________________ (fill in the blank) is/are are ultimately accountable for the functionality, reliability,
and security within IT governance. Choose the BEST answer.

Run-to-run totals can verify data through which stage(s) of application processing?

Fourth-Generation Languages (4GLs) are most appropriate for designing the application’s
graphical user interface (GUI). They are inappropriate for designing any intensive data- calculation
procedures. True or false?

What often results in project scope creep when functional requirements are not defined as well as
they could be?

If an IS auditor observes that an IS department fails to use formal documented methodologies,
policies, and standards, what should the auditor do? Choose the BEST answer.

Which of the following is a program evaluation review technique that considers different scenarios
for planning and control projects?

What is a reliable technique for estimating the scope and cost of a software-development project?

When participating in a systems-development project, an IS auditor should focus on system
controls rather than ensuring that adequate and complete documentation exists for all projects.
True or false?

If an IS auditor observes that individual modules of a system perform correctly in development
project tests, the auditor should inform management of the positive results and recommend further:

Who assumes ownership of a systems-development project and the resulting system?