LIST for EIS-SM

(for NOV 19
Attempt)
by
RAJAT JAIN
(CA, CS, CMA,
B.COM, DISA)

Copyrighted
Content
This list is proprietary work of CA RAJAT JAIN and cannot be
reproduced in any format whatsoever without specific written
permission of the creator. The list has a Copyright the violation
of which shall result into a penalty which shall be computed as
an estimate of the sales value of the list of past periods and the
value achieved till now. The sum can be safely assumed to be
somewhere close to rupees 10 lacs and hence any student
forwarding this list in any groups or friends would be liable for
such penalties, if caught.

For tracing out if the list has been shared, there are systems in
place such as blockchain trail and screenshot reporting logs
attached with the sheet.

Therefore, the simple looking pdf has all the advanced

methodologies to detect any unauthorized furtherance
whatsoever. last time six of the students faced legal action do to
extending such sheets in telegram groups.
After, explicitly providing this in detail with the sheet itself, any
negligence on behalf of the student would not be entertained and
excused and strict penalties would be levied.

Copyright Content

Only Authorised Reproduction Permitted

CA Rajat Jain

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 2
I advise you to strictly understand the fact that the questions list given her is Question oriented and
not topic oriented. writing down the answers to these questions would help a lot in the examination.

also to note that these questions also contain certain markings where in they have been marked
important in a highlighted manner. these questions are very much expected from authors point of
view and hence should be covered for the last minute revision purposes when time is less and one
should not construe that only the highlighted questions should be done.

some of the questions have a marking as MCQ purpose or MCQ expected in brackets after the
question has been written. a student here can safely assume that there would be no detailed
questions From these topics and they should prepare according to MCQ only. this will save a lot of
time in preparation plus would add to detailed preparation towards MCQs.

Since the new course introduction, there have been multiple attempts where in our list in respect of
such attempts as changed and manipulated have come for more than 85% of the marks in the
examination and sometimes even higher than that. however we do not guarantee a fixed marks after
preparing from this list and the trustworthiness on this list depends entirely on the student as the
same does not cover the entire course.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 3
 CHAPTER 1 - AUTOMATED BUSINESS PROCESSES
This time Flowchart is highly expected. Kindly prepare the same to score the maximum marks from this
Chapter.

Q.1 Define Enterprise Information Systems.

Q.2 Define BPA. What are the objectives of BPA?
Q.3 What are the main aspects to be kept in mind while Documenting a BPA?
Q.4 How to decide onto which consultant to partner with while implementing
BPA?
Q.5 Define ERM. Also state its benefits.
Q.6 Define risks. Explain the risks of BPA.
Q.7 What are the various Risk Management Strategies used by an enterprise?
Q.8 Define Controls. When are Manual controls more suitable as compared to
automated controls?
Q.9 List and Explain the various components of Internal Control. Also
mention some of the limitations of internal control.
Q.10 Explain the concept of Segregation of Duties in detail .
Q.11 Define Configurations and Masters in a software using one example
each. (MCQ Expected)
Q.12 Explain the immediate benefits in business and trade due to the
Introduction of IT Act, 2000.
Q.13 Define or Explain the following terms:
 Web Defacement
 Cyber Terrorism
 Phishing and Email Scams
 Access as per IT Act ,2000
 Computer as per IT Act, 2000
Q.14 Explain SPDI. What types of information shall be considered as SPDI?

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 4
 CHAPTER 2 - INFORMATION SYSTEMS AND COMPONENTS (Chapter 3
of Study Material)

Q.1 Any computer based information system that supplements business has
to be developed in accordance with the business needs as well as with a
great understanding on the basic characteristics of such systems? in the
light of the given statement, explain the various characteristics of any
computer based information system that can generally be found while
implementing such systems.
Q.2 An Operating System plays a very vital role in integrating applications
and hardware together and performing the most crucial functions for any
system. In the light of the statement, explain the functions performed by
an Operating System.
Q.3 Application Software are made specifically for the particular purpose
that the users are requiring them for. What are the different types of
application software available to solve such purposes? (MCQ expected)
Q.4 There are applications solving multiple problems for multiple users. In
what areas can these applications be useful in the context of business?
Q.5 What are the issues catered/functions served by a network?
Q.6 Write short notes on the following:
 MAC address
 Network Topology
 IP address
 Packet Switching
 DNS
Q.7 Explain the hierarchy of databases using a suitable diagram.
Q.8 An organization mostly records it's data in the form of tabular records.
explain the database management system most suitable for maintaining
such records for the organization.
Q.9 What do you mean by a data warehouse? Can data warehouse be
considered as the largest storage of data? How is a data warehouse
built?
Q.10 An organization ABC limited finds that its database is too voluminous to
be able to be sorted and analyzed using manual tools and other
predictive analytics techniques. There could be certain hidden patterns
and trends which might not be known to the organization as the data
size and selective analysis is not possible. Which technique what do you

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 5
 suggest in this case also explain the technique in brief citing certain
examples.
Q.11 Logical access has a lot of risks and exposures in today’s environment.
Explain the exposures that an entity might face while working in an
automated environment in this regard.
Q.12 Asynchronous Attacks can occur over a network while data transfer.
Explain the various types of Asynchronous Attacks that can take place
on the network.
Q.13 Explain the following:
 Encryption
 Call back devices
 Firewall
 (The concept of Network Access Controls need not be prepared as
such) (Prepare from MCQ Point of View as only apart from the controls
mentioned above)
 SPOOL
Q.14 What are the various Security Management Controls?
Q.15 Access Control Mechanisms are the tools that help enforce Boundary
Controls. What are the components of Access Control Mechanism?
Q.16 As a consultant to ABC Limited, you have been asked to submit a report
stating the Boundary Controls that entity can apply to enforce access
controls.
Q.17 Generally, the major mistakes that are done in any system are well
entering input and before processing. What kind of technical exposure
are we talking about here? What are the input validation controls that
can be used in this regard so as to stop incorrect input from entering the
system?
Q.18 Explain the various Data Processing Controls in brief.
Q.19 What are the factors influencing an organization towards control and
audit of computers?
Q.20 As an Information Systems Auditor, you need to keep yourself up to
date with the latest audit tools, techniques and methodology to meet the
demands of the job. Discuss about various Audit Tools that you should
be aware about. (Difference between ITF and CIS is a must prepare)
Q.21 Discuss the advantages of continuous audit techniques.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 6
ANS: 1. Timely Comprehensive and Detailed Auditing: evidence would be
timely available. The whole processing can be evaluated rather than
examining inputs and outputs only.
2. Surprise Test Capability: evidences are collected from the system
directly without the systems staff and application system users being
aware that the evidence is being collected at that particular moment
bringing forth the advantages of surprise testing.
3. Information to system staff on meeting of Objectives: It helps the staff
in getting the knowledge whether an application system meets the
objectives of asset safeguarding, data integrity, effectiveness and
efficiency.
4. Training for new users: Using ITFs, new users can submit data to
application systems (test data) to better understand the system by
learning from their mistakes.
Q.22 Define Audit Trails. Also briefly describe the objectives of Audit Trail.
Q.23 As an IS Auditor how would you check the Internet Point of Presence for
an entity?

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 7
 CHAPTER 3 - E- COMMERCE, M- COMMERCE AND EMERGING
TECHNOLOGIES (Chapter 4 of Study Material)
Q.1 Businesses in today’s world are carried out using Mobile Applications on
the hand held devices. As a consultant to the organization which is
developing a mobile app what are the major areas that you would like to
suggest to be included as components in the application?

Q.2 A modular networking architecture is what today’s era demands. In the

light of the statement, what do you understand by Three Tier Architecture?
Also discuss its advantages.

Q.3 The risks associated with E- Commerce Transactions are generally high
as compared to general Internet Activities? Explain giving reasons for the
same by using at least 4 points.
Q.4 The main risk of any E Commerce business lies an unauthorized
intrusion. What are the ways of protecting your E- Commerce business
from intrusion?
Q.5 As an IS Auditor, what controls do you recommend to an enterprise in E-
Commerce facing various Cyber Security Risks?
Q.6 Write Short Notes on the following:
 BHIM
 UPI
 Aadhar Enabled Payment Service (AEPS)
 Unstructured Supplementary Service Data (USSD)
Q.7 Sonali prefers digital payments over cash payments as she feels that
she's always having a written record of her spending. In light of the
statement, what are the major advantages of making digital payments?
Q.8 Today's world is virtual and hence imagining it without virtualization is
something not possible. What are the major application areas of
Virtualization?
Q.9 What do you mean by Grid Computing. What are the types of resources
available on a Grid.
Q.10 What are the major application areas of Grid Computing?
Q.11 What are the constraints to be considered while developing security
architecture for Grid Computing?
Q.12 The Prime Minister office of a country plans to establish Specific
infrastructure setup with its access shared amongst members of the

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 8
 group constituting off some selected high profile dignitaries and officers
from different ministries. The objective of the group is to carry out
certain assignments related to Nations Security and integrity. Which is
the most suitable choice of cloud under cloud computing? Discuss its
advantages and limitations as well. (Community Clouds)
Q.13 Write Short notes on the following:
 PaaS
 DaaS
 IDaaS
Q.14 As an IS Auditor following Green Computing Practices, how would you
advise your client company to conserve energy.
Q.15 Ask per the latest concept Mr. Sumit, Mrs. Preeti and Mr. Jain are
carrying their own laptops and devices to the office. They manage their
office work from these devices only and also use them as their home
devices. Explain the concept that has been adopted by the organization
explaining its advantages and threats.
Q.16 The Internet and the web has evolved multiple times in the last decade,
the latest version of web being web 3.0. What makes web 3.0 a stand out
as compared to it's other predecessors.
Q.17 Since Internet of Things is an evolving phenomena, the possibility of
heavy risks cannot be ruled out. What are the major predicted risks
related to the concept of Internet of Things.
Q.18 Define Artificial Intelligence/ Machine Learning. Write down the major
applications.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 9
 CHAPTER 4 - CORE BANKING SYSTEMS (Chapter 5 of Study Material)

Q.1 What are the major Challenges of IT in Banking Systems?

Q.2 Write a short note on CORE Banking systems. Also mention some
examples of CBS.
Q.3 The deployment and implementation of CBS should be controlled at
various stages to ensure that banks automation objectives are achieved.
Explain each stage in brief.
Q.4 What are the key aspects in built into architecture of a CBS?
Q.5 Explain the CBS IT Environment
Q.6 In CORE Banking Systems, discuss the possible risks and controls
around the CASA (Current and Savings Account) process.
Q.7 Write a short note on ATM Channel Server.
Q.8 What are the major risks associated with CORE Banking Systems?
Q.9 What are the four gateways for controlling CORE Banking System?
Q.10 Define Money Laundering as per Section 3 of the Prevention of Money
Laundering Act, 2002. What are the key aspects of this Act?
Q.11 Explain the three stages of Money Laundering. (MCQ)
Q.12 XYZ charitable institution is a charitable organization that was
established in 2013. It opened its current account with ABC bank on 1st
February 2016. Following transactions were made by XYZ charitable
institution in the month of July 2016

3rd July 2016 rupees 5 lacs

9th July 2016 rupees 2 lacs
28th July 2016 rupees 3 lacs
Examining the given situation, determine the liability of reporting
authority with respect to the maintaining of the record of the transaction

Q.13 Mr. Nathu Lal, a mobile shop owner, purchases a stolen mobile phone
knowing about the phone to be stolen. He further resells the mobile phone to
Mr. Sanju.
Mr. Ram, the true owner of the mobile phone, subsequently gets to know of
the sale undertaken by Mr. Nathu. Is there any remedy available for Mr. Ram
under the IT Act, 2000.

Q.14 What are the essential elements of Privacy Policy of an Enterprise.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 10
 CHAPTER 5 - FINANCIAL AND ACCOUNTING SYSTEMS (Chapter 2 of
Study Material)

Q.1 Write down four differences between master and non master data.
Q.2 Differentiate between front end and back end software.
Q.3 Differentiate between Installed and Web Applications.
Q.4 What do you understand by Non- Integrated systems. How is an
Integrated System better than the Non Integrated system?
Q.5 Write a short note on ERP systems. Explain its advantages.
Q.6 What are the features of an ideal ERP system?
Q.7 Mention any four Risks and related Controls in an ERP Environment.
Q.8 Explain the concept of Role Based Access Controls (RBAC). What are the
different types of access available to users.
Q.9 "Some of the questions auditors should ask during an ERP audit are
pretty much the same as those that should be asked during development
and implementation of system". What questions should you ask as an
auditor?
Q.11 What do you understand by an MIS Report? To make an MIS Report
useful, what should an enterprise ensure? (Features of MIS)
Q.12 Explain the different types of Data Analytics Applications.
Q.13 What are the major business applications of Data Analytics?
Q.14 Being an IT Consultant to a Government agency PQR, identify the most
common International Standard, that should be used by the agency fir
their standardized digital business reporting. Support the recommendation
by preparing a list of its important features also.
Q.15 Write a short note on XBRL Tagging.
Q.16 How is an Integrated software containing both accounts and tax
applications together better than an individual software used separately
for accounting and taxation.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 11
STRATEGIC MANAGEMENT QUESTIONS

Apart from all the questions as discussed and mentioned below, I

expect you to solve the case based questions of current MTPs and
RTPs as well as of last attempt. (Nothing else beyond than that is
required to be covered from RTPs and MTPs)

CHAPTER 1
Q.1 “Strategy is no substitute for sound, alert and responsible management.” Discuss.
Q.2 Strategy is partly proactive and partly reactive. Discuss
Q.3 Discuss the meaning of Strategic Management. Also explain the two fold objectives of strategic
management.
Q.4 Explain the major benefits of strategic management.
Q.5 Strategic Management is only meant for profit Organisations. Explain.

CHAPTER 2
Q.1 What are the major issues to be considered for strategic analysis?

Q.2 Explain the concept of driving forces and also list at least 4 examples of the same.

Q.3 Explain the procedure to be undertaken for Strategic Group Mapping.

Q.4 Define KSFs. How would you identify Key Success Factors in an industry?

Q.5 Define Core Competence. What are the three criteria to be fulfilled that a Core Competency must
fulfill.

Q.6 What are the criteria to determine that a particular core competency results into a sustainable
competitive advantage?

Q.7 Value Chain Analysis by Michael Porter.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 12
Q.8 Define Competitive Advantage. What are the major characteristics that a competitive advantage
depends upon?

Q.9 Explain the concept of value creation with a suitable diagram.

Q.10 Explain the concept of SBU in brief along with its characteristics.

Q.11 BCG Matrix

Q.12 Ansoff’s Product Market Growth Matrix (also known as product market expansion grid)

Q.13 ADL Matrix (Matrix based on the product life cycle approach)

Q.14 GE Matrix ( also known as Stop Light Strategy model or Business Planning Matrix or a matrix
modeled on the concept of Traffic Control Lights)

Q.15 Explain the significance of SWOT Analysis in Strategic Management.

Q.16 What are the incremental benefits of a TOWS Matrix over SWOT Analysis?

Q.17 Explain the diffrence between an MNC and a TNC.

CHAPTER 3
Q.1 Explain the manner in which a manager can deal with Strategic Uncertainty while dealing with the
strategic choices. (Concept of Scenario Analysis)
Q.2 Write a short note on the concept of Strategic Intent
Q.3 Define vision. Explain its elements.
Q.4 Explain the reasons why an organisation must have a mission statement.
Q.5 Which of the two - objectives and goals could be considered as more specific?

CHAPTER 4
Q.1 Characteristics and suitability of Grand Strategies .

Q.2 Diversification strategies (Very imp for MCQs)

Q.3 Turnaround strategy.

Q.4 What are the advantages and disadvantages of going for a strategic alliance?

CHAPTER 5
Q.1 Porter’s Five Forces Model (MCQ important too)
Q.2 Focus and Best Cost Provider Strategy.
Q.3 Concept of Switching Costs.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 13
CHAPTER 6
Q.1 Explain the concepts of Skimming and Penetration Pricing using examples for the same.

Q.2 Explain the expanded marketing mix in light with the expansion of the service sector as the single
most emerging sector in the world.

Q.3 Explain the concepts of:

Augmented Marketing

Enlightened Marketing

Synchro Marketing

Demarketing

Q.4 What are the limitations of a Financial Budget?

Q.5 Explain the various approaches towards evaluating the worth of a business.

Q.6 Explain the differences between Logistics Management and Supply Chain Management.

Q.7 What are the guidelines that as a strategist you would give to take decisions on Research and
Development facilities to be used?

Q.8 Explain the approaches that different firms may pursue in pursuit of its research and
Development.

Q.9 Explain the strategic role of Human Resource Management.

CHAPTER 7
Q.1 Structure follows strategy. Discuss.

Q.2 Why is a divisional structure considered to be costly? Also explain the various types of Divisional
Structures.

Q.3 Explain the utility of matrix structure. What are the phases of implementation of a Matrix
Structure in the organisation? (Also known as Dual Authority organisation structure)

Q.4 Explain the organisation structure which is also known as Virtual Organisation.

Q.5 Explain the functional demerits of the Hourglass Structure.

Q.6 Leadership Role of Management

Q.7 Differentiate between Transformational and Transactional Leadership style.

Q.8 Strategy Culture Conflict and Changing a problem culture.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 14
Q.9 Differentiate while explaining the concepts of Entrepreneurship and Intrapreneurship.

CHAPTER 8
Q.1 Differentiate between Strategy Formulation and Strategy implementation.
Q.2 What are the steps to initiate Strategic Change?
Q.3 Explain the Kurt Lewin change process. (Pay attention to H.C. Kellman’s methods for reassigning
new pattern of behaviour.)
Q.4 Types of Strategic Control
Q.5 Strategy Culture Conflict and Changing a problem culture.
Q.6 Explain the Richard's Rumelt criteria for strategic audit.
Q.7 Explain the concept of BPR
Q.8 Central Thrust of BPR
Q.9 Benchmarking is not a panacea to all problems. Explain
Q.10 Explain the steps of the benchmarking process.

Copyright Content of CA Rajat Jain. Unauthorised distribution attracts legal penalty. Page 15