Question Paper - May 19


1.(a) Corporate governance is the framework of rules and practices, by which a board of directors ensures accountability, fairness and transparency in a company’s relationship with all its stakeholders. List out the rules and procedures that constitute corporate governance framework.  (3 marks)



Answer: The corporate governance framework consists of:

  • explicit and implicit contracts between the company and the stakeholders for distribution of responsibilities, rights, and rewards. 
  • procedures to address conflicting interests of stakeholders in accordance with their duties, privileges, and roles, and
  • procedures for proper supervision, control, and information-flows to serve as a system of checks-and-balances.

 

(b)Write any two application areas of Internet of Things (IoT). (2 marks)

Answer: Following are the applications area of IoT:
(1) All Wi-Fi enabled home appliances can be considered as IoT. Home owners can keep track of all activities in house through their hand held devices.
(2) CCTV camera is also monitored through hand held devices.
(3) Office machines and equipments shall be connected through net. It will help to identify various parameters without human interference like no. of staffs present in office or no. of printouts generated through office printer.
(4) IoT can be used in various government initiatives and schemes.
(5) Human being can also be authenticated by use of IoT.
(6) IoT have capability to connect the whole world.
  
 

 2.(a)A company XYZ is implementing a software by using the program development life cycle methodology and applying control phases in parallel to the development phases to monitor the progress against the plan. Being an IT developer, design the various phases and their controls for program development life cycle.  (6 marks)

Answer:

 

Phase
Controls
Planning
Control techniques like Gantt Charts, PERT, Work Breakdown Structures (WBS), can be used to monitor progress against plan.
Control
The Control phase has two major purposes:
·         To monitor progress against planned schedule.
·         To implement control to ensure software released for production use is authentic, accurate, and complete.
Design
To implement systematic approach to program design (such as any of the structured design approaches or object-oriented design)
Coding
To implement systematic approach to coding (like Top-down, Bottom-up and Threads approach)
Testing
To implement following testing:
·         Unit Testing: which focuses on individual program modules;
·         Integration Testing:  which focuses in groups of program
modules; and
·         Whole-of-Program Testing: which focuses on whole program.

Operation and Maintenance
To implement following maintenance:
·         Repair Maintenance in which program errors are corrected;
·         Adaptive Maintenance in which the program is modified to meet changing user requirements; and
·         Perfective Maintenance - in which the program is tuned to decrease the resource consumption.
 


 


(b)Customer Relationship Management (CRM) is a system which aims at improving relationship with customers. Briefly explain any four key benefits of CRM module of ERP. (4 marks)




Answer: Following are the Key benefits of a CRM module:

(1) Better customer relations:

  •  By using CRM, all dealings with customer for servicing, marketing, and selling can be carried out in an organized and systematic way.
  • This in turn helps in increasing customer loyalty and decreasing customer agitation.
(2) Better internal relations & communication:

  •  CRM helps in building up better communication within the company.
  • The sharing of customer data between different departments will enable them to work as a team. And thus help in increasing the company’s profitability and enabling better service to customers.
(3) Optimize marketing:

  •  CRM helps to understand most profitable customer groups, ideal marketing timing and correct product
  • In this way, marketing resources can be optimized efficiently and time is not wasted on less profitable customer groups.
 (4) Maximize up-selling and cross-selling:

  • Up-selling and cross-selling can be improved by interacting with the customers and getting an idea about their wants, needs, and patterns of purchase. 
  • Up-selling is the practice of giving customers premium products that fall in the same category of their purchase.
  • Cross selling is the practice of offering complementary products to customers, based on their previous purchases.
(5) Increase in revenues:

  •  By using a CRM strategy for any business, the revenue of the company can be increased. 
  • Using the data collected, marketing campaigns can be popularized in a more effective way.


 


3.(a)Information technology (IT) risk can be reduced by implementing the right type and level of control in automated environment that is done by integrated controls into information technology.
Being an IT consultant, suggest various steps of IT related control to a branch manager of a bank. (6 marks)

Answer: List of IT related control for Bank Branch:



  • The system maintains a record of all log-ins and log-outs.
  • Access to the system is available only between stipulated hours and specified days only.
  • Users should be given access only on a “need-to-know basis” based on their role in the bank. This is applicable for internal users of the bank and customers.
  • Automatic log out of the system after a user logs-in and there is no activity for a pre-determined time.
  • The system checks whether the amount to be withdrawn is within the drawing power. 
  • Exception situations such as limit excess, reactivating dormant accounts, etc. can be handled only with a valid supervisory level password.



(b)A business organisation is planning to increase the accuracy of information transferred and certified the repeatability of the value added task performed by the automation of business.
Being a management consultant, identify any four major benefits that the organisation can achieve through the automation of business process. (4 marks)


Answer:


(1)Improved Quality & Consistency: 
  • Automation ensures high quality process with consistent results.
(2)Improved Operational Efficiency:
  • Automation ensures smooth & efficient system performance and also reduces error margin.
(3)Improved Visibility:
  • Automation improves visibility of the organization. With efficient processes, value of the organization improves. 
(4)Improved Reliability:
  •  With automated processes in place, stakeholders can rely on the organization. This gives a competitive advantage to the organization. 
(5)Reduced TAT:
  • Automation eliminates unnecessary tasks and improves operational performance and reduces the turnaround times for processes.
(6)Reduced Cost:
  • Automation ensures optimum utilization of resources and hence costs associated with processes are reduced. Comparatively, manual task is performed at a slower rate and more costly.
 





4. (a) General controls are pervasive controls and apply to all systems components, processes and data for a given enterprise or systems environment.
As an IT consultant, discuss some of the controls covered under general controls which you would like to ensure for a given enterprise. (6 marks)


Answer:


 

(b) Discuss the key activities, which require special attention for auditing the user access provisioning. (4 marks)


Answer: Following special attention for auditing the user access provisioning is required:

(i)Process for Access Request: The IS auditor should verify process of access request and determine if these processes are used consistently throughout the organization.

(ii)Process for New employee provisioning: The IS auditor should verify how a new employee’s user accounts are initially set up. The auditor should determine if manager’s authorization is obtained.

(iii)Process for Access approvals: The IS auditor needs to verify process for approval and by what authority they are approved.

(iv)Periodic Access reviews: The IS auditor should determine if periodic reviews are performed for access provided. This may include termination reviews, internal transfer reviews, SOD reviews, and dormant account reviews.

(v)Segregation of Duties (SOD): The IS auditor should determine whether proper segregation of duties exists.



 


5. (a) Mobile computing is an important and rapidly evolving technology that allows user to transmit data from remote location to other locations in mobility condition.
Being a communication expert, identify limitations in current scenario that impede or hesitate users to use this technology frequently. (8 marks)


Answer:
Drawbacks of Mobile Computing:
(1)Quality of connectivity:

  • Mobile device needs either WiFi connectivity or mobile network connectivity such as GPRS, 3G or 4G network.
  • If device is not near (or not in range) any of these connections, the access to the internet is very limited.
(2)Transmission interferences: Weather, terrain, and the range from the nearest signal point can all interfere with signal reception. Reception in tunnels, some buildings, and rural areas is often poor.
(3)Power Consumption: Due to the use of batteries in the mobile devices, devices do not tend to last long. If there is no regular power recharges are not made, then mobile devices will certainly be shut down.
(4)Security concerns:

  • Accessing a WiFi network from mobile device is risky, because Wired Equivalent Privacy (WEP) and Wireless Protected Access (WPA) security can be bypassed easily.
  • Mobile devices are unsafe to connect to Virtual Private Networks (VPNs), as these are vulnerable to attack, and also syncing devices might lead to serious security concern
(5)Potential health hazards:

  • Questions concerning mobile phone radiation and health have been raised by various research studies. 
  •  People who use mobile devices while driving are often distracted from driving and are thus assumed more likely to be involved in traffic accidents.
 


(b)A business organisation is shifting from traditional accounting system to computerised accounting system. The organisation needs to store the data that is relatively permanent and not expected to change frequently in accounting system.
As a financial expert, suggest any two types of such data in accounting system. (2 marks)

Answer:

Answer: Master data is relatively permanent data that is not expected to change again and again. Following are some of the master data in financial & accounting systems:

Accounting Master Data:

  •  This includes names of various ledgers, voucher types, cost centres etc.
  • E.g. various ledgers like capital account, sales, purchase, expenses and income ledgers are created once and not expected to change again and again.

Inventory Master Data: 
  • This includes inventory related master data like stock items, storage units, inventory vouchers type etc.
  • For business of consumable goods stock items can be television, air-Conditioner, fridge etc.

Payroll Master Data:
  • This includes employees related master data like name of employees, group of employees, salary structure, payment heads etc.
  • These data are not expected to change frequently. E.g. Employee created in the system will remain valid for relatively longer period of time.

Statutory Master Data:
  • This includes master data related to various statute/law. This data shall be relatively permanent. 
  •  E.g. Rate of Goods and Service Tax (GST), Nature of Payments for TDS etc. In case of change in tax rates, forms, categories, we need to update/change our master data.


 



(b)Major features of an ERP system is central database. Which are the options possible to different users while assigning access to it?

Answer: Following options are available for accessing to ERP system:
  • Create – Allows to create data 
  • Alter – Allows to alter data 
  • View – Allows only to view data 
  • Print – Allows to print data
Above type of access can be allowed / disallowed for:
  • Master Data 
  • Transaction Data 
  • Reports