CA. GOPAL KRISHNA RAJU FCA, ACMA, ACS, PGDOR, PGDFM, DISA, M.Phil: ISCA - Chapter 3 : Control Objectives: Scan of Past Exam Questions with reference to Study Material: CA Final - Group II - Paper 6

Sunday, January 30, 2011

ISCA - Chapter 3 : Control Objectives: Scan of Past Exam Questions with reference to Study Material: CA Final - Group II - Paper 6

CHAPTER
3

CONTROL
OBJECTIVES

Scan
of Past Exam Questions:

*Year*	*Marks*	*Questions*	Answers in ICAI-ISCA Study Material Page No:
N 08	10	3(a) What do you understand by classification of information? Explain different classifications of information	3.68
	5	3(c) Briefly explain the formal change management policies, and procedures to have control over system and program changes	3.45 – 3.48
	5	7(b) Key elements in System Development and Acquisition Control	3.38
J 09	5	2(b) “While reviewing a client’s control system, an information system auditor will identify three components of internal control.” State and briefly explain these three components.	3.23
	10	3(a) A company is engaged in the stores taking data activities. Whenever, input data error occurs, the entire stock data is to be reprocessed at a cost of Rs. 50,000. The management has decided to introduce a data validation step that would reduce errors from 12% to 0.5% at a cost of Rs. 2,000 per stock taking period. The time taken for validation causes an additional cost of Rs. 200. (i) Evaluate the percentage of cost benefit effectiveness of the decision taken by the management and (ii) suggest preventive control measures to avoid errors for improvement.	3.17
	5	3(b) What are the issues that should be considered by a system auditor at post implementation review stage before preparing the audit report?	3.66, 3.67
	5	7(c) Firewall	3.76
N 09	5	3(c) Explain the term “Cryptosystems”. Briefly discuss Data Encryption Standard.	3.73
	5	4(c) Discuss the three processes of Access Control Mechanism, when a user requests for resources?	3.106, 3.107
	5	5(c) Discuss anti-virus software and its types?	3.87
J 10	10	2(c) The management of ABC Limited wants to design a detective control mechanism for achieving security policy objective in a computerized environment. As an auditor explain, how audit trails can be used to support security objectives.	3.30
J 10	5	3(c) Explain the role of IS auditor in evaluating logical access controls	3.100

No comments:

Subscribe to: Post Comments (Atom)