Download GTU (Gujarat Technological University) MBA (Master of Business Administration) 2019 Summer 4th Sem 2840401 Information System Audit And Control Previous Question Paper
Seat No.: ______________ Enrolment No.___________________
GUJARAT TECHNOLOGICAL UNIVERSITY
MBA ? SEMESTER 4 ? EXAMINATION ? SUMMER 2019
Subject Code: 2840401 Date: 04/05/2019
Subject Name: Information System Audit and Control
Time: 10:30 AM To 01:30 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1 (a) Answer the following multiple choice questions: 06
1. IT access is not controlled or regulated though password it indicates
A. Poor security control B. High risk of system getting hacked
C. High risk of the system getting
breached
D. All of the above
2. Which is not the purpose of Risk analysis?
A. It supports risk based audit
decisions
B. Assists the Auditor in determining
Audit objectives
C. Ensures absolute safety during the
Audit
D. Assists the Auditor in identifying
risks and threats
3. Which phase of hacking performs actual attack on a network or system?
A. Reconnaissance B. Maintaining Access
C. Scanning D. Gaining Access
4. While reviewing the network management and control the IT auditor is required to
A. Review the security and controls
in non-financial systems
B. Review the security and controls in
financial system
C. Either (a) or (b) depending upon
scope of audit and SAI?s mandate
D. None of the above
5. CAN is known as ____________.
A. Campus Area Network B. Canteen Acre Network
C. Campus Authorization Node D. None of the above
6. A higher risk of system violation happens where
A. The audit module is not
operational
B. The audit module has been disabled
C. The audit module is not
periodically reviewed
D. All of the above
Q.1 (b) Define following terms briefly:
1. Testing
2. Information System
3. Check Digit
4. QA
04
Q.1 (c) Briefly explain the benefits of Business Process Reengineering. 04
Q.2 (a) Explain Personal Identification Number (PIN) in detail. 07
(b) What is database integrity? Explain how to maintain database integrity. 07
OR
(b) Describe the need for control & audit of computers. 07
FirstRanker.com - FirstRanker's Choice
Page 1 of 3
Seat No.: ______________ Enrolment No.___________________
GUJARAT TECHNOLOGICAL UNIVERSITY
MBA ? SEMESTER 4 ? EXAMINATION ? SUMMER 2019
Subject Code: 2840401 Date: 04/05/2019
Subject Name: Information System Audit and Control
Time: 10:30 AM To 01:30 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1 (a) Answer the following multiple choice questions: 06
1. IT access is not controlled or regulated though password it indicates
A. Poor security control B. High risk of system getting hacked
C. High risk of the system getting
breached
D. All of the above
2. Which is not the purpose of Risk analysis?
A. It supports risk based audit
decisions
B. Assists the Auditor in determining
Audit objectives
C. Ensures absolute safety during the
Audit
D. Assists the Auditor in identifying
risks and threats
3. Which phase of hacking performs actual attack on a network or system?
A. Reconnaissance B. Maintaining Access
C. Scanning D. Gaining Access
4. While reviewing the network management and control the IT auditor is required to
A. Review the security and controls
in non-financial systems
B. Review the security and controls in
financial system
C. Either (a) or (b) depending upon
scope of audit and SAI?s mandate
D. None of the above
5. CAN is known as ____________.
A. Campus Area Network B. Canteen Acre Network
C. Campus Authorization Node D. None of the above
6. A higher risk of system violation happens where
A. The audit module is not
operational
B. The audit module has been disabled
C. The audit module is not
periodically reviewed
D. All of the above
Q.1 (b) Define following terms briefly:
1. Testing
2. Information System
3. Check Digit
4. QA
04
Q.1 (c) Briefly explain the benefits of Business Process Reengineering. 04
Q.2 (a) Explain Personal Identification Number (PIN) in detail. 07
(b) What is database integrity? Explain how to maintain database integrity. 07
OR
(b) Describe the need for control & audit of computers. 07
Page 2 of 3
Q.3 (a) What are major information security threats and what are remedial measures? 07
(b) Write short note on various utility software. 07
OR
Q.3 (a) Explain Program Development Life Cycle. 07
(b) Write down short note on: Programme Testing 07
Q.4 (a) ?Generalized audit software is less effective then specific software?- Explain
this sentence and also write brief note on generalized audit software.
07
(b) Explain digital signature in detail. 07
OR
Q.4 (a) Write Short notes on:
1. Wide area network topologies
2. Local area network topologies
07
(b) What is access control? Explain functions and mechanism and policies of
access control.
07
Q.5 Discuss the given case study with answers of following questions. 14
Data Mining tool @ Pandora Radio
With more than 80 million registered users, Pandora Radio is a personalized
Internet radio service that helps you find new music based on your past and
current favorites (The service is also available to mobile devices- as an app for
Blackberry or the iPhone).
The success of Pandora Radio?s business model derives from applying data-
mining tools to the Music Genome Project, which is a vast database of songs
that a team of experts has broken down into their various components: melody,
rhythm, vocals, lyrics, and so on. Listeners begin by entering their favorite
songs, artists, or genres, creating customized ?stations?. Then, Pandora Radio
mines its database to find songs that are similar.
Another data-mining tool that Pandora users is the like/dislike (thumbs
up/thumbs down) option that accompanies each song the site suggests. These
responses are also factored into which songs the Web site decided to play for
the user.
Questions:
(a) How are listeners able to create their own customized stations?
(b) What are some variables that Pandora Radio uses to recommend a song?
OR
Q.5 Discuss the given case study with answers of following questions. 14
Cereal products & BPR
The process of transforming food into cereal products begins on the farm with
the harvest. This is followed by primary processing, packing and
transportation to the processing plants (depending on the grain).
This large company analyzed its process and discovered a serious logistical
problem. It lost almost 20% of the grains harvested during transportation from
FirstRanker.com - FirstRanker's Choice
Page 1 of 3
Seat No.: ______________ Enrolment No.___________________
GUJARAT TECHNOLOGICAL UNIVERSITY
MBA ? SEMESTER 4 ? EXAMINATION ? SUMMER 2019
Subject Code: 2840401 Date: 04/05/2019
Subject Name: Information System Audit and Control
Time: 10:30 AM To 01:30 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1 (a) Answer the following multiple choice questions: 06
1. IT access is not controlled or regulated though password it indicates
A. Poor security control B. High risk of system getting hacked
C. High risk of the system getting
breached
D. All of the above
2. Which is not the purpose of Risk analysis?
A. It supports risk based audit
decisions
B. Assists the Auditor in determining
Audit objectives
C. Ensures absolute safety during the
Audit
D. Assists the Auditor in identifying
risks and threats
3. Which phase of hacking performs actual attack on a network or system?
A. Reconnaissance B. Maintaining Access
C. Scanning D. Gaining Access
4. While reviewing the network management and control the IT auditor is required to
A. Review the security and controls
in non-financial systems
B. Review the security and controls in
financial system
C. Either (a) or (b) depending upon
scope of audit and SAI?s mandate
D. None of the above
5. CAN is known as ____________.
A. Campus Area Network B. Canteen Acre Network
C. Campus Authorization Node D. None of the above
6. A higher risk of system violation happens where
A. The audit module is not
operational
B. The audit module has been disabled
C. The audit module is not
periodically reviewed
D. All of the above
Q.1 (b) Define following terms briefly:
1. Testing
2. Information System
3. Check Digit
4. QA
04
Q.1 (c) Briefly explain the benefits of Business Process Reengineering. 04
Q.2 (a) Explain Personal Identification Number (PIN) in detail. 07
(b) What is database integrity? Explain how to maintain database integrity. 07
OR
(b) Describe the need for control & audit of computers. 07
Page 2 of 3
Q.3 (a) What are major information security threats and what are remedial measures? 07
(b) Write short note on various utility software. 07
OR
Q.3 (a) Explain Program Development Life Cycle. 07
(b) Write down short note on: Programme Testing 07
Q.4 (a) ?Generalized audit software is less effective then specific software?- Explain
this sentence and also write brief note on generalized audit software.
07
(b) Explain digital signature in detail. 07
OR
Q.4 (a) Write Short notes on:
1. Wide area network topologies
2. Local area network topologies
07
(b) What is access control? Explain functions and mechanism and policies of
access control.
07
Q.5 Discuss the given case study with answers of following questions. 14
Data Mining tool @ Pandora Radio
With more than 80 million registered users, Pandora Radio is a personalized
Internet radio service that helps you find new music based on your past and
current favorites (The service is also available to mobile devices- as an app for
Blackberry or the iPhone).
The success of Pandora Radio?s business model derives from applying data-
mining tools to the Music Genome Project, which is a vast database of songs
that a team of experts has broken down into their various components: melody,
rhythm, vocals, lyrics, and so on. Listeners begin by entering their favorite
songs, artists, or genres, creating customized ?stations?. Then, Pandora Radio
mines its database to find songs that are similar.
Another data-mining tool that Pandora users is the like/dislike (thumbs
up/thumbs down) option that accompanies each song the site suggests. These
responses are also factored into which songs the Web site decided to play for
the user.
Questions:
(a) How are listeners able to create their own customized stations?
(b) What are some variables that Pandora Radio uses to recommend a song?
OR
Q.5 Discuss the given case study with answers of following questions. 14
Cereal products & BPR
The process of transforming food into cereal products begins on the farm with
the harvest. This is followed by primary processing, packing and
transportation to the processing plants (depending on the grain).
This large company analyzed its process and discovered a serious logistical
problem. It lost almost 20% of the grains harvested during transportation from
Page 3 of 3
farms to the factories, located near the biggest consumption centers, due to the
precariousness of the roads.
After a study, this Business Process Reengineering case came to the
conclusion that it would be more profitable to move the factories nearer to the
farms. Afterwards, they transport final products to large centers with much
fewer losses.
Questions:
(a) According to you, what were list of problems associated with the
operations of above said company?
(b) If you were the manager of the firm, discuss how business process
reengineering can be benefited to above company? List out various
options to overcome problems with implementation of BPR.
*************
FirstRanker.com - FirstRanker's Choice
This post was last modified on 19 February 2020