This Paper has 20 answerable questions with 0 answered.
| Roll No…………… | |
| Total No. of Questions — 7] | [Total No. of Printed Pages — 2 |
| Time Allowed : 3 Hours | Maximum Marks : 100 |
| Answers to questions are to be given only in English except in the cases of candidates who have opted for Hindi medium. If a candidate who has not opted for Hindi medium, answers in Hindi, his answers in Hindi will not be valued. |
| Question No. 1 is compulsory. |
| Answer any four questions from the remaining six questions. |
| Marks |
| 1. | (a) | Discuss various issues that are of primary concern for an auditor involved in Information System Audit. | 8 | (0) |
| | (b) | Describe the composition and powers of Cyber Regulatory Appellate Tribunal. | 4 | (0) |
| | (c) | Recently you have received a report from your bank client that money from one account has been unauthorisedly transferred to another account by stealing the login information of a client through Internet. How will you stop the recurrence of such events? | 8 | (0) |
| 2. | (a) | What is Payroll accounting? Describe in brief the inputs and master file, output and system flow diagram required for it. | 10 | (0) |
| | (b) | State main objectives of system development tools. Briefly describe the major categories of documentation tools that are used for system development with any one simple illustrative example for each. | 10 | (0) |
| 3. | (a) | What is Financial decision making? Which Financial decisions are made with the help of Financial information system? | 10 | (0) |
| | (b) | Discuss the functions and facilities provided by Treasury Cash Management module of an ERP package. | 5 | (0) |
| | (c) | Discuss the main provisions provided in Information Technology Act, 2000 to facilitate Egovernance. | 5 | (0) |
| 4. | (a) | Discuss in brief salient features of consideration while selecting a computer system. Also suggest contents in a point scoring table for evaluation of a ready to use software. | 10 | (0) |
| | (b) | What control techniques can be utilized for increasing security in a client–server model? | 5 | (0) |
| | (c) | What are the characteristics of good coding scheme for data input? | 5 | (0) |
|
| 5. | (a) | What is Executive Information System (EIS)? How does EIS differ from Traditional Information Systems? | 5 | (0) |
| | (b) | Define and differentiate between ‘Scheduled maintenance’ and ‘Rescue maintenance’ along with their respective benefits. | 5 | (0) |
| | (c) | XYZ company engaged in manufacturing and installing power plant equipments has installed a new MIS and you have been requested to evaluate its effectiveness. On what parameters would you evaluate the MIS system? | 10 | (0) |
| 6. | (a) | What is ‘Disaster Recovery Plan’? Discuss its various components. | 10 | (0) |
| | (b) | Persian Paints is a small but highly regarded paint manufacturing company. The company has a network in place linking many of its business operations. Though the firm believes that its security is adequate, the recent addition of a Web site has become an open invitation to hackers. Management requested a risk assessment. The risk assessment identified a number of potential exposures. These exposures, their associated probabilities and average losses are summarized in the following table: | Persian Paints Risk Assessment | | Exposure | Probability of
Occurrence (%) | Annual Average
Loss (Rs.) | 1.
2.
3.
4.
5.
6.
7. | Virus attack
Data Loss
Embezzlement
User Errors
Threats from Hackers
Improper use by Employees
Power Failure | 60
12
3
95
95
5
15 | 75,000
70,000
30,000
25,000
90,000
5,000
3,00,000 |
Using the above risk assessment data, calculate the expected annual loss for each exposure. Which control points have the greatest vulnerability and Least vulnerability? Prepare a written report that summarises your findings and recommendations. | 10 | (0) |
| 7. | Write short notes on the following: | 4x5=20 | |
| | (a) | Encryption techniques. | | (0) |
| | (b) | Testing work benches. | | (0) |
| | (c) | Audit trail controls in Computer Based Information System (CBIS). | | (0) |
| | (d) | Expert systems. | | (0) |
