CPA Information Communication Technology Data security
Back to Unit

Data security

Unit: Information Communication Technology

Premium Topic Resources

Sign in to download the full Topic PDF and enable offline revision mode.

Login to Access
Join the community! 550+ students upgraded in the last 24 hours. Limited Discount Seats Available

Practice CPA Information Communication Technology Data security questions with detailed answers and explanations.

Access past exam questions by topic, improve your understanding, and download PDF for offline revision.

April 2026

 3 Questions
Question 5
​ ​​Unity Bank is developing an Artificial Intelligence (AI) powered loan assessment platform. 

 Required:
 (a) Stakeholder resistance has emerged during requirements gathering. 

 (i) Highlight TWO causes of user resistance. 

 (ii) Recommend TWO strategies for effective change management.

(b) The AI system relies on large datasets. 

 Evaluate FOUR data governance challenges associated with big data and machine learning systems. 

 (c) Artificial Intelligence is transforming accounting and governance.

 Examine FOUR ethical, professional and workforce implications of AI adoption in the accounting or governance profession. 

 (d) Evaluate FOUR ways Systems Development Life Cycle (SDLC) manages risks in AI-based system development. 


Answers and Explanations are locked.

Login to View Answer
Question 3
​​BrightPath Microfinance operates in multiple regions and processes sensitive customer financial data. 
 
Required: 
(a) The institution has experienced phishing attacks targeting finance staff. 
 
 Analyse TWO organisational weaknesses that enable such attacks and propose mitigation strategies. 

(b) Management is considering adopting a zero-trust security model. 
 
Assess FOUR strategic implications of implementing zero-trust architecture.  

(c) Citing  THREE reasons, justify the most appropriate network architecture for secure inter-branch communication. 
 
(d) A cybersecurity audit revealed vulnerabilities in endpoint devices. 
 
 Evaluate THREE major cyber threats affecting financial institutions and recommend layered security controls.  


Answers and Explanations are locked.

Login to View Answer
Question 1
​​(a) A recent system crash disrupted operations for two days.

(i) Explain TWO roles of system recovery planning. 

(ii) Recommend TWO continuity mechanisms.  

Rafiki Holdings is considering virtualisation to reduce infrastructure costs.

 Assess FOUR benefits of implementing virtualised environments. 

(C) Analyse THREE ways in which ICT alignment with business strategy could create competitive advantage for Rafiki Holdings.

(d) The organisation is deciding between Windows Server and Linux Server environments. 
     
      Evaluate THREE critical operating system features that should influence this decision in an enterprise accounting environment. 


Answers and Explanations are locked.

Login to View Answer

December 2025

 2 Questions
Question 7d
​​ABC Ltd. wants to improve its data security. 

Required: 
Higlight SIX administrative controls that the company should implement.


Answers and Explanations are locked.

Login to View Answer
Question 3d
​ ​​Assess FOUR security issues associated with wireless networks.


Answers and Explanations are locked.

Login to View Answer

August 2025

 2 Questions
Question 4c
​​Explain the following terms in the context of data security: 
 
(i) Malware.   
 
(ii) Social engineering.  


Answers and Explanations are locked.

Login to View Answer
Question 5a
​​Using a suitable example in each of the cases below, explain the purpose of: 
 
(i) Data backup.                                                                       
 
(ii) Data archiving.    


Answers and Explanations are locked.

Login to View Answer

December 2024

 3 Questions
Question 7
​​(a) Outline FOUR features that should be considered when choosing a presentation software. 
 
(b) Distinguish between “incremental backup” and “differential backup”.   
 
(c) Maureen Bett was required to outline system specifications to be used in a proposed information system.  
 
 Describe THREE typical contents of the specification document.       
  
(d) Citing an example in each case, explain THREE methods of linking worksheets in a spreadsheet.


Answers and Explanations are locked.

Login to View Answer
Question 3
​​(a) Outline FOUR potential risks of using outdated software.
 
(b) Highlight FOUR environmental impacts of Information Communication Technology (ICT) in business. 
 
(c) Discuss THREE roles of source document integration in computerised accounting systems. 
 
(d) Examine SIX reasons why an operating system is deemed crucial for the proper functioning of a computer system.     


Answers and Explanations are locked.

Login to View Answer
Question 1
​​(a) Highlight FOUR ways of recovering data lost through accidental erasure.     
 
(b) Describe FOUR activities that are carried out during information system implementation phase.    
 
(c) Outline SIX ways in which the internet can be used in banking and finance. 
 
(d) Examine SIX challenges businesses face when integrating enterprise applications for business process integration.  


Answers and Explanations are locked.

Login to View Answer

August 2024

 2 Questions
Question 2
​​(a) Explain TWO benefits of using pivot tables in a spreadsheet software.    
 
(b) Outline FOUR applications of mobile computing in the financial sector.    
 
(c) Describe FOUR ways in which the Internet of Things (IoT) impacts our daily lives.     
 
(d) Examine FOUR ways on how an organisation should handle sensitive data in order to ensure confidentiality, 
prevent unauthorised access and data misuse. 


Answers and Explanations are locked.

Login to View Answer
Question 3
​ ​​(a) Highlight THREE important factors to consider when choosing a network topology.      
 
(b) An organisation processes and stores large volumes of data in an information system.  
  
 Explain THREE data security goals that the organisation might aim to achieve in the above scenario.   
 
(c)  (i)  Examine TWO challenges of e-commerce infrastructure.   
 
 (ii)  Describe FOUR ways that could be used to secure an e-commerce infrastructure.  
 
(d) Using an appropriate scenario, demonstrate how you would solve a business problem using spreadsheet solver. 


Answers and Explanations are locked.

Login to View Answer

April 2024

 4 Questions
Question 5
​​(a) Outline SIX core processes for software development. 

(b) Explain TWO reasons why a major operating system must evolve over time. 

(c) Examine THREE methods that could be used to prevent social engineering related attacks. 

(d) Explain TWO advantages and TWO disadvantages of digital wallets as an ecommerce payment method.


Answers and Explanations are locked.

Login to View Answer
Question 1
​​(a) List TWO limitations of mobile computing.                                                           
 
(b) Identify SIX factors to consider in the selection and acquisition of a computer operating system. 
 
(c) Every organisation, regardless of its size or industry needs to prioritise the implementation of robust data security controls. 
 
Explain FOUR types of data security controls. 
 
(d) Quick Response (QR) codes have gained significant popularity in recent years, becoming a widely adopted technology for various purposes. 
 
Outline FOUR reasons for the popularity of QR codes. 


Answers and Explanations are locked.

Login to View Answer
Question 7
​​(a) (i)  Identify FOUR security threats in mobile applications. 
 
      (ii)  Propose an appropriate measure to mitigate each of the threats identified in (a) (i) above. 

(b) Social concerns in information systems are a crucial aspect of the development and implementation of information systems. These concerns are related to ethical, social, political and moral issues that arise from the use of information systems. 

Examine FOUR social issues in Information Systems. 
 
(c) Describe FOUR events that might spark an iterative process in software development. 


Answers and Explanations are locked.

Login to View Answer
Question 3
​​(a) An increase in online data processing has led to increased rate of computer crimes.  
 
Describe THREE control measures that could be put in place to reduce computer crime rate in organisations.     
 
(b) Explain THREE circumstances that would necessitate the use of pilot approach during system change over.    
 
(c) Explain the following functions as used in spreadsheet application: 
 
(i) SUMIF. 
 
(ii) PMT.

(d) An organisation installed an inhouse developed application software to support their operations. 

 State FOUR advantages they would gain by using this software.  


Answers and Explanations are locked.

Login to View Answer

December 2023

 1 Questions
Question 4
​​(a) Explain TWO circumstances that would necessitate the use of speaker notes during a presentation.  
 
(b) Baraka Company limited networked their computers to enhance their operations.  
 
Outline FOUR methods they could use to maintain security for their information in the network. 
 
(c) Explain THREE ethical issues related to e-commerce for a business organisation.  
 
(d) Justify with THREE reasons why an organisation would install a tailor-made software.  


Answers and Explanations are locked.

Login to View Answer

August 2023

 4 Questions
Question 4
​​(a) Distinguish between “Executive Support System (ESS)” and “Decision Support System (DSS)”.  
 
(b) Highlight SIX advantages of Conditional Formatting in a spreadsheet program.       
 
(c) Explain THREE components of a computer network.        
 
(d) Analyse SIX benefits of developing a Disaster Recovery Plan (DRP).     


Answers and Explanations are locked.

Login to View Answer
Question 3
​​(a) Highlight TWO ethical issues that need to be considered by an  information systems development team. 
 
(b) Explain TWO types of computer networks under each of the following criterion: 
 
(i) Functionality.               
 
(ii) Ownership.   
 
(iii) Transmission media.     
 
(c) Assess THREE information system vulnerabilities and their respective countermeasures.   


Answers and Explanations are locked.

Login to View Answer
Question 2c
​​Examine THREE ways in which an operating system provides data security in a computer system.


Answers and Explanations are locked.

Login to View Answer
Question 2a
​ ​​​​​Highlight THREE principles used to measure the integrity of data in an information system.


Answers and Explanations are locked.

Login to View Answer

April 2023

 5 Questions
Question 6c
​​Evaluate restoration procedures that could be used to recover lost data


Answers and Explanations are locked.

Login to View Answer
Question 4c
​​ (i) Explain basic control measures that organisations could take to improve security on personal devices that employees connect to an organisation’s network.

(ii) Describe Bring Your Own Device (BYOD) security best practices in an organisation


Answers and Explanations are locked.

Login to View Answer
Question 1b
​ ​​Explain ways of protecting yourself from identity theft.


Answers and Explanations are locked.

Login to View Answer
Question 2a
​ ​​(i) Explain reasons why most threats to an organisation’s information system are contributed by insiders.

(ii) State ways of preparing against insider threats


Answers and Explanations are locked.

Login to View Answer
Question 3c
​​​​​Bidii Company has established that its information is being electronically eavesdropped through their servers. 

Outline FOUR measures that the company could put in place to minimise this crime.


Answers and Explanations are locked.

Login to View Answer

December 2022

 1 Questions
Question 4e
​​Assess ways in which general ICT controls ensure the reliability of data generated information systems.


Answers and Explanations are locked.

Login to View Answer

August 2022

 3 Questions
Question 3
​​(a) Formulate four questions that would enable you to conduct stakeholder analysis in system development. 

(b) Explain the bookmark feature in the context of the internet browsing.

(c) Identify the type of cell referencing used in the spreadsheet expressions below: 

 (i) =RANK($C$3 : $A$10,0) 

 (ii) =SUM(A$3 : A12)

(d) Differentiate between sorting and filtering as used in worksheet data management.

(e) Differentiate between proofreading and formatting a document as used in word processing. 

(f) A comprehensive backup plan is an essential tool for information security for the entire organisation. Not only should the data on the corporate servers be backed up, but individual computers used throughout the organisation should also be backed up. With reference to the above statement, discuss three components of a good backup plan.

(g) Explain each of the following terms as used in internet: 

 (i) Cookies.

 (ii) Blog.


Answers and Explanations are locked.

Login to View Answer
Question 6
​​(a) An insurance company has decided that it no longer requires a physical Head Office. Its strategic aim is to become a virtual organisation. The company’s auditors have concerns that information held by the virtual company would lack security. 

Required: 
Describe three measures that could be adopted to ensure the information in the insurance company remain secure.

(b) Highlight three challenges of prosecuting ICT cases in court.

(c) Explain four application areas of cloud computing technology in a governance/accounting services firm. 

(d) Identify five major management challenges to building and implementing information systems within an organisation. 

(e) Outline two limitations of a touch screen as an input device. 


Answers and Explanations are locked.

Login to View Answer
Question 1
​​(a) Suggest the ethical issues resulting from each of the following technological trends:  
 
(i) Doubling of computing power every eighteen (18) months.              
 
(ii) Rapidly declining data storage costs.
 
(iii) Advances in networking and the internet.    
 
(b) Outline four characteristics of an open system.
 
(c) Describe five moral dimensions of information systems. 
 
(d) Outline three measurers that you could include in your business continuity plan. 
 
(e) Explain the purpose of HLOOKUP as used in spreadsheet applications.  


Answers and Explanations are locked.

Login to View Answer

April 2022

 4 Questions
Question 3
​​(a) Discuss six reasons why a computer operating system is considered as a resource manager. 

(b) It is possible to lose a laptop, a mobile phone or a flash disk. 
     Discuss four ways you could protect the data in your device to minimise data breach. 

(c) The Tangaza County Government intends to establish information centres. 
     Explain two services that are likely to be offered at the centres. 

(d) State two challenges of using computerised accounting software in an organisation.


Answers and Explanations are locked.

Login to View Answer
Question 4
​​(a) Discuss the importance of information security policies.

(b) Explain four reasons why an organisation may prefer to install a peer to peer networking model.

(c) Outline seven indicators of a successful information system.


Answers and Explanations are locked.

Login to View Answer
Question 6
​​(a) Discuss three benefits that are provided by mobile devices and applications for health care professionals.

(b) (i) Explain the term "Uniform Resource Locator (URL)".

(ii) Using an example, explain the functions of each of the three key parts of a URL.

(c) Assess three benefits of data backup and recovery procedures in a business. 


Answers and Explanations are locked.

Login to View Answer
Question 1
​​(a) Explain five factors to consider when selecting a spreadsheet software.

(b) Explain the following terms as applied to data security in e-commerce.

    (i) Privacy. 
   
   (ii) Integrity. 

  (iii) Authentication.

  (iv) Non-repudiation.

(c) (i) Outline two advantages of a professional code of ethics. 

     (ii) Highlight two drawbacks of a professional code of ethics.

(d) Examine three impacts of the internet on the education sector.


Answers and Explanations are locked.

Login to View Answer
Related Topics