B4

Question 1

Information technology

Answer 1

A general term that encompasses many different computer-related components.

Question 2

Business information system

Answer 2

• one of the most basic and vital information technology components of any business
• can be divided into the categories of transaction processing systems, enterprise resource planning systems, decision support systems and executive information systems

Question 3

5 components of information technology

Answer 3

• hardware
• software
• network
• people
• data/information

Question 4

Hardware

Answer 4

• The actual physical computer or computer peripheral device

- PC, workstation, mainframe, disk drive, tape drive, monitor, mouse, printer, scanner, keyboard

Question 5

Software

Answer 5

-Includes the systems and programs that process data and turn that data into information

Question 6

Network

Answer 6

Made up of the communication media that allows multiple computers to share data and information

Question 7

Data

Answer 7

Raw facts

Question 8

Information

Answer 8

Created from data that have been processed and organized and is useful for decision making

Question 9

4 Primary roles in business operations

Answer 9

1. To process detailed data (TPS)
2. To provide information used for making daily decisions
3. To provide information used for developing business strategies
4. To take orders from customers

Question 10

Accounting information system

Answer 10

A type of management information system; it may also be partly a transaction processing system and partly a knowledge system. A well designed AIS creates an audit trail for accounting transactions.

Question 11

Basic accounting trail

Answer 11

source document input–> file –> journal –> ledger –> trial balance –> financial statements reports

Question 12

Functions performed on data (5)

Answer 12

1. collect
2. process
3. store
4. transform
5. distribute

Question 13

Objectives of an AIS (5)

Answer 13

• record valid transactions
• properly classify those transactions
• record the transactions at their proper value
• record transactions in the proper accounting period
• properly present the transactions and related information in the financial statements of the organzation

Question 14

Revenue cycle

Answer 14

Transactions associated with the sale of goods or services that produce cash or other assets

• customer orders and credit verification
• accounts receivable
• cash receipts

Question 15

Expenditure cycle

Answer 15

Transactions associated with purchase of goods or services that use cash or produce debt or other obligations

• purchasing
• inventory control (WIP)
• accounts payable
• cash disbursements

Question 16

Production cycle

Answer 16

Transactions associated with the conversion of resources into products or services

• product design and production planning
• product manufacturing
• inventory control (finished goods)

Question 17

Human resources/payroll cycle

Answer 17

Transactions associated with all phases of employee administration

• HR
• Time and attendance
• payroll disbursements
• payroll tax reporting

Question 18

Sequence codes

Answer 18

Are generally used to ensure that all transactions or documents are accounted for. A list of transactions should include neither duplicates nor gaps in the number sequence

Question 19

Block codes

Answer 19

Use blocks of numbers to group similar items

Question 20

Group codes

Answer 20

Have additional information over block codes, within the account or item number, different groups of numbers have meaning. Example=FASB codification

Question 21

Entity

Answer 21

the subject of the stored information (employee, customer)

Question 22

Attributes

Answer 22

the specific items of interest for each entity (rate of pay for employees, credit rating)

Question 23

Field

Answer 23

Contains a single piece of information of the entity

Question 24

Record

Answer 24

Includes all attributes about a single instance of an entity

Question 25

Data value

Answer 25

The contents of fields

Question 26

Advantages of centralized processing

Answer 26

• enhanced data security

- consistent processing

Question 27

Disadvantages of centralized processing

Answer 27

• possible high cost
• increased need for processing power and data storage
• reduction in local accountability
• bottlenecks
• delay in response time
• increased vulnerability

Question 28

Periodic scheduled reports

Answer 28

The traditional reports that display information in a predefined format and are made available on a regular basis to end users of the system

Question 29

Exception reports

Answer 29

Are produced when a specific condition or exception occurs

Question 30

Demand reports (pull)

Answer 30

Available on demand, often referred to as a response report because an end user can log onto a workstation and obtain a response in the form of a report without waiting for scheduled report creation

Question 31

Ad Hoc reports

Answer 31

One that does not currently exist but that can be created on demand, without having to get a software developer or programmer involved.

Question 32

Push reports

Answer 32

information can be pushed and sent to a computer screen or computer desktop. An enduser creates a template or profile specifying the information desired. A program then searches for content that meets the requirements of the profile and sends the information to the end user’s desktop without further action on the user’s part.

Question 33

Transaction processing systems

Answer 33

The systems that process and record the routine daily transactions necessary to conduct business. The functions of such a system are normally predefined and highly structured. In high-volume situations, a premium may be placed on system speed and efficiency.

Question 34

Management information system

Answer 34

Provides users predefined reports that support effective business decisions (tactical).

Question 35

Decision support systems

Answer 35

An extension of an MIS that provides interactive tools to support decision making. May provide information, facilitate the preparation of forecasts, or allow modeling of various aspects of a decision.

Question 36

Executive information system

Answer 36

Provide senior executives with immediate and easy access to internal and external information to assist in strategic decision making.

Question 37

Systems development life cycle (SDLC)

Answer 37

Provides a framework for planning and controlling the detailed activities associated with systems development.

Question 38

The steps in the SDLC (A DITTO)

Answer 38

systems Analysis
Design (conceptual and physical)
Implementation and conversion 
Training
Testing
Operations and maintenance

Question 39

COBIT 5 governance objectives

Answer 39

• strategic alignment
• value delivery
• resource management
• risk management
• performance measurement

Question 40

COBIT 7 information criteria (ICE RACE)

Answer 40

Integrity
Confidentiality
Efficiency

Reliability
Availability
Compliance
Effectiveness

Question 41

4 Domains of COBIT (PO AIDS ME)

Answer 41

Plan and Organize
Acquire and Implement
Deliver and Support
Monitor and Evaluate

Question 42

Input controls (3)

Answer 42

1. data validation and the field level
2. prenumbering forms
3. well-defined source data prep procedures

Question 43

Processing controls (6)

Answer 43

1. data matching
2. file labels
3. recalculation of batch totals
4. cross-footing and zero balance tests
5. written protection mechanisms
6. database processing integrity procedures

Question 44

Output controls (4)

Answer 44

1. user review of output
2. reconciliation of procedures
3. external data reconciliation
4. output encryption

Question 45

Role of system analyst (internally developed system)

Answer 45

• works with end users to determine system requirements-
• designs the overall application system
• determines the type of network needed

Question 46

Role of system analyst (purchased system)

Answer 46

• integrates the application with existing internal and purchased applications
• provides training to end users

Question 47

Role of application programmers/software developer

Answer 47

• responsible for writing and/or maintaining application programs
• should not be given write/update access to data in production systems or unrestricted and uncontrolled access to application program change management systems

Question 48

Role of system programmer

Answer 48

• responsible for installing, supporting, monitoring, and maintaining the operating system
• capacity planning functions
• should not be given write/update access to data in production systems or access to change management systems

Question 49

Role of computer operator

Answer 49

-scheduling and running processing jobs

Question 50

Role of IT supervisor

Answer 50

manage the functions and responsibilities of the IT department

Question 51

Role of file librarian

Answer 51

-store and protect programs and tapes from damage and unauthorized use

Question 52

Role of data librarian

Answer 52

-has custody of and maintains the entity’s data and ensures that production data is released only to authorized individuals when needed

Question 53

Role of security administrator

Answer 53

• responsible for the assignment of initial passwords and often the maintenance of those passwords
• overall operation of the various security systems and the security software in general

Question 54

Role of database administrator

Answer 54

-responsible for maintaining and supporting the database software and performing certain security functions

Question 55

Role of network administrator

Answer 55

-support computer networks through performance monitoring and troubleshooting

Question 56

Role of web administrator

Answer 56

-responsible for information on a website

Question 57

Role of data input clerk

Answer 57

• prepare, verify, and input data to be processed

- function is now increasingly distributed to the end users

Question 58

Role of hardware technician

Answer 58

-sets up and configures hardware and troubleshoots any resulting hardware problems

Question 59

Role of end user

Answer 59

-workers in an organization who enter data into a system or who use the information processed by the system

Question 60

Segregation of duties

Systems analysts vs. computer programmers

Answer 60

System analysts design an information system to meet users needs whereas computer programmers use that design to create an information system by writing computer programs. Analysts often are in charge of hardware and programmers are in charge of application software. Theoretically, if the same person was in charge of hardware and software, that person could easily bypass security systems without anyone knowing and steal organizational information or assets.

Question 61

Segregation of duties

Computer operators vs. computer programmers

Answer 61

It is important that computer operators and computer programmers be segregated because a person performing both functions could make unauthorized and undetected program changes

Question 62

Segregation of duties

Security administrators vs. computer operators and computer programmers

Answer 62

Security administrators are responsible for restricting access to systems, applications, or databases to the appropriate personnel. If the security administrator were also a programmer or an operator for that system, that person could give himself/herself or another person access to areas they are not authorized to enter.

Question 63

Uninterrupted power supply

Answer 63

A device that maintains a continuous supply of electrical power to connected equipment, also called a battery backup.

Question 64

Electronic Commerce

Answer 64

The electronic completion of exchange (buying and selling) transactions is called e-commerce. It can use a private network or the Internet

Question 65

Electronic Business

Answer 65

Any use of information technology, particularly networking and communications technology, to perform business processes in an electronic form, may or may not relate to the purchase and sale of goods or services

Question 66

Electronic data interchange

Answer 66

Computer-to-computer exchange of business transaction documents in structured formats that allow the direct processing of the data by the receiving system

Question 67

Enterprise resource planning system (ERP)

Answer 67

A cross functional enterprise system that integrates and automates the many business processes and systems that must work together in the manufacturing, logistics, distribution, accounting, finance, and human resources functions of a business. Comprises a number of modules that can function independently or as as integrated system to allow data and information to be shared among all of the different departments and divisions of large businesses.

Question 68

Supply chain management

Answer 68

Concerned with the 4 important characteristics of every sale: what, when, where, and how much. It is the integration of business processes from the original supplier to the customer and includes purchasing, materials handling, production planning and control, logistics and warehousing, inventory control, and production distribution and delivery.

Question 69

Customer relationship management system

Answer 69

Provide sales force automation and customer services in an attempt to manage customer relationships. Record and manage customer contacts, manage salespeople, forecast sales, manage sales leads, provide and manage online quotas and product specifications and pricing, and analyze sales data.

Question 70

Electronic funds transfer system

Answer 70

A form of electronic payment for banking and retailing. uses a variety of technologies to transact, process, and verify money transfers and credits between banks, businesses, and consumers.

Question 71

Application service providers

Answer 71

Provide access to application programs on a rental basis. They allow smaller companies to avoid the extremely high cost of owning and maintaining today’s application systems by allowing them to pay only for what is used. The ASPs own and hose the software and users access it via a web browser.

Question 72

Hypertext markup language (HTML)

Answer 72

Tag-based formatting language used for Web pages. It provides a means to describe the structure of text-based information in a document and to replicate information in a Web page by using the tags in the text

Question 73

Hypertext Transfer Protocol (HTTP)

Answer 73

The communications protocol used in transfer Web pages on the World Wide Web

Question 74

Uniform Resource Locator (URL)

Answer 74

The technical name for a Web address which consistently directs the user to a specific location on the Web

Question 75

Strategic risk

Answer 75

the risk of choosing an inappropriate technology

Question 76

Operating risk

Answer 76

the risk of doing the right things in the wrong way

Question 77

Financial risk

Answer 77

the risk of having financial resources lost, wasted, or stolen

Question 78

Information risk

Answer 78

the risk of loss of data integrity, incomplete transactions, or hackers.

Question 79

Risk

Answer 79

the possibility of harm or loss

Question 80

Threat

Answer 80

any eventuality that represents a danger to an asset or a capability linked to hostile intent

Question 81

Vulnerabilty

Answer 81

a characteristic of a design, implementation, or operation that renders the system susceptible to a threat

Question 82

Incremental backup

Answer 82

involves copying only the data items that have changes since the last backup

Question 83

differential backup

Answer 83

copies all changes made since the last full backup. each new differential backup file contains the cumulative effects of all activity since the last full backup.