Systems Analysis and Design Quiz

Questions and Answers

Which of the following is NOT typically considered a key responsibility of a systems analyst?

Acting as a liaison between business stakeholders and the technical team.

Identifying and analyzing business requirements.

Gathering and documenting business requirements. (correct)

Designing and proposing technical solutions.

The most important aspect of increased productivity and profits is the technology itself, not the people who develop software systems.

False (B)

Besides 'systems analyst', name one other job title that may perform systems analysis and design work.

programmer analyst, systems consultant, systems engineer, or Web developer

A software engineer applies the principles of software engineering to the design, development, testing, __________, and evaluation of software.

maintenance

According to the content, during which phase of software development is the cost of removing defects the highest?

Operation (A)

Match the following roles with their primary responsibility:

Systems Analyst = Designs technical solutions to address business needs Business Analyst = Gathers and documents business requirements from stakeholders Software Engineer = Applies engineering principles to the development of software

Modifying a complex anti-ballistic missile system in a week, as described in Scenario No. 1, is a realistic approach.

False (B)

What is one consequence of using illegal software to perform tasks?

Difficult to maintain the software

Which type of knowledge is essential for a systems analyst to develop information systems?

All of the above (D)

A business analyst is responsible to evaluate system requirements by conducting feasibility studie.

False (B)

A software fault represents a change to the ______ of the system.

design

What is a potential consequence of having insufficient senior staff on a software development team?

Inadequate project management methodology (A)

Name at least two responsibilites of a Software Engineer

design, development, testing, maintenance, and evaluation of the software

Recommending solutions that benefit personal interests over the organization is an example of a conflict of interest.

True (A)

Match the ethical concern with its description:

Unauthorized Software Use = Violates intellectual property laws and undermines professional ethics. Conflict of Interest = Recommending solutions that benefit personal interests or a third party. Handling User Data (Unethically) = Collecting or using user data without consent. Confidentiality Breaches = Handling sensitive organizational data without adequate safeguards.

What is a risk associated with modifying code to fix a defect?

Serious reductions in reliability (A)

What is a potential consequence of failing to report all identified defects, especially critical ones, due to time constraints?

Unreliable systems, risking user safety and satisfaction (A)

Delivering a result to a customer, even with catastrophic consequences, is always ethical as long as the team tried their best.

False (B)

What is a common consequence of failing to fully capture user requirements in software specification?

Systems fail to meet user needs, causing dissatisfaction and potential financial loss. (D)

Conducting selective testing to favor specific stakeholders ensures complete system reliability.

False (B)

Who typically possesses the in-depth knowledge of how a specific system (e.g., car brakes) should function?

domain experts

What is the potential risk of ignoring or inadequately testing for security vulnerabilities?

Exposes users and organizations to cyberattacks, data breaches, or financial loss.

Altering or fabricating test reports to show that a system meets requirements when it does not, is called ______ test results.

Misrepresenting or falsifying

Skipping essential SDLC steps like detailed requirements gathering or proper testing can be due to extreme ______ to reduce time to market.

pressure

Match the following examples with their correct category:

Automobile's antilock brakes = Safety-critical System Nuclear power plant reactors = Safety-critical System Airplane navigation = Safety-critical System Elevators = Safety-critical System

Match the scenario with the potential consequence of extreme pressure to cut corners in software development:

Skipping thorough testing = Increased risk of system failures and security vulnerabilities Writing substandard code = Unreliable or unsafe software and increased maintenance costs Compromising documentation = Difficulties in understanding and maintaining the system

What can poor-quality code NOT lead to?

Reduced maintenance costs (C)

What benefit does an organization gain from following widely accepted software development methodologies?

Makes negligence harder to prove (D)

Over-reliance on automated testing guarantees complete test coverage and identification of all possible defects.

False (B)

Software maintenance primarily involves replacing failed components with working ones, similar to hardware maintenance.

False (B)

What is the purpose of QA methods within the software development cycle?

To guarantee reliable operation of a product.

What is the primary motivation behind unethical behavior committed by someone who should know better?

personal interests

Which of the following are characteristics of a rigorous development process for safety-critical systems? (Select all that apply)

More thorough documentation (A), Vigilant checking and rechecking (D)

In N-version programming, multiple versions of software are run sequentially to identify errors.

False (B)

What is the purpose of a hazard log in the development of safety-critical systems?

To assess how detected hazards have been accounted for.

To cope with failures and errors, safety-critical software should provide multiple interchangeable software components to perform a signal function, this is called ______.

redundancy

Match the following roles with their responsibilities in developing safety-critical systems:

System Safety Engineer = Uses a logging and monitoring system to track hazards. Quality Control Engineer = Conducts formal risk analysis.

What should a formal risk analysis consider when designing a safety-critical system?

The likelihood and consequences of potential failures. (D)

An IT student's personal integrity and ethics are not important for them to succeed as system engineer.

False (B)

What are the consequences if a software engineer signs off on flight control software that is not sufficiently tested?

Risk of losing human life.

What does the term 'slippery slope' refer to in the context of ethics?

The ease with which one can transition from seemingly harmless unethical actions to increasingly unethical ones. (D)

Informed consent, when applied to system administration, means users should be aware of the rules governing the system and how it operates.

True (A)

What is the name of the organization that published a Code of Ethics for System Administrators in the early 2000s?

LOPSA

A User Code of Conduct provides guidelines for the ________ uses of an organization's computing systems.

acceptable

Match the following elements addressed by LOPSA's Code of Ethics with their descriptions:

Professionalism = Adhering to high standards of competence and conduct. Privacy = Respecting and protecting sensitive information. System Integrity = Maintaining the reliability and security of systems. Social Responsibility = Considering the broader impact of technology on society.

Which of the following issues is MOST likely to be addressed by a Privileged Access Code of Conduct?

Installing personal software. (B)

A User Code of Conduct typically outlines what types of personal use of company equipment are permitted, but does not address what uses are forbidden.

False (B)

According to LOPSA, which of these following options is not part of the Code of Ethics?

Customer Satisfaction (D)

Flashcards

Unfair Outcomes

Results leading to discrimination or harm against specific user groups.

Reporting Bugs

The act of identifying and communicating software defects, especially critical ones.

Biased Testing

Testing that selectively favors stakeholders, compromising thoroughness.

Security Vulnerabilities

Weaknesses in software that may expose users to risks like breaches or attacks.

Misrepresenting Test Results

Altering test reports to falsely indicate software compliance or quality.

Inadequate Test Coverage

Insufficient testing due to skipped phases, risking system reliability.

Automation Limitations

Overusing automated tools that may overlook defects manual testing would catch.

Safety-Critical Systems

Systems where failure can result in injury or death, requiring strict development processes.

Consequences of Misrepresentation

Failure to accurately capture requirements can lead to unusable products, contract cancellations, and lawsuits.

Unethical Decision-Making

Making decisions driven by personal interests can result in unethical behavior, especially if one knows better.

Role of Domain Experts

Domain experts provide knowledge regarding specific systems but do not write code themselves.

Misinterpretation of Requirements

If a software engineer misunderstands a domain expert's requirements, the software may fail to function as intended.

Cutting Corners

Pressure to meet deadlines can lead to skipping crucial steps in the software development lifecycle, compromising quality.

Impact of Poor Quality Code

Substandard code increases the risk of system failures, security vulnerabilities, and high maintenance costs.

Software Maintenance

Software maintenance involves changes to correct faults or adapt to new requirements, not just component replacement.

Software Development Lifecycle (SDLC)

SDLC includes detailed requirements gathering, validation, and testing to ensure software quality.

Professional Codes of Ethics

Guidelines that help professionals in computing address ethical issues.

Systems Analyst

An IT professional who uses analysis techniques to solve business problems.

Key Responsibilities of Systems Analyst

Identify business requirements, design solutions, and liaise with stakeholders.

Business Analyst

A professional who gathers, documents, and evaluates business requirements.

Key Responsibilities of Business Analyst

Gather requirements, develop specs, and evaluate process impacts.

Software Engineer

An individual who applies engineering principles in software design and development.

Feasibility Studies

Evaluations conducted to determine the viability of a system's requirements.

Technical Solutions

Proposed methods using technology to address identified business needs.

Cost of Removing Defects

The expense associated with correcting software faults increases drastically as the project progresses.

System Modification Challenges

Making urgent changes to software, especially complex systems, within a short time frame can be unrealistic.

Consequences of Software Defects

Defects in software can lead to serious reliability issues, sometimes with deadly outcomes.

Ethics in Software Engineering

Software engineers must balance quality with cost, ease of use, and time, making ethical decisions critical.

Unauthorized Software Use

Using open-source or illegal software without proper credit or licenses can lead to maintenance issues and legal violations.

Conflicts of Interest

When a system analyst recommends solutions that benefit their personal interests rather than the organization’s needs.

User Data Handling

Collecting or using user data without consent violates privacy rights and regulations.

Confidentiality Breaches

Improper handling of sensitive organizational data can lead to leaks of trade secrets or personal information.

Slippery Slope

A scenario where a small unethical action leads to bigger unethical behaviors.

Informed Consent

Users must be aware of the rules and operation of the system they use.

LOPSA Code of Ethics

A commitment by system administrators to uphold ethical standards in their work.

Professionalism in Ethics

Adhering to high standards of conduct in professional actions.

User Code of Conduct

Guidelines outlining acceptable use of an organization’s computing resources.

Privileged Access

Special access needed by certain users to perform their job functions.

Privacy Ethics

Respecting and protecting user information and confidentiality.

Responsibility to Computing Community

An ethical obligation to contribute positively to the tech community.

System Safety Engineer

A professional responsible for tracking hazards to ensure system safety.

Hazard Log

A document used to assess and track identified hazards throughout a project.

Risk Analysis

A formal process to identify potential risks and their consequences in safety-critical systems.

Redundancy

The practice of having multiple interchangeable components to ensure system reliability.

N-Version Programming

An approach to implementing software requirements multiple times to reduce errors.

Integrity in IT

The commitment to maintaining confidentiality and ethical behavior in technology roles.

Emergency Procedures

Plans established to respond to unforeseen failures or emergencies in a system.

Professional Judgment

The ability to make informed and ethical decisions in a professional context.

Study Notes

Ethical Issues in Systems Analysis & Software Engineering

• Systems analysis and software engineering professionals have significant influence on society.
• Ethical issues include the end product, the development process, and human interactions.
• Course Learning Outcome 2: Recognizing diverse professional codes of ethics, addressing social, moral, ethical, legal, security, and social issues.
• Course Learning Outcome 4: Analyzing ethical, social, and security implications of design, deployment, and application stages.

Systems Analysis & Design

• Information technology drastically changes people's lives, increasing productivity and profits.
• Success in IT development depends on thorough systems analysis and design to align with business needs.

Who is a Systems Analyst?

• An IT professional who uses analysis and design techniques.
• Addresses business problems using information technology.
• Needs technical, business, and people knowledge and skills.
• May have various job titles, including programmer analyst, systems consultant, systems engineer, and Web developer.

Key Responsibilities of a Systems Analyst

• Identifying and analyzing business requirements.
• Designing and proposing technical solutions to address business needs.
• Acting as a liaison between business stakeholders and technical teams.
• Conducting feasibility studies to assess system requirements.
• Ensuring system design aligns with organizational objectives.

Who is a Business Analyst?

• Key responsibilities:
  • Gathering and documenting business requirements from stakeholders
  • Developing functional specifications for the technical team
  • Evaluating impact of proposed changes on business processes
  • Facilitating communication between business users and developers
  • Assessing value and feasibility of proposed solutions

Who is a Software Engineer?

• Applies software engineering principles to design, development, testing, maintenance, and evaluation of software.
• Software engineers and system analysts are distinct roles with different skills and responsibilities.
• However, they are often involved in collaborative projects, with software engineers designing and coding elements and system analysts designing and managing the system as a whole

Key Responsibilities of a Software Engineer

• Designing, developing, and maintaining software systems
• Writing efficient and scalable code meeting functional and non-functional requirements
• Applying software engineering principles to solve technical problems
• Ensuring system security, performance, and reliability.
• Collaborating with testers and analysts to refine designs

Who is a Software Tester?

• Validating software meets specified requirements.
• Designing and executing test plans, cases, and scripts.
• Identifying, documenting, and tracking software defects.
• Performing different testing types (functional, performance, security).
• Collaborating with developers to resolve defects.

Ethical Issues in Systems Analysis/Software Engineering

• Software professionals have the power to impact society positively or negatively.
• Ethical problems stem from the end product, the development process, and human interactions.
• Obligations relevant to the software professional involve: Self, Society/Public, Colleagues, Client, Employer, Product, Profession

Ethical Behaviour in a Professional Setting

• Ethical behaviour refers to how an individual or organization makes decisions and interacts with stakeholders.
• Aligning decisions, actions, and interactions with moral and professional principles is essential.
• These principles support laws, regulations, and the organization's culture and values.

Technical & Ethical Issues in Systems Analysis/Software Engineering

• Project managers might cut short requirement definition phases to catch up on time.
• Developers may base testing on descriptions of code rather than requirements.
• Misrepresenting, incomplete requirement specification leads to difficulties in meeting user needs, causing potential issues such as product unusability and contracts being cancelled.
• Developers' behaviour influenced by personal interests can become ethically questionable.

Technical and Ethical Issues with System Analyst/Software Engineer

• Misrepresentation of Requirements in Software Specification: Failing to capture or accurately reflect user requirements to meet deadlines or cut costs can result in systems failing to meet user needs.
• Software Design: Difficulty translating domain expertise into software requirements.
• Extreme Pressure to Skip Critical Steps: Skipping essential software development lifecycle (SDLC) steps due to time constraints leads to poor-quality code. This can cause system failures, vulnerabilities, and potential harm to users.
• Insufficient/Incompetent Staff: Lack of project management, bad planning/estimation, or insufficient senior staff can lead to deadly consequences for systems.
• Use of Unauthorized Software: Using illegal or uncredited open-source code violates intellectual property laws and undermines professional ethics.
• Conflicts of Interest: Recommending solutions that benefit personal or third-party interests undermines the integrity of the analyst and decision-making process
• Handling User Data: Collecting, storing, or using user data without consent violates privacy rights and legal regulations. Unauthorized disclosure compromises public welfare and leads to violations, penalties, and damage to reputations
• Security and Privacy: Failing to implement appropriate safety measures exposes users and organizations to cyberattacks, data breaches, and financial damage.
• Bias in Decision-Making: Prioritizing stakeholders' needs based on personal biases leads to biased solutions and harms trust in fairness.
• Red Lies/Over-Promising and Under-Delivering: Statements about projects or products falsely suggesting timely delivery undermines stakeholder relationships and trust.
• Inadequate Risk Management: Ignoring or underestimating potential project risks.
• Inadequate Test Coverage: Skipping necessary test phases due to resources or time constraints.
• Automation Limitations: Over-reliance on automated tools, which may have limitations, can reveal missed or overlooked defects.
• Reporting Bugs: Failing to report all defects, especially critical ones, due to time constraints, risks system unreliability and user satisfaction
• Biased testing: Biased testing methodologies lead to problems in finding all system failures.
• Security and Privacy concerns: Inadequate or ignoring user data sensitive measures can lead to cyberattacks, data breaches, and financial loss.
• Misrepresenting or Falsifying Test Results: Altering or fabricating test reports to show the system passes requirements.

Development of Safety Critical Systems

• Systems whose failure may cause injury or death are called Safety-Critical Systems.

• Developing such systems requires strong adherence to the Software Development Process, with thorough documentation and vigilance

• Developers must work closely with safety and system engineers, using logging and monitoring to track hazards during the project.

• Risk Analysis: Formal risk analysis is essential in safety-critical system design, building, and operation. A formal risk analysis should take account of what can go wrong, the likelihood/probability of occurrences, consequences, and how risks may be resolved or mitigated.

Scenario No. 2: Professional Judgment

• A quality control software engineer suspects issues with flight control software in an experimental fighter jet.
• The engineer faces pressure from employers to sign off on the software despite concerns about sufficient testing.
• Decision-making in this context requires professional judgment and ethical decision-making.

Development of Safety-Critical Systems

• Redundancy: Software should employ multiple interchangeable components for a single function.
• N-version programming: Multiple independently-developed versions of the software can verify functionality to ensure reliability in safety-critical systems.

Following Integrity and Ethics

• Integrity and ethical behaviour are vital for analyst/engineer success.
• Confidentiality/secrecy of client corporate and employee information is a major component
• Analysts/engineers must uphold high ethical standards regarding private proprietary information.
• Follow-through, open communication regarding project setbacks, recognizing strengths and weaknesses are essential for ethical work.

Sources of Ethical Guidance

• Deontological approach to professional ethics (rules-based).
• Professional bodies providing codes of conduct and practice.
• Information system methodologies offering framework and thoroughness.

Role of a System Administrator

• Responsible for setting up and maintaining system and server.
• Includes user administration and system performance monitoring
• Implementing and maintaining security policies (including backup)

Ethical Issues with System Administrators

• Confidentiality: Handling sensitive organizational data like trade secrets and customer information without adequate safeguards is ethically problematic
• Security and Privacy: Failure to implement proper security measures exposes users to risks like data breaches.
• Invasion of Privacy: Monitoring employee web activity and emails can raise privacy concerns. Employee contracts should specify parameters.
• Equality in Reporting: Policies should be transparent/equal in reporting infractions.
• Sensitive Information: Using knowledge gained from previous employment for personal gain without proper ethical/legal guidance.
• Whistle-Blower Situations: Torn between reporting potential illegal/unethical activities and job security.
• Compromising Security: Cutting security measures at a client's request despite evidence that sensitive data will be compromised.
• Consultation Fees: Playing on clients' fears of threats to their IT infrastructure to increase fees.
• The Slippery Slope: A seemingly minor unethical action can escalate into more severe actions.

Ethical Policies

• Informed Consent: Key component to ethical policy, where users understand the rules and system operations.

User Code of Conduct

• Each organization needs written guidelines for acceptable computing systems use
• Guidelines specify acceptable personal use vs forbidden activities.

Privileged Access Code of Conduct

• Users with privileged access need to acknowledge the need to use this access responsibly.
• Limitations on the types of activities that can be done with privileged access are needed.

Building a Security Culture

• Information security must be treated as a corporate culture.
• Employees are expected to be security conscious to support proper security measures and systems.
• Administrators need to adhere to an ethical code.

Description

Test your knowledge on the key responsibilities and roles associated with systems analysis and design. This quiz covers various aspects of software engineering, roles of analysts, and the implications of software development practices. Challenge yourself on topics ranging from productivity to system requirements assessment.