Area: 2 79. Various standards have emerged to assist IS organizations in achieving an operational environment that is predictable, measurable and repeatable. The standard that provides the definition of the characteristics and the associated quality evaluation process to be used when specifying the requirements for and evaluatingthe quality of software products throughout their life cycle is: A. ISO 9001.B. ISO 9002.C. ISO 9126.D. ISO 9003. The correct answer is: C. ISO 9126. Explanation: ISO 9126 focuses on the end result of good software processes, i.e., the quality of the actual software product. ISO 9001 contains guidelines about design, development, production, installation or servicing. ISO 9002 contains guidelines about production, installation or servicing, and ISO 9003 contains guidelines for final inspection and testing. Area: 2 80. The general ledger setup function in an enterprise resource package (ERP) allows for setting accounting periods. Access to this function has been permitted to users in finance, the warehouse and order entry. The MOST likely reason for such broad access is the: The correct answer is: C. lack of policies and procedures for the proper segregation of duties.
Explanation: Setting of accounting periods is one of the critical activities of the finance function. Granting access to this function to the personnel in the warehouse and order entry could be because of a lack of proper policies and procedures for the adequate segregation of duties. Accounting periods should not be changed at regular intervals, but established permanently. The requirement to post entries for a closed accounting period is a risk. If necessary this should be done by someone in the finance or accounting area. The need to create/modify the chart of accounts and its allocations is the responsibility of the finance department and is not a function that should be performed by warehouse or order entry personnel. Area: 2 81. Which of the following procedures would MOST effectively detect the loading of illegal software packages onto a network? The correct answer is: B. Periodic checking of hard drives Explanation: The periodic checking of hard drives would be the most effective method of identifying illegal software packages loaded to the network. Antivirus software will not necessarily identify illegal software unless the software contains a virus. Diskless workstations act as a preventative control and are not effective since users could still download software from other than diskless workstations. Policies lay out the rules about loading the software, but will not detect the actual occurrence.
- Summer '17