Select the correct answer from the table below to fill the gaps in 26 to 30 Each Post Implementation Review Business & IT Alignment Management reporting system Define IT Project Universe System Development Readiness Inherent Fraud Risk Business & IT Alliance IT Solution Readiness Perform Risk Assessment Detective Fraud Risk Security Internal Control IT Solution Pack Honesty Manual Processing 26. The focus areas of Information Technology project audit include_ and Integrity Confidentiality Assurance Flat File 1 Mark Access Control 27.IT fraud risk assessment focuses on fraud schemes and scenarios to determine the presence of: and whether 28. An organization's exposure to fraud is a function of_ 29. and of those involved in the process. environment promotes a single-user view approach to data management whereby end users own their data files rather than share them with other users. 30. The stages in annual IT project audit planning include, and 31. The stages in annual IT project audit planning include and Search .ill 2:21 PM Done 2015 16 BICT Programs 2... 31. The stages in annual IT project audit planning include 19. Briefly describe five (5) benefits of Internal Audit Involvement in IT Projects 20. Describe five common database audit challenges and @ 98% 10 Marks 10 Marks 21. Briefly describe five (5) internal control issues resulting from technological development. 5 Marks 22. Describe five (5) best practices for addressing Information Technology related fraud risks in an organisation. 22. Using examples provide four (4) reasons for segregation of duties within an IT department 10 Marks 23. a. Briefly describe four (4) major objectives of Internal Control System of an organisation. b. Briefly describe five major factors that can affect effective implementation of an internal control systems 24. a. Giving examples, provide three (3) reasons why Information Technology Audit has become integral part of traditional audit in business organisations b. As a newly appointed IT auditor for a financial institution, describe four (4) techniques you adopt to understand the control environment of the organisation Marking Scheme 23. a. How can we monitor access to sensitive data and detect anomalies or policy violations in an automated way? b. How can we track the activities of privileged users, such as DBAs or sysadmins, who have direct access to databases? c. Can we have segregation of duties and store DB audit logs in a secure repository operated by IT Security and audit specialists? d. Is it possible to have one central audit repository for all database types including Oracle, MS SQL Server, DB2 and more? e. How can we achieve all of this without impacting the performance or stability of our database and application servers? 24. Five benefits of IT auditors involvement in IT projects a. Auditor are concemed with the integrity of system development processes. b. Auditors are experts in financial transactions and thus can provide critical input into the system regarding controls and integrity. c. The auditor's responsibility is to ensure that the systems employ proper processes and conventions d. The auditor's responsibility is to ensure that adequate controls are built into the system. e. Providing independent ongoing advice throughout the project 25.a f. Identifying key risks or issues early, which enables project teams to operate proactively to mitigate risks a. To safeguard assets of the organization