Beruflich Dokumente
Kultur Dokumente
1. MNO is an Open University that decides to launch a web based knowledge portal to facilitate its
students of distance education for different courses. It proposes to provide various resources
easily on anytime and anywhere basis by uploading its course materials, e-lectures and e-
reference books on the website. As a part of this, the management of the university invites
various technical experts who can propose a capable and efficient solution as per the
requirements and guidelines of the university. Also, the University decides to encourage people to
collaborate and share information online through social networks.
(a) The company appoints an Accountant for his active involvement during the development
work of the proposed system. Discuss some of the aspects on which an accountant can play
a vital role during proposed systems development. (5 Marks)
(b) The proposed system is expected to ease the day-to-day operations and increases the
quality of the products. However, at the same time the new system becomes v ulnerable for
many cyber-attacks. Discuss the major possible cyber-attacks that can occur against the
new proposed system. (5 Marks)
(c) What are the provisions given in Information Technology (Amendment) Act, 2008 for the
retention of documents etc. in electronic form? (5 Marks)
(d) Discuss major areas where Computer - based applications be implemented. (5 Marks)
2. (a) Discuss the characteristics of an effective Management Information System (MIS). (6 Marks)
(b) Briefly discuss about Platform as a Service model in Cloud Computing. (6 Marks)
(c) Discuss Feasibility Study and its dimensions in SDLC. (4 Marks)
3. (a) List out the key components of a good security policy. (6 Marks)
(b) Discuss the various categories of the test that a programmer performs on a program unit.
(6 Marks)
(c) Discuss the working of Mobile Computing. (4 Marks)
4. (a) What do you understand by the term Computer Crime Exposures. (6 Marks)
(b) Discuss Auditors Selection Norms as per SEBI. (6 Marks)
(c) What are Compensatory Controls? (4 Marks)
5. (a) Discuss the seven enablers of COBIT 5. (6 Marks)
(b) Discuss characteristics of Decision Support System (DSS). (6 Marks)
(c) Differentiate between Inherent Risk and Control Risk. (4 Marks)
6. (a) Discuss objectives and goals of Business Continuity Planning? (6 Marks)
(b) Discuss the strengths of Prototyping Model. (6 Marks)
(c) Discuss the benefits of Enterprise Resource Planning (ERP). (4 Marks)
1. (a) An accountant can help in various related aspects during system development; some of
them are as follows:
(i) Return on Investment (ROI): This defines the return an entity shall earn on a
investment i.e. capital expenditure. This financial data is a prime consideration for any
capital expenditure entity decides to incur. The important data required for this anal ysis
being the cost of project, the expected revenue/benefit for a given period. The analysis
ideally needs to be done before the start of the development efforts for better decision
making by management. This includes estimates for typical costs of a computer based
information system like Development Costs that include costs of the system
development process, like salaries of developers; Operating Costs including
hardware/software rental or depreciation charges, salaries of computer operators and
other data processing personnel, who will operate the new system; and Intangible Cost
that cannot be easily measured.
(ii) Computing Cost of IT Implementation and Cost Benefit Analysis: For analysis of
ROI, accountants need the costs and returns from the system development efforts. For
correct generation of data, proper accounting needs to be done. Accountants shall be
the person to whom management shall look for the purpose.
(iii) Skills expected from an Accountant: An accountant, being an expert in accounting
field must possess skills to understand the system development efforts and nuances of
the same. S/he is expected to have various key skills, including understanding of the
business objectives, expert book keeper, and understanding of system development
efforts etc.
(b) The major possible Cyber-attacks are as follows:
Phishing: It is the act of attempting to acquire information such as usernames,
passwords, and credit card details by masquerading as a trustworthy entity in an
electronic communication. Communications purporting to be from popular social web
sites, auction sites, online payment processors or IT administrators are commonly used
to lure the unsuspecting public.
Network Scanning: It is a process to identify active hosts of a system, for purpose of
getting information about IP addresses etc.
Virus/Malicious Code: As per Section 43 of the Information Technology Act, 2000,
"Computer Virus" means any computer instruction, information, data or program that
destroys, damages, degrades or adversely affects the performance of a computer
resource or attaches itself to another computer resource and operates when a program,
data or instruction is executed or some other event takes place in that computer
resource;
Spam: E-mailing the same message to everyone on one or more Usenet News Group
or LISTSERV lists is termed as Spam.
10
11