B4- Information Systems and Communications Flashcards
Sequence of AIS events
1) transaction data from source docs is entered into the AIS by an end user
2) the original paper source docs are filed
3) the transactions are recorded to the appropriate journal
4) transactions are posted to general and sub ledgers
5) trial balances are prepared
6) financial reports are generated
Business Info System (BIS)
Hardware, software, network, people, and data
XBRL -
eXtensible Business Reporting Language
- Derived from XML (eXtensible markup language)
- open, royalty-free, internet-based info system for reporting needs of all kinds
Transaction Cycles - def.
Transaction cycles generally capture commonly-occuring transactions (EG customer transactions,) and process them repeatedly / in a nearly identical fashion
Also ref. as “Transaction Processing”
Block Code
Sequential Code
Object Code
Group Code
Block Code
(EG - cash to 1000’s, liabilities to 2000’s in the GL)
Sequential Code (Numbers docs, transactions, or other items in order. EG customer orders?)
Object Code (created by instructor, represents Intermediate instruction that takes program code --> machine language)
Group Code (Imbeds intelligence into dif. numbers associated with an item; eg coding insurance policies)
Hierarchy of Data in a System
Character (symbol, e.g. letter or number)
Field (collection of letters/numbers, EG name or Address)
Record (group of fields – EG name and address in the A/R Record)
File (group of records - EG A/R Subledger)
Systems Programmer and Application programmer as same person…
NO!
Huge internal control risk.
Database Admin (DBA) responsibilities:
- design/control firm database; incl. app. independence, back-up, and recovery procedures
- assignment of user codes and maintenance of other security measures
- control of all changes in data structure and programs that use the database
Who needs to be UNINVOLVED:
Application programmers!!!
The COBIT (Control Objectives for Information and Related Technology) Framework Includes –
ICE RACE
Integrity
Confidentiality
Efficiency
Reliability
Availability
Compliance
Effectiveness
COBIT -
The 5 areas of IT governance
Value Delivery Strategic Alignment Resource Management Risk Management Performance Management
Enterprise Architecture for IT
Combination of IT resources - EG applications, information, infrastructure, and people)
Along with Defined Processes
The COBIT 4 Domains (PO AIDS ME)
Process & Organize
(direct the IT process)
Acquire and Implement
(Deliver the IT SOLUTION)
Deliver and Support
(Deliver the IT SERVICE)
Monitor and Evaluate
(Ensure directions are followed)
Management Information Systems
Provides managerial and other end users with reports
transaction processing systems and biz. info. systems are not types of MIS
Systems Analyst
Design an internally developed application system… and possibly also, modify network specifically to this purpose
Prepare Specs for Programmers
INTERMEDIARY Between end-users and programmers
SOMETIMES combined with programmers to create programmers/systems analysts
Decision Support Systems
interactive support for managers during decision-making
but NOT for as high-level as executives, that would be the Executive Information System
Network Administrator
Network admin. support computer networks. A network admin. sets up and configures a computer network so that multiple computers can share the same data and info.
After a network is established, the work is mostly monitoring and troubleshooting
Sometimes, network admin are called telecom. analysts or network operators. (SEE ALSO: security admin)
Program-Level Policy
Describes Info. Security of a co., and assigns responsibility for achievement of security objectives to the IT department
Program-framework policy
Adds details to the IT program by describing the elements and org. of the program, and the dept. that will carry out the security mission.
Encryption by hardware > Encryption by software?
True
Technical Security Controls
Admin. Security Controls
Logical controls
Technical Security Controls
(user log-in and logical access controls, as well as antivirus software firewalls)
Admin. Security Controls
(separation of empl. duties, biz continuity planning, and proper hiring practices)
Logical controls
(software safeguards for an entitys computer systems ID and software access)
Electronic Data Interchange (EDI)
EDI is comp-2-comp exchange of biz transaction documents (EG purchase orders, confirms, invoices)
- Structured in a format that allows direct processing of this DATA by the receiving system
- TRANSLATION SOFTWARE required
- security should come thru a hardware device and not software
- Often uses VAN (BATCHD) though can use Internet (non-batched)
- SEE ALSO: Value added network (VAN)
Value Added Network (VAN)
VANs are PRIVATELY owned and managed communication networks that provide addit’l services beyond the standard data transmission.
VANS often used for EDI.
What does EFT Electronic funds transfer do?
Reduce data entry errors
CRM systems
Provide sales force automation and customer service
E-cash
Paypal
Cloud computing
Virtual servers that allow users (including Orgs) to have access to applications and services over the Internet on a real-time basis.
These services are offered from data centers all over the world, which is consistent with the term “the cloud”
Firewall
a system of user identification and authentication that prevents unauth’d users from gaining access to network resources.
Primary purpose is to block unauth. access to the network
Can a virus run independently?
No
Circuit-level gateways
Only allow data into a network that results from requests from computers INSIDE the network
Packet Filtering
Examines packets of data as they pass thru a firewall. Packet filtering is the SIMPLEST type of firewall configuration
client/server applications - 3-tiered architecture?
Desktop Client
Application
Database
Relational Database
Data stored in 2D tables that are related to each other by keys
