What should an IS auditor be able to verify by evaluating application - ProProfs Discuss
Menu
SearchAsk a Question+ Ask Question
Advertisement
  1. Professional Certification
  2. CISA

What should an IS auditor be able to verify by evaluating application development projects against the capability maturity model (CMM)?

What should an IS auditor be able to verify by evaluating application development projects against the capability maturity model (CMM)?<br/>

Change Image    Delete

Asked by Wyatt Williams, Last updated: Nov 14, 2024

+ Answer
Request
Share
Question menu
Vote up Vote down

1 Answer

Wyatt Williams

Wyatt Williams

Wyatt Williams
Wyatt Williams

Answered Aug 13, 2018

D. predictable software processes are followed.

By evaluating the organizations development projects against the CMM, the IS auditor determines whether the development organization follows a stable, predictable software process. Although the likelihood of success should increase as the software processes mature toward the optimizing level, mature processes do not guarantee a reliable product. CMM does not evaluate technical processes such as programming nor does it evaluate security requirements or other application controls.
upvote downvote
Reply 
Continue Reading

More CISA Questions

Ask Your Own Question
Advertisement
Advertisement
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader
CancelLoader
Image Preview
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader
CancelLoader
Image Preview
Search for Google images Google Image Icon
Select a recommended image
Upload from your computer Loader
CancelLoader

Email Sent
We have sent an email to your address "" with instructions to reset your password.