Free CISA Certification Practice Questions:
You are auditing a software development project plan for the development of a risk management platform. As software development can be very chaotic, the company had elected to follow a more rigorous approach to software development. Specifically, the company has chosen to adopt the XP (Extreme Programming) for the current software project. The XP methodology is highly iterative, and produces numerous deliverables include UML diagrams, architecture diagrams, prototypes, and test-cases.
While reviewing the project, you observed that an independent quality assurance team was formed to review and test the risk management platform. All of the following are functions of the QA team EXCEPT
A) reviewing code to ensure that documentation, coding, and management standards are followed
B) developing test plans
C) ensuring that processes meet prescribed standards
D) ensuring that defects are logged and testing continues until the tests produce acceptable results
E) logging, tracking, and fixing application defects
-
[Ans: E]
Quality assurance activities should include:
1) Development of test plans
2) Actual Testing - reports that compare
actual results with expected results
3)Defect management - defects are logged
and testing continues until the tests
produce acceptable results
Quality assurance activities include ensuring
that the processes associated with the systems
development meet the prescribed standards,
such as documentation, coding, and management
standards. Quality assurance also includes
code reviews to ensure that proper documentation
and standards are followed.
However, the quality assurance team should NOT directly modify any code, as this would violate their independence and segregation of duties. While they should log and track defects, they should NOT fix the defects themselves.
BACK | NEXT