Here are the answers to the questions in Chapter 6:
When reviewing a systems development project, what would the most important objective be for an IS auditor?
Ensuring that the data security controls are adequate to protect the data.
Ensuring that the standards and regulatory commitments are met.
Ensuring that the business requirements are satisfied by the project.
Ensuring that the quality controls and development methodologies are adhered to.
The correct answer is C. The most important review objective for any assessment of systems development will be to ensure that the needs of the business are met as the result of the development. This actually incorporates the other objectives at a high level. You will not be able to satisfy the business needs without also addressing the security (A), standards and regulatory requirements (B), and quality objectives (D) as well.
When participating in an application development project, which of the following would not be appropriate activities for an IS auditor?
Testing the performance and behavior of the system controls to ensure that they are working properly
Attending design and development meetings to monitor progress and provide input on control design options
Reviewing reports of progress to management and contributing to their content based on fieldwork and opinions forms from reviewing documentation provided
Assisting in the development ...