Chapter 1

AUTOMATED BUSINESS PROCESS

May-18
1 Explain the following in brief :

a. Risk Assessment

2 Explain the positive aspects contained in the IT Act 2000 and its provisions, from the perspective
ofe-commerce in India.

3 An e-commerce website is offering following discounts :

• If the purchase mode is Via website, a discount of 5% is given on the bill amount.

• If the purchase mode is via phone app, a discount of 10% is given on bill amount.

• If purchase is done via any other mode, customer is not eligible for any discount.

Draw a Flowchart to calculate and display the bill amount payable by the customer.

Nov - 18

4. Answer the following in brief :

a. Explain ‘Data Flow Diagram’.

5. “Enterprise Risk Management (ERM) does not create a risk-free environment; rather it enables
management to operate more effectively in environments filled with risks”. In view of this statement,
explain the various benefits, which the Board of Directors and Management of an entity seek to
achieve by implementing the ERM process within the entity.

6. Data that is waiting to be transmitted are liable to unauthorized access called ‘Asynchronous Attack’.
Explain various types of Asynchronous attacks on data.

7. State the required characteristics of goals to be achieved by implementing Business Process

Automation (BPA).

8. Give two examples of the Risks and Control objectives for Human Resources Process at the Configuration
level.

May-19
9. Corporate governance is the framework of rules and practices, by which a board of directors ensures
accountability, fairness and transparency in a company’s relationship with all its stakeholders. List out
therules and procedures that constitute corporate governance framework.

Sumit parashar sir | 8882474092

 10. A business organization is planning to increase the accuracy of information transferred and certifies
the repeatability of the value-added task performed by the automation of business.

Being a management consultant, identify any four major benefits that the organization can achieve
through the automation of a business process

Nov-19
11. Business Processes are documented/designed using flow-charts to understand the process in
visualized form. Being a business advisor, what advantages of flow-charts will you suggest to
represent the business processes in diagrammatic form.

Nov-20
12. After defining risk appetite, strategies are set to manage risks. Explain any four risk management
strategies.

13. Enterprise Risk Management (ERM) framework consists of integrated components that are derived
from the way management runs a business and are integrated with the management process. Define
anysix components of ERM framework.

Jan-21
14. The Goods and Service Tax (GST) rate in India for various goods and services is divided broadly under
4categories, draw a flowchart to compute Goods and Service Tax for the goods manufactured ad per
table below.
Category (K) Rate
A 5%
B 12%
C 18%
D 28%

15. Using the automation technique in the modern era of business, the business gets well developed
with great customer satisfaction of their services and products in which the customer-oriented
supply chain plays a major role. List down the names of all the benefits of Automating Business
processes by explaining any four benefits.
July-21
16. Internal control provides an entity with only reasonable assurance and not absolute assurance
aboutachieving the entity’s. operational, financial reporting and compliance objectives. Explain any four
inherent limitations of Internal Control System.

17. In the present age of Information Technology, Business Process Automation (BPA) is the key
technology-enabled automation of activities or services. As an Information Technology consultant,
you are requested to suggest any three examples of business processes that are best suited to
automation and also discuss any three challenges involved in Business Process Automation.

Dec-21
18.Human Resource Management (HRM) plays an important role in the effective and efficient
management of the human resources in any enterprise. As an HR Manager of XYZ Ltd., which typical
stages of the HR life cycle will you implement in the company?

Sumit parashar sir | 8882474092

 19. Categorize the different kinds of business risks that any enterprise faces.

May-22

20. Presently the flow of information is at an unimaginable high speed for doing any business and need of
information is perceived at various levels of hierarchy. With these objectives in focus, define :

i Enterprise Information System

ii Categories of Business Processes

21. Enterprise Risk Management (ERM) framework consists of various interrelated components that are
derived from the way the management runs a business and are integrated with the management
process. Explain any six components of ERM framework.

Nov-22

22. The fixed assets process is used to ensure that the immovable assets of an enterprise are traced for
financial accounting-related purposes. In order to accomplish those tasks, what are the typical steps of
the fixed assets process to follow?

May -23

23. Flowcharts are used in designing and documenting simple processes or programs. Explain any four
limitations of the flowchart.

24. The IT Act 2000 attempts to change outdated laws and provides ways to deal with cyber-crimes. We
need such laws so that people can perform purchase transactions over the Internet without fear of
misuse.

Sumit parashar sir | 8882474092

 CHAPTER 2
FINANCIAL AND ACCOUNTING SYSTEM
May 18

1. Explain the following in brief :

a. Business Intelligence (BI)

2. A manufacturing company is implementing an ideal ERP software, where a single database is being
utilized and it contains all the data for various software modules. Identify the modules of an ideal ERP
software along with their functions.

3. Explain the significance of Front End and Back End in software.

Nov-18ember18
4. Answer the following in brief :

a. Define ‘Data Analytics

5. A business organization is planning to switch on to an integrated software for accounting as well as

taxcompliance instead of separate software for accounting and tax compliance. Being a consultant to
the management of this organization, you are required to advise them on various Pros and Cons of
having single software for both the accounting and tax compliance.

6. “Web Applications’ are one of the two ways of using software including Financial and Accounting
Software and nowadays, the use of web applications is increasing rapidly. You, being an IT consultant,
have tolist out some of the advantages and disadvantages of using web applications.

May 19AY19

7. Customer Relationship Management (CRM) is a system which aims at improving relationship with
customers. Briefly explain any four key benefits of CRM module of ERP.

8. A business organization is shifting from traditional accounting system ‘to computerized accounting
system. The organization needs to store the data that is relatively permanent and not expected to
changefrequently in accounting system.

‘As a financial expert, suggest any two types of such data in accounting system.

Nov 19ember19

9. Central database is the main feature of an ERP system. As the complete data is stored at one place,
ensuring safety of data and minimizing risk of loss of data is a big challenge. As an IT expert discuss
the risks associated with various aspects of ERP.

Sumit parashar sir | 8882474092

 Nov 20

10. Data Analytics is the process of examining data sets to draw conclusions about the information
they contain, increasingly with the aid of specialized systems and software. List out any three
application areasof Data Analytics in today’s world.

11. Many organizations are implementing Enterprise Resource Planning (ERP) software, where it
integrates all of the processes needed to run their business with a single system. As a System
analyst brieflyexplain the benefits of ERP system

12. Name any four activities executed by the Operating System.

Jan 21nuary
21
13. Write a short note on Extraction-Transformation-Load (ETL)

Jul 21July21

14. Business Intelligence is a technology-driven process for analysing data and presenting actionable
information to help corporate executives, business managers and other end users make more
informed business decisions, List out the benefits of using Business Intelligence in an organization.

Dec 21ecember21

15. Business managers use MIS reports in the decision making process. MIS reports need to ensure that
itmeets certain criteria to make information most useful. Explain any three such criteria.

16. Data is a critical resource that must be organized, controlled and managed properly. In order to
achieve the same purpose, XYZ Ltd. decided to transform all its data into digitized form. As a
Database Administrator of the company, you are required to suggest major advantages of Database
Management Systems (DBMS) to the top management.

17. Controlling Module is one of the business process modules of the Enterprise Resources Planning
(ERP) System. It facilitates coordinating, monitoring and optimizing all the processes in an
organization. In thelight of these statements, describe any six key features of Controlling Module of
ERP system.

May-22

18. The ERP system is like a human body where there are different units and each unit relates to other
units. All the units must work in harmony with other units to generate the desired result. What are the
important points for integration of modules with Financial and Accounting System ?

19. In Accounting language, voucher is an evidence for a transaction. How do you interpret ‘voucher’ when
referred to a computer † Also explain any three types of vouchers pertaining to accounting.

Nov-22

20. Today’s ERP system can cover a vast range of functions such as human resources, supply chain
management, customer relationship management, financials, etc., and integrate them into one unified

Sumit parashar sir | 8882474092

 database. As an IT consultant of a company, how will you influence the Management to migrate their
activities to an ERP system by explaining its benefits?

May 23

21. In most software, there are three layers that together form the application, and the same is called
Three Tier Architecture. Explain the three layers forming part of the Three Tier Architecture of an
application software.

22. The financial accounting module is the most important module of the overall ERP system, and it
connects all modules to each other. Every module is somehow connected with this module. Explain
any 6 key features of this module.

Sumit parashar sir | 8882474092

 CHAPTER 3
INFORMATION SYSTEM AND IT’S COMPONENTS
May-18May18

1 Explain the following in brief :

a. Line Error Control

2 A manufacturing company is implementing an ideal ERP software, where a single database
is being utilized and it contains all the data for various software modules. Identify the
modules of an ideal ERP software along with their functions.

3 Explain briefly the objectives of the Information System’s Auditing.

Nov-18
November18
4. Answer the following in brief :

(a) Explain the term ‘Cryptography’.

5. Data that is waiting to be transmitted are liable to unauthorized access called ‘Asynchronous
Attack’.Explain various types of Asynchronous attacks on data.

6. An operating system allows users and their applications to share and access common
computer resources and execute a variety of activities.

Hence, protecting operating system access is extremely crucial. Identify various steps
through whichprotection of operating system access can be achieved.

May-19AY19

7. A company XYZ is implementing the software by using the program development life cycle
methodologyand applying control phases in parallel to the development phases to monitor
the progress against the plan. Being an IT developer, design the various phases and their
controls for the program development life cycle.
8. General controls are pervasive controls and apply to all systems components, processes and
data for a given enterprise or systems environment.
As an IT consultant, discuss some of the controls covered under general controls which you would
like toensure for a given enterprise.

9. Discuss the key activities, which require special attention for auditing the user access
provisioning.

Nov-19ember19
10. Explain any four examples of segregation of duties (SOD) controls.

Sumit parashar sir | 8882474092

 11. An internet connection exposes an organization to the harmful elements of the outside
world. As a network administrator, which Network Access controls will you implement in
the organization to protectfrom such harmful elements?

nov-20
November20
12. Protecting the integrity of a database when application software acts as an interface to
interact between the user and the database are called update controls and report controls.
Discuss any three update controls and three report controls.

13. Define any two information system controls based on the objective of controls.

Jan 21January21

14. What is virtual memory? How does it differ from secondary memory?

15. Information systems have set high hopes to companies for their growth as it reduces processing
speed and helps in cutting cost. Being an auditor of ABC manufacturing company, discuss the
key areas that should pay attention to while evaluating Managerial controls by top
management.

July 21
July21
16. Data Mining is the process of analyzing data to find previously unknown trends, patterns and
associations to make decisions. As an IT expert of the company, explain the steps involved in
the data mining process.

17. Differentiate between Processor Registers and Cache Memory.

18. Briefly explain any two output controls.

Dec 21
December21
19. Distinguish between Connection Oriented and Connectionless Networks

May-22

20. What is an operating system ? List any four activities performed by an operating system.

21. For doing business, logical access controls play a critical role ensuring the access to system, data
and programs to safeguard against unauthorized access. Towards this, explain ‘Logical Access
Control’ and ‘User Access Management Controls for Technical Exposures’.

Nov-22

22. Information Systems Audit is the process of attesting objectives that focus on asset
Sumit parashar sir | 8882474092
 safeguarding, data integrity and management objectives that include effectiveness and
efficiency. List the objectives of Information Systems audit.

23. Computers are used extensively to process data and provide information for decision-making.
However, uncontrolled use of computers can have a widespread impact on society. Explain the
factors influencing the need for control and audit of information system.

May-23

24. Operations management is responsible for the daily running of hardware and software facilities
so that production application systems can accomplish their work and development staff
can design, implement and maintain application systems. Operations management typically
performs controls over many functions. Explain any six of such functions.

25. Audit of environmental controls requires IS auditor to perform physical inspection and observe
practices. As an IS auditor you are engaged to conduct an audit of environmental controls for
an organization. Discuss any four factors and activities which requires your attention in the
audit of environmental control.

26. In today’s high speed world, we cannot imagine an information system without an effective and
efficient communication system, which is a valuable resource that helps in good management.
You are appointed as an IT consultant to design a model computer network for a newly started
company. What are the basic issues to be addressed by your network model ?

Sumit parashar sir | 8882474092

 CHAPTER 4
E-COMMERCE, M-COMMERCE & EMERGING TECHNOLOGY
May 18y18
1. Explain the following in brief :

a. Internet of Things (loT)

2. Explain various Control Objectives of e-commerce or m-commerce.

Nov 18
3. Answer the following in brief :

a. Describe the term ‘Digital Library’.

4. Subsequent to demonetization, one of your elderly neighbour, who was using traditioal digital
methodsof making payments like cards, net banking etc., asked for your help to know about the
various new methods of Digital Payments. Identify and explain various new methods of Digital
Payments for him.

5. Discuss various application areas of ‘Virtualization’.

MAY19
May 19
6. Write any two application areas of Internet of Things (IOT).

7. Mobile computing is an important and rapidly evolving technology that allows users to transmit
datafrom remote location to other locations in mobility condition.

Being a communication expert, identify the limitations in current scenario that impede or hesitate users to
use this technology frequently.
er19
Nov 19

8. Every business decision is accompanied with a set of threats and so is BYOD program. Explain briefly
theareas in which the risks associated with BYOD program can be classified.
9. Central database is the main feature of an ERP system. As the complete data is stored at one
place, ensuring safety of data and minimizing risk of loss of data is a big challenge. As an IT expert
discuss the risks associated with various aspects of ERP. 2

10. Explain the concept of E-Commerce briefly. How can you protect your E-Commerce business from
intrusion ?

Nov 20
November20
11. Define any four constraints which are usually taken from the characteristics of grid environment
andapplication in order to develop grid computing security architecture

Sumit parashar sir | 8882474092

 Jan 21
January21
12. Explain the concept of green computing. How will you develop a sustainable green computing plan ?

13. From traditional digital payment methods, India is moving towards newer methods of digital
payments. In light of the above statement, briefly explain following new methods.

14. Write a short note on (i) Digital Library (ii) Payment Gateway

15. Cloud based applications are now taking over Installed applications, What are the major difference between
Cloud based Applications andInstalled Applications ? Explain any four.
July21
July 21

16. PQR limited is planning to receive payment from the customers through Digital Payments.
Though there are lots of benefits of digital payments but there are drawbacks as well. Briefly
explain any six draw-backs of digital payments.

17. Hybrid cloud is a combination of both at least one private and at leastone public cloud computing
environments. Explain the characteristics of Hybrid Cloud.

Dec 21
December21
18. Briefly explain the advantages of business policy “Bring Your Own Device” (BYOD)

19. What is Mobile Computing? Explain the key components of Mobile Computing.

20. Describe any four characteristics of Infrastructure as a Service (IaaS).

May 22

21. E-Commerce runs through network-connected systems which can have two types of architecture,
namely, two-tier and three-tier architecture. In this context, define three-tier architecture and write
its advantages.

22. Mobile Apps are commonly used by all for doing electronic transactions. A mobile website works for
all mobile devices and usually costs about same as creating a Mobile App. In this context, explain any
four modules in mobile websites.

23. What are the applications of Internet of Things (IOT) in the area of

i Smart City
ii Health Care

Nov-22

Sumit parashar sir | 8882474092

 24. In recent times, new modes of money transfer have replaced the traditional methods of funds
transfer. Most of the banks have now introduced digital mode of remittance, called Electronic Fund
Transfer (EFT) which facilitates almost instantaneous transfer of funds. Define EFT and explain it’s
types.

25. One of the major problems of doing online business is the question of security. Then, how do you
protect your e-commerce business from intrusion ?

May-23

26. The public cloud is the cloud infrastructure that is provisioned for open use by the general public.
Explain any four characteristics of public cloud.

27. Government regulation, however well-intentioned, is only part of an overall green computing
philosophy. The work habits of computer users and businesses can be modified to minimize the
adverse impact on the global environment. There are several steps for Green IT. What are the Green
Computing Best Practices for the Green IT Recycle Step ?

Sumit parashar sir | 8882474092

 CHAPTER 5
CORE BANKING SYSTEM y18
May-18
1 Answer the following in brief :
a. Cyber Crime.
2 Automation of business processes has introduced new types of risks in banking service. You being
the Branch Manager of a CBS branch, list out some of the internal controls you think to be
implemented in yourbranch.5

Nov-18
November18
3 Explain various key aspects in-built into the architecture of a Core Banking System.

4 In line with suggestions of RBI, M/s. ABC Bank is planning to obtain ISO 27001 : 2013 certification for
itsInformation Security Management System. As an IS Auditor, you are required to prepare a sample
list of Risks w.r.t Information Security for the Bank.
19
May-19

5. Information Technology (IT) risks can be reduced by implementing the right type and level of
control in automated environment that is done by integrated controls into information
technology. Being an IT consultant, suggest various steps of IT related control to a branch
manager of a bank

Nov-19

6. Describe any three key functions of RBI.

7. Banks face the challenge of addressing the threat of money laundering on multiple fronts as banks
can be used as primary means for transfer of money across geographies. In light of the above
statement, discuss the Money Laundering process and its different stages.

Nov-20

8. Briefly explain any two types of Mortgage loan in Banking system.

9. Once the complete business of a bank is captured by technology and processes are automated in
Core Banking System (CBS), the data of the bank, customer, management ‘and''staff are completely
dependenton the Data Centre. From a risk assessment point of view, it is critical to ensure that the
bank can impart training to its staff in the core areas of technology for efficient risk management,
Explain any six commonIT risks related to CBS.

Sumit parashar sir | 8882474092

 Jan-21

10. Explain the stages of Money Laundering.

11. Define the Mortgage Loan . Briefly explain the types of Mortgage Loan.

July-21

12. Briefly discuss the characteristics of Core Banking Systems (CBS).

13. XYZ Bank wants to deploy and implement Core Banking Systems (CBS) to all of its branches, As a
consultant, how would you suggest the deployment and implementation of CBS at various stages to
ensure that banks automation objectives are achieved?

Dec-21

14. Briefly explain the Web Server and Proxy Server.

15. Core Banking System/Solution (CBS) has become a mandatory requirement in the banking system,
CBS are usually running 24 x 7 to support Internet Banking, Mobile Banking, ATM Services, etc. with
the help of its various modules. Most of the key modules of CBS are connected to a Central Server. As
an IT expert, discuss any three Back End Applications/Modules and any three Front End Applications/
Modules of CBS.
May-22

16. The main business of banks is lending money to the customers. There are certain inherent risks in
lending and they cannot take more than the calculated risks whenever they lend money to their
customers. List down the various risks involved and their associated controls in Loans and Advances
Process in the banking system.

17. Banking is a backbone of a country’s economy which keeps the wheels of economy running. The
changes in the banking scenario due to moving over to Core Banking System (CBS) and IT-based
operations have enabled banks to reach customers and facilitate seamless transactions with lesser
dependence on physical infrastructure. In this context write down the characteristics of core banking
system.
Nov 22
18. ABC Bank, one of the largest public sector banks, is planning to deploy and implement Core Banking
System (CBS) to all its branches. As an IT consultant, suggest the deployment and implementation
of CBS at various stages to ensure that bank’s automation objectives are achieved.
May 23
19. Write a short note on Automated Teller Machines (ATM) Channel Server.

20. A private bank is planning to migrate all of its existing operations to a Core Banking System (CBS). During their
discussions, the IT consultant is asked to explain about the common IT risks involved in CBS. Explain any six
of the common IT risks related to CBS.

Sumit parashar sir | 8882474092