Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Sample Interview Questions - Advanced System Certification and Accreditation | TCOM 5253, Assignments of Business Management and Analysis

Material Type: Assignment; Professor: Gray; Class: ADV SYS CERT & ACCRED; Subject: Telecommunications Management; University: Oklahoma State University - Stillwater; Term: Fall 2007;

Typology: Assignments

Pre 2010

Uploaded on 11/08/2009

koofers-user-sxu
koofers-user-sxu 🇺🇸

10 documents

1 / 2

Toggle sidebar

Related documents


Partial preview of the text

Download Sample Interview Questions - Advanced System Certification and Accreditation | TCOM 5253 and more Assignments Business Management and Analysis in PDF only on Docsity!

TCOM 5253 / MSIS 4253

Fall 2007 Risk Assessment – Sample Interview Questions Interview questions should be tailored based upon where the IT system being assessed is in the software development life cycle (SDLC). Questions should be asked during interviews with IT personnel to gain an understanding of the operational characteristics of the organization.  Who are valid users?  What is the mission of the user organization?  What is the purpose of the system in relation to the mission?  What is the system-availability requirement?  How important is the system to the user organization’s mission?  What information (both incoming and outgoing) is required by the organization?  What information is generated by, consumed by, processed on, stored in, and retrieved by the system?  How important is the information to the user organization’s mission?  What are the paths of information flow?  What types of information are processed by and stored on the system (e.g., financial, personnel, research and development, medical, command and control)?  What is the sensitivity or classification level of the information?  What information handled by or about the system should not be disclosed and to whom?  Where specifically is the information processed and stored?  What are the types of information storage?  What is the potential impact on the organization if the information is disclosed to unauthorized personnel?  What are the requirements for information availability and integrity?  What is the effect on the organization’s mission if the system is not reliable?  How much system downtime can the organization tolerate? How does this downtime compare with the mean repair/recovery time? What other processing or communications options can the user access?  Could a system or security malfunction or unavailability result in death or injury?  Could you continue to operate without any computers available?  Could you continue to operate without any corporate telephone service?