Get premium membership and access revision papers, questions with answers as well as video lessons.

Information Systems Audit Question Paper

Information Systems Audit 

Course:Bachelor Of Science In Information Technology

Institution: Kca University question papers

Exam Year:2010



UNIVERSITY EXAMINATIONS: 2010/2011
THIRD YEAR STAGE EXAMINATION FOR THE DEGREE OF BACHELOR
OF SCIENCE IN INFORMATION TECHNOLOGY
BIT 3201: INFORMATION SYSTEMS AUDIT
DATE: DECEMBER 2010 TIME: 2 HOURS
INSTRUCTIONS: Answer question ONE and any other TWO questions
QUESTION ONE (COMPULSORY)
a) What are some of the characteristics of an information system auditor? [2 marks]
b) Describe what you understand by data forensics in system auditing [4 marks]
c) The framework for the ISACA IS Auditing Standards provides for multiple levels which are:
Standards, Guidelines and Procedures. Describe any three common standards and give done
example of each. [6 marks]
d) Overview of the Risk-based Approach Consists of several steps. Describe them with regard to the
server. [5 marks]
e) What is ‘Audit charter’ in relationship to system auditing? [3 marks]
f) Audit planning consists of both short- and long-term planning.
(i) Describe each type mentioned above [2 marks]
(ii) There are four major factors that affect planning. Describe them. [8 marks]
QUESTION TWO
(a) Controls are generally categorized into three major classifications: Preventive, Detective and
Corrective. Discuss each in relation to information systems environment and give relevant
example. [6 marks]
2
(b) (i) What do you understand by Biometric Controls? [2 marks]
(ii) Discuss four (4) major advantages of biometric controls over others. [8 marks]
(c) Identify any four benefits of an organization having an information auditor. [4 Marks]
QUESTION THREE
a) Figure 3-1 below shows contingency planning hierarchies.
Describe and give an example of each:
i. Contingency planning [2 marks]
ii. Incident response [2 marks]
iii. Disaster recovery [2 marks]
iv. Business continuity [2 marks]
b) (i) Discuss the role of ERP in an enterprise. [2 marks]
(ii) What are the four major drawbacks that hinder implementation of ERP in organizations?
[4 marks]
c) An Information system auditor encounters several computer forensic scenarios in the course of his
work. Discus two common scenarios in the field [2 marks]
d) Differentiate between hot-site and cold-side [4 Marks]
3
QUESTION FOUR
a) Describe any others professional bodies apart from ISACA giving their relevance to systems
auditing. [6 Marks]
b) Differentiate between the following set of terms in reference to systems auditing:
(i) Continuous auditing and continuous monitoring [2 marks]
(ii) Risk analysis and Risk Management [2 marks]
c) Describe three guidelines that assist system auditors detect and deter fraud occurrences in an
organization [6 Marks]
d) Discuss when and how an information system firm should retain a data forensic expert. [4 Marks]
QUESTION FIVE
a) Briefly state three characteristics of a data forensic expert. [3 Marks]
b) There are numerous factors that a system auditor ought to put into consideration when undertaking
their duties. Discuss any three. [3 Marks]
c) Discuss five steps a data forensics firm goes through while reviewing a case [5 Marks]
d) Discuss three functions of CAATs that are well designed for computer systems to make the
systems auditors job easier. [9 Marks]




More Question Papers

Enhance your teaching with our comprehensive Schemes of Work and Notes!

Popular Exams

Return to Question Papers    

© 2008-2024 by KenyaPlex.com. All Rights Reserved | Home | About Us | Contact Us | Copyright | Terms Of Use | Privacy Policy | Advertise