【Soft Exam】System Integration Project Management Engineer Chapter 2 Information System Integration and Service Management

Language 2023-07-21 09:00:53 views: null

Article Directory

insert image description here

2.3 Information system integration and service management

2.3.1 ITIL and IT Service Management

2.3.2 ITSS and Information Technology Services

insert image description here
ITSS

  • Component elements - (people, flow, technology, capital)
    IT services are composed of personnel, process, technology and resources, referred to as PPTR.

  • Life cycle - (Ministry of Regulation, Services and Supervision)
    The IT service life cycle 规划设计、部署实施、服务运营、持续改进、监督管理consists of 5 stages, referred to as PIOIS.

example:

【18】Information Technology Service Standard (ITSS) defines the core elements of IT services consisting of people, process, technology and resources. The ( ) element focuses on "doing things right".

A. Personnel

B.过程

c. Technology

D. Resources

【18】Information Technology Service Standard (ITSS) is a complete system and a comprehensive standard library, used to guide the implementation of standardized and reliable IT services, ITSS defined services ( ) 生命周期不包括.

A.战略部署

B. Planning and Design

C. Deployment and implementation

D. Service operation

【19】In the IT service life cycle model of the Information Technology Service Standard (ITSS) ( ) is to 规划设计基础上establish a management system and provide service solutions based on ITSS.

A. Service strategy

B.部署实施

C. Service operation

D. Supervision and management

[19 below] In the Information Technology Service Standard (ITSS), the core elements of IT services refer to ().

A. TOOLS, TECHNOLOGIES, PROCESSES, SERVICES

B. 人员、流程、技术、资源

C. Plan, Execute, Check, Correct

D. Quality, cost, schedule, risk

2.3.3 Information system audit

  • Concern - (can be guaranteed)

    • availability
    • confidentiality
    • integrity

  • main component

    • Management, planning and organization of information systems
    • Information Systems Technology Infrastructure and Operations Affairs
    • asset protection
    • Disaster Recovery and Business Continuity Planning
    • Application system development, acquisition, implementation and maintenance
    • Business Process Evaluation and Risk Management

  • ISAS

    • include 职业准则、ISACA公告和职业道德规范.

  • audit steps

    • (1) 编制List and classify the information systems used by the organization.
    • (2) 决定Which systems affect critical functions and assets.
    • (3) 评估What risks affect these systems and the impact on business operations.
    • (4) In 评估的基础上grading the system above, determine the audit priority, resources, schedule and frequency. Auditors can make an annual audit plan and list the audit items to be carried out during the year.

[16 below] The purpose of an information system audit is to evaluate and provide feedback, assurance and recommendations. Its concerns can be divided into three categories, namely ( ).

A. Confidentiality, Timeliness, Integrity

B. Availability, Timeliness, Accuracy

C. Confidentiality, Accuracy, Completeness

D.可用性、保密性、完整性

[17 below] () does not belong to the main content of the information system audit.

A.信息化战略

B. Protection of Assets

C. Disaster Recovery and Business Continuity Planning

D. Management, planning and organization of information systems

【18】Generally recognized information system audit principles do not include ().

A. ISACA Notice

B. ISACA Proclamation Professional Code

C. ISACA Code of Ethics

D.COBIT框架

[18 below] For the information system audit process, after understanding the internal control structure, evaluating control risks, and transmitting internal controls, the next step should be ( ).

A. Limited substantive testing

B. External Control Testing

C内部控制测试

D. Expanded substantive testing

[19 above] The steps to conduct an information system audit based on a risk approach are (D).

①Determine which systems affect key functions and assets
②Evaluate which risks affect these systems and the impact of business operations ③Compile and classify the
information systems used by the organization

A.①②③④

B.①③②④

C.③①④

D.③①②④

【21上】( ) is not the focus of information system audit.

A. Integrity

B. Availability

C. Confidentiality

D. 可扩展性

【广22上】( ) Collect and evaluate evidence to determine computer system 是否有效做到保护assets, maintain data integrity, accomplish organizational goals, and use resources most economically.

A. System multiplexing

B.系统审计

c. System integration

D. System maintenance

[Analysis] P127, Ron Weber, an authoritative expert on information system auditing in the United States, defines it as "collecting and evaluating evidence to determine whether a computer system (information system) is effective in protecting assets, maintaining data integrity, accomplishing organizational goals, and using resources most economically".

Guess you like

Origin blog.csdn.net/guanguan12319/article/details/130783769
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com