot
Awareness of cultural and
easily be corrected.
political differences
Cultural and political differences, although important,
Post-implementation
should not affect the delivery of a good product.
review
This, although important, is too late in the process to
ensure successful project delivery and is not as
pivotal to the success of the project.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 4/43
CISA Domain 3 Missed Questions: Information
Systems Development and Implementation;
Information Systems Implementation
Save
Terms in this set (56)
When auditing the A is the correct answer.
proposed acquisition of a Justification
new computer system, an The first concern of an IS auditor is to ensure that the
IS auditor should FIRST proposal meets the needs of the business. This should
ensure that: be established by a clear business case.
a clear business case has Compliance with security standards is essential, but it
been approved by is too early in the procurement process for this to be
management. an IS auditor's first concern.
corporate security Having users involved in the implementation process
standards will be met. is essential, but it is too early in the procurement
users will be involved in process for this to be an IS auditor's first concern.
the implementation plan. Meeting the needs of the users is essential, and this
the new system will meet should be included in the business case presented to
all required user management for approval.
functionality.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 1/43
,2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
D is the correct answer.
An IS auditor reviewing a
Justification
proposed application
If the OS is currently being used, it is compatible with
software acquisition
the existing hardware platform; if it were
should ensure that the:
incompatible, it would not operate properly.
operating system (OS)
The planned OS updates should be scheduled to
being used is compatible
minimize negative impacts on the organization, but
with the existing hardware
this is not an issue when considering the acquisition of
platform.
new software.
planned OS updates have
The installed OS should be equipped with the most
been scheduled to
recent versions and updates (with sufficient history
minimize negative impacts
and stability). Because this is installed, it is not a
on company needs.
consideration at the time of considering acquisition of
OS has the latest versions
a new application.
and updates.
In reviewing the proposed application, the auditor
product is compatible with
should ensure that the products to be purchased are
the current or planned OS.
compatible with the current or planned OS.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 2/43
,2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
A company has A is the correct answer.
implemented a new client- Justification
server enterprise resource Verification of the products produced will ensure that
planning (ERP) system. the produced products match the orders in the order
Local branches transmit system.
customer orders to a Logging can be used to detect inaccuracies but does
central manufacturing not, in itself, guarantee accurate processing.
facility. Which of the Hash totals will ensure accurate order transmission,
following would BEST but not accurate processing centrally.
ensure that the orders are Production supervisory approval is a time consuming,
processed accurately, and manual process that does not guarantee proper
the corresponding control.
products are produced?
Verifying production of
customer orders
Logging all customer
orders in the ERP system
Using hash totals in the
order transmitting process
Approving (production
supervisor) orders prior to
production
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 3/43
, 2/26/25, 2:28 PM CISA Domain 3 Missed Questions: Information Systems Development and Implementation; Information Systems Implementation Fl…
Question B is the correct answer.
Once an organization has Justification
finished the business An IS auditor must review the process as it is today,
process reengineering not as it was in the past.
(BPR) of all its critical An IS auditor's task is to identify and ensure that key
operations, an IS auditor controls have been incorporated into the
would MOST likely focus reengineered process.
on a review of: Business process reengineering (BPR) project plans
pre-BPR process are a step within a BPR project.
flowcharts. These are steps within a BPR project.
post-BPR process
flowcharts.
BPR project plans.
continuous improvement
and monitoring plans.
B is the correct answer.
Justification
Contract management practices, although important,
Which of the following will
will not ensure successful development if the
BEST ensure the
specifications are incorrect.
successful offshore
When dealing with offshore operations, it is essential
development of business
that detailed specifications be created. Language
applications?
differences and a lack of interaction between
Stringent contract
developers and physically remote end users could
management practices
create gaps in communication in which assumptions
Detailed and correctly
and modifications may not be adequately
applied specifications
communicated. Inaccurate specifications cannot
Awareness of cultural and
easily be corrected.
political differences
Cultural and political differences, although important,
Post-implementation
should not affect the delivery of a good product.
review
This, although important, is too late in the process to
ensure successful project delivery and is not as
pivotal to the success of the project.
https://quizlet.com/1011077945/cisa-domain-3-missed-questions-information-systems-development-and-implementation-information-systems-implem… 4/43
