Question 1

Which of the following IT elements addresses the work that is done to develop or acquire new applications?

Accepted Answer

A)  IT strategic planning, risk assessment, project management. 
B)  Information architecture, access to data, data administration. 
C)  IT strategic planning, competitive advantage, increased costs. 
D)  Risk assessment, new opportunities, IT strategic planning. 
E)  Competitive advantage, risk assessment, project management. 
A)  IT strategic planning, risk assessment, project management. 
B)  Information architecture, access to data, data administration. 
C)  IT strategic planning, competitive advantage, increased costs. 
D)  Risk assessment, new opportunities, IT strategic planning. 
E)  Competitive advantage, risk assessment, project management. A

Question 2

List and describe the basic requirements of the Sarbanes-Oxley Act.

Accepted Answer

The CEO and CFO personally certify internal financial controls.
External auditors independently attest to the effectiveness of internal financial controls.
Financial controls designed to achieve control objectives using established criteria.
Financial control objectives and related controls are appropriately documented.
An annual evaluation of internal controls and procedures for financial reporting.

Question 3

List and describe the (3) IT elements that run existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.

Accepted Answer

Operations and infrastructure support. Operations staff need training in their regulatory responsibilities just as much as other IT staff. Often companies need to look more closely at how they identify and allocate costs in this area, what metrics are collected and reported, how third-party services are managed, and how problems and incidents are addressed at the root cause.
Help desk. Help desks are the front line of business support. As such, they are
often the first to identify problems and risks with systems, operations, and information. At one company, help desk staff must take twenty modules of training about the regulations applying to their work and how they are expected to respond to a wide variety of circumstances. Help desk training and documentation for each new system is also an essential control process and should be considered part of every new initiative.
Change management. Controlling how enhancements are made and implemented to existing systems has become extremely important to prevent major system disruptions. Processes to ensure the proper testing and validation of
changes and integration with other operational systems create much extra work
but can also save significant headaches. Segregation of duties is especially important to ensure that all control procedures have been properly followed.

Question 4

What is a framework? Name and describe the control framework used to comply with SOX requirements.

Accepted Answer

Frameworks provide areas of focus for fi

Question 5

Companies doing business with the European Union are not required to respect strict EU privacy standards since their systems operate in the United States.

Accepted Answer

A) True 
 B)False

Question 6

List and describe the (3) elements of daily IT operations that ensure ongoing operations. Indicate whether or not any of these areas are impacted by regulatory changes.

Accepted Answer

Operations and infrastructure support. O

Question 7

New standards for internal controls have significant implications on how IT is managed and IT costs and productivity.

Accepted Answer

A) True 
 B)False

Question 8

Transporting sensitive personal information across organizational and national boundaries could:

Accepted Answer

A)  produce inaccurate or invalid information that could mislead auditors. 
B)  produce inaccurate or invalid information that could tax officials and inspectors. 
C)  create a sense if distrust among the public. 
D)  create a sense of distrust among investors. 
E)  All of the above 
A)  produce inaccurate or invalid information that could mislead auditors. 
B)  produce inaccurate or invalid information that could tax officials and inspectors. 
C)  create a sense if distrust among the public. 
D)  create a sense of distrust among investors. 
E)  All of the above

Question 9

The Sarbanes-Oxley Act strongly recommends that companies follow a framework for internal controls known as:

Accepted Answer

A)  Committee of Sponsoring Organizations of the Treadway Commission 
B)  Control Objectives for Information and related Technology 
C)  Information Technology Control Guidelines 
D)  National Institute of Standards and Technology 
A)  Committee of Sponsoring Organizations of the Treadway Commission 
B)  Control Objectives for Information and related Technology 
C)  Information Technology Control Guidelines 
D)  National Institute of Standards and Technology

Question 10

Surveys show that most firms have underestimated the costs of SOX compliance.

Accepted Answer

A) True 
 B)False

Question 11

Compliance with the many new regulations imposed on organizations has led to significant IT costs.

Accepted Answer

A) True 
 B)False

Question 12

In the past, most organizations designed their record-keeping systems as they wished with no real regard of regulatory issues.

Accepted Answer

A) True 
 B)False

Question 13

As regulations become more numerous and complex, organizations are finding that only IT-based controls are effective in ensuring compliance.

Accepted Answer

A) True 
 B)False

Question 14

Why are new and increasingly complex privacy controls and security legislation such a challenge for IT?

Accepted Answer

In the past, systems were developed afte

Question 15

List and describe the two areas of IT most impacted by SOX legislation.

Accepted Answer

Costs and challenges. Compliance involve

Question 16

Since organizations are more dependent on automated information and processes, their IT infrastructures are also more vulnerable to security threats.

Accepted Answer

A) True 
 B)False

Question 17

Which of the following areas is one of the most important areas of control?

Accepted Answer

A)  Testing and validation 
B)  Documentation management 
C)  Quality assurance 
D)  Information architecture and data administration 
A)  Testing and validation 
B)  Documentation management 
C)  Quality assurance 
D)  Information architecture and data administration

Question 18

Which of the following IT elements ensure that all work done in IT is properly completed, meets all control standards, and can be demonstrated to do so with reasonable assurance?

Accepted Answer

A)  IT strategic planning, risk assessment, project management. 
B)  Information architecture, access to data, data administration. 
C)  Testing and validation, documentation management, and quality assurance. 
D)  Risk assessment, new opportunities, IT strategic planning. 
E)  Competitive advantage, risk assessment, project management. 
A)  IT strategic planning, risk assessment, project management. 
B)  Information architecture, access to data, data administration. 
C)  Testing and validation, documentation management, and quality assurance. 
D)  Risk assessment, new opportunities, IT strategic planning. 
E)  Competitive advantage, risk assessment, project management.

Question 19

Prior to 2002, IT has been heavily affected by regulatory matters.

Accepted Answer

A) True 
 B)False

Question 20

The Security and Exchange Act mandates an annual evaluation of internal controls and procedures for financial reporting.

Accepted Answer

A) True 
 B)False

Which of the following IT elements addresses the work that is done to develop or acquire new applications?

List and describe the basic requirements of the Sarbanes-Oxley Act.

List and describe the (3) IT elements that run existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.

What is a framework? Name and describe the control framework used to comply with SOX requirements.

Companies doing business with the European Union are not required to respect strict EU privacy standards since their systems operate in the United States.

List and describe the (3) elements of daily IT operations that ensure ongoing operations. Indicate whether or not any of these areas are impacted by regulatory changes.

New standards for internal controls have significant implications on how IT is managed and IT costs and productivity.

Transporting sensitive personal information across organizational and national boundaries could:

The Sarbanes-Oxley Act strongly recommends that companies follow a framework for internal controls known as:

Surveys show that most firms have underestimated the costs of SOX compliance.

Compliance with the many new regulations imposed on organizations has led to significant IT costs.

In the past, most organizations designed their record-keeping systems as they wished with no real regard of regulatory issues.

As regulations become more numerous and complex, organizations are finding that only IT-based controls are effective in ensuring compliance.

Why are new and increasingly complex privacy controls and security legislation such a challenge for IT?

List and describe the two areas of IT most impacted by SOX legislation.

Since organizations are more dependent on automated information and processes, their IT infrastructures are also more vulnerable to security threats.

Which of the following areas is one of the most important areas of control?

Which of the following IT elements ensure that all work done in IT is properly completed, meets all control standards, and can be demonstrated to do so with reasonable assurance?

Prior to 2002, IT has been heavily affected by regulatory matters.

The Security and Exchange Act mandates an annual evaluation of internal controls and procedures for financial reporting.

Developing and Delivering on the IT Value Proposition

Developing IT Strategy for Business Value

Linking It to Business Metrics

Managing Perceptions of IT

Creating and Evolving a Technology Roadmap

The IT Budgeting Process

Information Management: the Nexus of Business and IT

IT in 2010

Strategic Experimentation With IT

Enhancing the Customer Experience With Technology

Information Delivery: ITS Evolving Role

Digital Dashboards

Managing Electronic Communications

Developing It Capabilities

It Sourcing

Delivering IT Functions: a Decision Framework

Building Better It Leaders From the Bottom up

Developing It Professionalism

Filters

Exam 5: IT in the New World of Corporate Governance Reforms

Which of the following IT elements addresses the work that is done to develop or acquire new applications?

List and describe the basic requirements of the Sarbanes-Oxley Act.

List and describe the (3) IT elements that run existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.

What is a framework? Name and describe the control framework used to comply with SOX requirements.

Companies doing business with the European Union are not required to respect strict EU privacy standards since their systems operate in the United States.

List and describe the (3) elements of daily IT operations that ensure ongoing operations. Indicate whether or not any of these areas are impacted by regulatory changes.

New standards for internal controls have significant implications on how IT is managed and IT costs and productivity.

Transporting sensitive personal information across organizational and national boundaries could:

The Sarbanes-Oxley Act strongly recommends that companies follow a framework for internal controls known as:

Surveys show that most firms have underestimated the costs of SOX compliance.

Compliance with the many new regulations imposed on organizations has led to significant IT costs.

In the past, most organizations designed their record-keeping systems as they wished with no real regard of regulatory issues.

As regulations become more numerous and complex, organizations are finding that only IT-based controls are effective in ensuring compliance.

Why are new and increasingly complex privacy controls and security legislation such a challenge for IT?

List and describe the two areas of IT most impacted by SOX legislation.

Since organizations are more dependent on automated information and processes, their IT infrastructures are also more vulnerable to security threats.

Which of the following areas is one of the most important areas of control?

Which of the following IT elements ensure that all work done in IT is properly completed, meets all control standards, and can be demonstrated to do so with reasonable assurance?

Prior to 2002, IT has been heavily affected by regulatory matters.

The Security and Exchange Act mandates an annual evaluation of internal controls and procedures for financial reporting.

Developing and Delivering on the IT Value Proposition

Developing IT Strategy for Business Value

Linking It to Business Metrics

Managing Perceptions of IT

Creating and Evolving a Technology Roadmap

The IT Budgeting Process

Information Management: the Nexus of Business and IT

IT in 2010

Strategic Experimentation With IT

Enhancing the Customer Experience With Technology

Information Delivery: ITS Evolving Role

Digital Dashboards

Managing Electronic Communications

Developing It Capabilities

It Sourcing

Delivering IT Functions: a Decision Framework

Building Better It Leaders From the Bottom up

Developing It Professionalism

Filters