Exam Details
Subject | information system audit and control | |
Paper | ||
Exam / Course | mba | |
Department | ||
Organization | Gujarat Technological University | |
Position | ||
Exam Date | May, 2019 | |
City, State | gujarat, ahmedabad |
Question Paper
Page 1 of 3
Seat No.: Enrolment
GUJARAT TECHNOLOGICAL UNIVERSITY
MBA SEMESTER 4 • EXAMINATION SUMMER 2019
Subject Code: 2840401 Date: 04/05/2019
Subject Name: Information System Audit and Control
Time: 10:30 AM To 01:30 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1
Answer the following multiple choice questions:
06
1.
IT access is not controlled or regulated though password it indicates
A.
Poor security control
B.
High risk of system getting hacked
C.
High risk of the system getting breached
D.
All of the above
2.
Which is not the purpose of Risk analysis?
A.
It supports risk based audit decisions
B.
Assists the Auditor in determining Audit objectives
C.
Ensures absolute safety during the Audit
D.
Assists the Auditor in identifying risks and threats
3.
Which phase of hacking performs actual attack on a network or system?
A.
Reconnaissance
B.
Maintaining Access
C.
Scanning
D.
Gaining Access
4.
While reviewing the network management and control the IT auditor is required to
A.
Review the security and controls in non-financial systems
B.
Review the security and controls in financial system
C.
Either or depending upon scope of audit and SAI's mandate
D.
None of the above
5.
CAN is known as
A.
Campus Area Network
B.
Canteen Acre Network
C.
Campus Authorization Node
D.
None of the above
6.
A higher risk of system violation happens where
A.
The audit module is not operational
B.
The audit module has been disabled
C.
The audit module is not periodically reviewed
D.
All of the above
Q.1
Define following terms briefly:
1. Testing
2. Information System
3. Check Digit
4. QA
04
Q.1
Briefly explain the benefits of Business Process Reengineering.
04
Q.2
Explain Personal Identification Number in detail.
07
What is database integrity? Explain how to maintain database integrity.
07
OR
Describe the need for control audit of computers.
07
Page 2 of 3
Q.3
What are major information security threats and what are remedial measures?
07
Write short note on various utility software.
07
OR
Q.3
Explain Program Development Life Cycle.
07
Write down short note on: Programme Testing
07
Q.4
"Generalized audit software is less effective then specific software"- Explain this sentence and also write brief note on generalized audit software.
07
Explain digital signature in detail.
07
OR
Q.4
Write Short notes on:
1. Wide area network topologies
2. Local area network topologies
07
What is access control? Explain functions and mechanism and policies of access control.
07
Q.5
Discuss the given case study with answers of following questions.
14
Data Mining tool Pandora Radio
With more than 80 million registered users, Pandora Radio is a personalized Internet radio service that helps you find new music based on your past and current favorites (The service is also available to mobile devices- as an app for Blackberry or the iPhone).
The success of Pandora Radio's business model derives from applying data-mining tools to the Music Genome Project, which is a vast database of songs that a team of experts has broken down into their various components: melody, rhythm, vocals, lyrics, and so on. Listeners begin by entering their favorite songs, artists, or genres, creating customized "stations". Then, Pandora Radio mines its database to find songs that are similar.
Another data-mining tool that Pandora users is the like/dislike (thumbs up/thumbs down) option that accompanies each song the site suggests. These responses are also factored into which songs the Web site decided to play for the user.
Questions:
How are listeners able to create their own customized stations?
What are some variables that Pandora Radio uses to recommend a song?
OR
Q.5
Discuss the given case study with answers of following questions.
14
Cereal products BPR
The process of transforming food into cereal products begins on the farm with the harvest. This is followed by primary processing, packing and transportation to the processing plants (depending on the grain). This large company analyzed its process and discovered a serious logistical problem. It lost almost 20% of the grains harvested during transportation from
Page 3 of 3
farms to the factories, located near the biggest consumption centers, due to the precariousness of the roads. After a study, this Business Process Reengineering case came to the conclusion that it would be more profitable to move the factories nearer to the farms. Afterwards, they transport final products to large centers with much fewer losses.
Questions:
According to you, what were list of problems associated with the operations of above said company?
If you were the manager of the firm, discuss how business process reengineering can be benefited to above company? List out various options to overcome problems with implementation of BPR.
Seat No.: Enrolment
GUJARAT TECHNOLOGICAL UNIVERSITY
MBA SEMESTER 4 • EXAMINATION SUMMER 2019
Subject Code: 2840401 Date: 04/05/2019
Subject Name: Information System Audit and Control
Time: 10:30 AM To 01:30 PM Total Marks: 70
Instructions:
1. Attempt all questions.
2. Make suitable assumptions wherever necessary.
3. Figures to the right indicate full marks.
Q.1
Answer the following multiple choice questions:
06
1.
IT access is not controlled or regulated though password it indicates
A.
Poor security control
B.
High risk of system getting hacked
C.
High risk of the system getting breached
D.
All of the above
2.
Which is not the purpose of Risk analysis?
A.
It supports risk based audit decisions
B.
Assists the Auditor in determining Audit objectives
C.
Ensures absolute safety during the Audit
D.
Assists the Auditor in identifying risks and threats
3.
Which phase of hacking performs actual attack on a network or system?
A.
Reconnaissance
B.
Maintaining Access
C.
Scanning
D.
Gaining Access
4.
While reviewing the network management and control the IT auditor is required to
A.
Review the security and controls in non-financial systems
B.
Review the security and controls in financial system
C.
Either or depending upon scope of audit and SAI's mandate
D.
None of the above
5.
CAN is known as
A.
Campus Area Network
B.
Canteen Acre Network
C.
Campus Authorization Node
D.
None of the above
6.
A higher risk of system violation happens where
A.
The audit module is not operational
B.
The audit module has been disabled
C.
The audit module is not periodically reviewed
D.
All of the above
Q.1
Define following terms briefly:
1. Testing
2. Information System
3. Check Digit
4. QA
04
Q.1
Briefly explain the benefits of Business Process Reengineering.
04
Q.2
Explain Personal Identification Number in detail.
07
What is database integrity? Explain how to maintain database integrity.
07
OR
Describe the need for control audit of computers.
07
Page 2 of 3
Q.3
What are major information security threats and what are remedial measures?
07
Write short note on various utility software.
07
OR
Q.3
Explain Program Development Life Cycle.
07
Write down short note on: Programme Testing
07
Q.4
"Generalized audit software is less effective then specific software"- Explain this sentence and also write brief note on generalized audit software.
07
Explain digital signature in detail.
07
OR
Q.4
Write Short notes on:
1. Wide area network topologies
2. Local area network topologies
07
What is access control? Explain functions and mechanism and policies of access control.
07
Q.5
Discuss the given case study with answers of following questions.
14
Data Mining tool Pandora Radio
With more than 80 million registered users, Pandora Radio is a personalized Internet radio service that helps you find new music based on your past and current favorites (The service is also available to mobile devices- as an app for Blackberry or the iPhone).
The success of Pandora Radio's business model derives from applying data-mining tools to the Music Genome Project, which is a vast database of songs that a team of experts has broken down into their various components: melody, rhythm, vocals, lyrics, and so on. Listeners begin by entering their favorite songs, artists, or genres, creating customized "stations". Then, Pandora Radio mines its database to find songs that are similar.
Another data-mining tool that Pandora users is the like/dislike (thumbs up/thumbs down) option that accompanies each song the site suggests. These responses are also factored into which songs the Web site decided to play for the user.
Questions:
How are listeners able to create their own customized stations?
What are some variables that Pandora Radio uses to recommend a song?
OR
Q.5
Discuss the given case study with answers of following questions.
14
Cereal products BPR
The process of transforming food into cereal products begins on the farm with the harvest. This is followed by primary processing, packing and transportation to the processing plants (depending on the grain). This large company analyzed its process and discovered a serious logistical problem. It lost almost 20% of the grains harvested during transportation from
Page 3 of 3
farms to the factories, located near the biggest consumption centers, due to the precariousness of the roads. After a study, this Business Process Reengineering case came to the conclusion that it would be more profitable to move the factories nearer to the farms. Afterwards, they transport final products to large centers with much fewer losses.
Questions:
According to you, what were list of problems associated with the operations of above said company?
If you were the manager of the firm, discuss how business process reengineering can be benefited to above company? List out various options to overcome problems with implementation of BPR.
Subjects
- accounting for managers
- accounting for managers (afm)
- advance marketing management
- applied pharmaceutics
- b2b marketing
- banking and insurance
- banking and insurance -ii
- brand marketing
- business analytics (ba)
- business communication
- business english (be)
- business environment
- business ethics
- business ethics and corporate governance (becg)
- business law for managers
- business mathematics
- business process reengineering
- business process reengineering (bpr)
- business statistics
- business statistics (bs)
- business structure and management
- business structure and process
- change management & organization development
- change management and organizational development
- company law
- compensation management
- computer applications
- constitution of india
- consumer behavior (cb)
- consumer behaviour
- cooperative management
- corporate accounting (ca)
- corporate restructuring
- corporate tax planning
- corporate taxation (ct)
- corporate taxation and financial planning (ct & fp)
- cost & management accounting (cma)
- cost and management accounting
- counseling skills for managers
- creativity and innovation
- creativity, incubation and innovation (cii)
- cross continent business philosophy
- cyber security and it governance (csitg)
- database management
- designing of operations system (dos)
- development of human skills
- digital marketing
- e-commerce
- ecological management & business
- economics for managers (efm)
- effective communication skills
- elements of direct & indirect taxes
- elements of financial accounting
- english language
- enterprise resource planning
- entrepreneurial finance (ef)
- entrepreneurship
- environment for business
- environment management
- export – import policy, procedure documentation
- export-import policy procedures & documentation
- export-import procedures
- family business management
- financial accounting
- financial management
- financial planning
- foreign exchange management
- foreign language-french
- french (foreign language)
- fundamentals of information technology
- fundamentals of marketing (fom)
- gandhian philosophy for managing business (gpmb)
- german (foreign language)
- global human resource management (ghrm)
- healthcare and hospital management
- human resource development
- human resource management
- human resource management.
- human skills
- human values & business ethics (hvbe)
- import export procedures
- income tax (it)
- indian economy
- indian ethos & human quality development
- information system audit and control
- information systems
- information technology and global business
- integrated marketing communication
- integrated marketing communication (imc)
- intellectual property rights
- international accounting practice
- international business
- international business (ib)
- international commercial law (icl)
- international economic environment (iee)
- international economics (ie)
- international finance
- international financial management (ifm)
- international human resource management
- international human resource management (ihrm)
- international marketing
- international supply chain management
- inventory management, material planning and management
- inventory management, materials planning and management
- investment banking (ib)
- labor law
- leadership
- legal aspects business
- legal aspects of business
- legal aspects of business (lab)
- macro economics (me)
- management accounting
- management control system
- management control systems
- management information system
- management of cooperatives
- management of financial planning (mfp)
- management of financial services (mfs)
- management of industrial relation and labour law
- management of industrial relations and labour laws (mir & ll)
- management principles
- managerial communication
- managerial communication (mc)
- managerial economics
- managerial economics(me)
- managing digital innovation and transformation (mdit)
- marketing management
- marketing research (mr)
- material management
- mergers and acquisitions
- micro economics
- micro small and medium enterprise
- multicultural organizational behavior (mob)
- new entrepreneurship & innovation management
- new venture creation
- operation management
- organisational dynamics
- organizational behavior
- organizational behaviour
- performance management (pm)
- principles of management (pm)
- product & brand management (pbm)
- product and brand management
- product design and development
- production & operations management (pom)
- production and operations management
- production management
- project management
- project management for entrepreneurs
- public relation management
- quantitative analysis - ii
- quantitative analysis (qa)
- quantitative analysis-i
- relational database management system (rdbms)
- research methodology
- research methodology (rm)
- retailing - ii
- retailing and franchising (rf)
- risk management
- rural marketing
- sales & distribution management
- sales and distribution management (sdm)
- security analysis & portfolio management
- security analysis & portfolio management (sapm)
- service marketing
- services and relationship marketing (srm)
- social entrepreneurship
- social media analytics (sma)
- strategic financial management
- strategic financial management (sfm)
- strategic human resource management
- strategic information technology management
- strategic management
- supply chain & logistics management
- supply chain and logistics management
- supply chain management
- supply chain management (scm)
- system analysis and design
- system analysis and design(sa&d)
- talent management
- technology and business
- technology management
- total quality management and world class manufacturing excellence (tqmwcme)
- tourism and hospitality management (thm)
- wto multilateral trading system and it’s impact on business
- wto multilateral trading system and its impact on business(wmts-i)