Tuesday, October 27, 2015

CA FINAL - ISCA Important for November 2015 Attempt

Chapter 1:
  1. What is IT Steering Committee? What are its key functions? (6 Marks)
  2. State some of the best practices of corporate governance. (6 Marks)
  3. What are the common strategies to manage risks / Risk Management Strategies (6 Marks)
  4. What are the key practices to determine the status of IT Governance? (6 Marks)
  5. What is GEIT? What are its benefits? (6 Marks)
  6. Short Note: Components in COBIT (4 Marks)
  7. What goal & metrics can be used to measure specific success of a GRC program? (4 Marks)
  8. What are the key management practices, which need to be implemented for evaluating ‘whether business value is derived from IT’? (4 Marks)
  9. Explain in brief the two dimensions of Governance? Explain (4 Marks)
  10. What are the key Governance practices for Risk management in COBIT 5? (5 Marks)
  11. What are the sample areas of GRC for Review by Internal Auditors listed by the IIA? (5 Marks)
  12. What are the key management practices per COBIT 5 for ensuring compliance with external compliances as relevant to the enterprise? (4 Marks)
Chapter 2:
  1. What is MIS? Describe any six characteristics of an effective MIS (6 Marks)
  2. Briefly discuss components of DSS. How is database implemented at three different levels? (6 Marks)
  3. In what ways does an Executive Information System differ from the Traditional Information System? (5 Marks)
  4. What is EIS? Briefly describe the characteristics of the types of information used in Executive Decision making. (6 Marks)
  5. Short Note: Knowledge Management Systems (4 Marks)
  6. Short Note: Data Mining (4 Marks)
  7. What are the limitations of MIS? (5 Marks)
  8. What are the different misconceptions or myths about MIS (4 Marks)
  9. Explain any four features of electronic mail (4 Marks)
  10. Short Note: Business Intelligence (4 Marks)
  11. What are ERP systems? What are its components? (6 Marks)
Chapter 3:
  1. The use of computer affects the implementation of internal control components in several ways. Explain. (4 Marks)
  2. Discuss various Data Integrity Controls (6 Marks)
  3. Discuss various types of IS policies and their hierarchies. (5 Marks)
  4. What do you understand by classification of information? Explain different classification of information (6 Marks)
  5. Explain various Processing control techniques (6 Marks)
  6. State various types of Management Subsystem and briefly describe those (6 Marks)
  7. What are the various techniques to Commit Cyber Frauds (6 Marks)
  8. State various types of Application Subsystem and briefly describe those (6 Marks)
  9. Explain briefly the two categories of controls classified on the basis of “Audit Functions” (4 Marks)
  10. Explain with examples various Organizational control techniques (6 Marks)
  11. Discuss the three processes of Access Control Mechanism when a user requests for resources. (5 Marks)
  12. Short Note: Asynchronous attacks (4 Marks)
  13. Short Note: Information Security Policy (4 Marks)
  14. What are the different mechanisms that can be used to control risks / exposures in communication sub-system including intranet / internet? (6 Marks)
  15. What are the various backup strategies that can be used under Backup controls (4 Marks)
Chapter 4:
  1. What is Business Continuity Planning? What are the three areas covered under Business continuity (6 marks)
  2. What are the objectives of performing BCP tests (4 Marks)
  3. Short Note: Business Continuity Management (4 Marks)
  4. What are the various components of a Disaster Recovery Plan? (6 Marks)
  5. What are the various types of Backups? (6 Marks)
  6. What are the task undertaken in the Vulnerability Assessment and definition of Requirement phase of BCP? (4 Marks)
  7. What are the major activities that should be carried out in implementing Business Continuity plan in the enterprise (4 Marks)
  8. Discuss the objectives and goals of Business Continuity planning. (5 Marks)
  9. How an auditor will determine whether the Disaster recovery plan was developed using a sound and robust methodology (6 Marks)
Chapter 5:
  1. From the perspective of IS audit, what are the advantages of system development life cycle? (4 Marks)
  2. Write short note: Data Dictionary (4 Marks)
  3. Write short note: Pseudo code (4 Marks)
  4. Discuss the different dimensions from which the feasibility study of the system is to be conducted. (6 marks)
  5. What are the characteristics of a good program code? (5 Marks)
  6. Distinguish between Black box testing / Whit Box testing / Grey Box testing (4 Marks)
  7. Explain the different conversion / changeover strategies used for conversion from a manual to a computerized system. (5 Marks)
  8. Discuss Basic Principles / Advantages / Disadvantages of Incremental approach to Systems Development (6 Marks)
  9. Short Note: System Development Team (5 Marks)
  10. Role of Domain Specialist in Systems Development (2 Marks)
  11. What are the major methods of validating vendors’ proposal (6 Marks)
  12. Discuss various stages through which an in-house creation of programs has to pass (6 marks)
  13. Describe various categories of maintenance (6 Marks)
  14. Discuss Basic Principles / Advantages / Disadvantages of Rapid Application Development (6 Marks)
Chapter 6:
  1. Short Note: Audit Trails (4 Marks)
  2. Define IS Audit and what are its objectives? (5 Marks)
  3. Discuss various accounting audit trails and operations audit trails of Communication controls (6 Marks)
  4. Discuss various accounting audit trails and operations audit trails of Input controls (6 Marks)
  5. Short Note: ITF / Snapshots / SCARF concurrent audit technique (4 Marks)
  6. Discuss various accounting audit trails and operations audit trails of Boundary controls (6 Marks)
  7. Discuss the three layers of application security and related Audit Issues (6 Marks)
  8. What are the risks relating to IT systems and processes reviewed by the IT auditors? (6 Marks)
Chapter 7:
  1. Define: (i) Affixing digital signature (ii) Asymmetric crypto system (iii) Computer resource (iv) Private and Public keys (v) Secure system (vi) Computer Networks (2 marks each)
  2. What are the conditions subject to which electronic record may be authenticated by means of affixing digital signature? (5 Marks)
  3. Short Note: Authentication of Electronic records using Electronic Signature
  4. Explain the provision related to protection of personal data under ITAA, 2008 (4 Marks)
  5. Discuss the changes in ISO/IEC 27001:2013 from the 2005 standard (4 Marks)
  6. “The jurisdiction of ITAA 2008 extends beyond the political boundaries of India” Explain this with reference to specific provisions of the Act (4 Marks)
  7. Explain the provisions related to unauthorized access to protected systems as envisaged in the ITAA, 2008 (4 Marks)
  8. Discuss the provisions related to punishment for publishing or transmitting "obscene material" in e-form (5 Marks)
  9. What are the various sample areas that need to be reviewed by IS Audit assignment as per the requirement of RBI for Systems controls and Audit? (6 Marks)
  10. Short Note: Any one Book of ITIL (4 Marks)
Chapter 8:
  1. What is cloud computing? What are its characteristics? (6 Marks)
  2. Short Note: Any one Cloud computing Models? (4 Marks)
  3. What are various cloud computing environments? (4 Marks)
  4. Explain cloud computing architecture and its components. (5 Marks)
  5. Advantages / Disadvantages of Cloud computing (5 Marks)
  6. What do you mean by BYOD? What are the various BYOD Threats (6 Marks)
  7. What is Web 2? What are its components? (6 Marks)
Contact for more details: saurabh7381@gmail.com | 98292-03200


Post a Comment

Copyright © 2015 Accounting & Taxation All Right Reserved
Subscribe by Email Get Free Updates
Don't Forget To Join US Our Community