B4- Information Systems & Communication Flashcards

Question

Master file

Answer 1

like a ledger

Answer 2

like a journal

Answer 3

interrelated files

Answer 4

transactions are processed to keep info current methods: either Batch or OLRT

Answer 5

* Documents- check, PO, receipt * Reports- internal or external * Query- request for specific data

Answer 6

Transactions are collected and groupedby type. These groups (batches) are processed periodically. May use sequential storage or random access storage devices * always a time delay (slower) * Steps: 1) Create a transaction file (batch file), 2) Update the master file * Compare manual and computer-generated batch totals

Answer 7

master files are updated as the transactions are entered. requires random access storage devices only * immediate processing (faster) * OLRT often used in network systems * Point-of-sale systems (POS)- scanners

Answer 8

magnetic tape data stored in sequential order, eventually will need to write over earlier data when full

Answer 9

Hard drive computer immediately updates device and files are stored everywhere

Answer 10

CENTRALIZED- all data @ central location (motherboard) Pros: * enhanced data security * consistent processing Cons: * possible high cost * inc need for processing & data storage @ center * reduction in local accountability * bottlenecks DECENTRALIZED- spread out over many locations via LAN/WAN

Answer 11

* Periodic Scheduled Reports (monthly F/S) * Exception Reports (credit bal \> credit limit) * Demand Reports/Response Reports/Pull Reports * Ad Hoc Reports (end user creates w/ query) * Push Reports (updates when data changes) * Dashboard Reports (summary info for management)

Answer 12

* _Transaction Processing Systems (TPS)_- process & record routine daily transactions * _Management Information Systems (MIS)_- reports * _Decision Support Systems (DSS)_- assist managers in making DAILY business decisions/Interactive System * _Executive Information Systems (EIS)_- only used by top managers, immediate & easy assess for strategic decision making

Answer 13

Provides a framework for planning & controlling the detailed activities associated with systems development "Big-design-up-front" / waterfall approach A DITTO * A- Systems Analysis & Planning * D- Design (conceptual & Physical) * I- Implementation & Conversion * T- Training * T- Testing * O- Operations & Maintenance

Answer 14

- Define nature & scope of project, and identify strengths and weaknesses - conduct in-depth study of proposed system & determine feasibility

Answer 15

- Identify & evaluate the appropriate design alternatives to meet user needs. - New systems might involve: buying software, developing software in-house, or outsourcing systems development

Answer 16

1. Install new hardware/software 2. Hire/relocate employees to operate the system 3. Test/modify new processing procedures 4. Establish/document standards and controls for the new system 5. Convert to new system & dismantle old 6. Fine-tuning

Answer 17

Control Objectives for Information & Related Technology (COBIT) framework provides a set of measures, indicators, processes & best practices to maximize the benefit of IT

Answer 18

* Business Objectives * Governance Objectives * Information Criteria * IT Resources * Domains & Processes

Answer 19

* Effective Decision Support * Efficient Transaction Processing * Reporting Requirements

Answer 20

1. Strategic Alignment- btwn IT & customer satisfaction 2. Value Delivery- IT delivers benefits to adv overall bus strat --\> cust satisfaction 3. Resource Management- applications, info, infrastructure, people 4. Risk Management (B1)- risk awareness by understanding risk appetite & risk man responsibilities 5. Performance Measurement- essential!

Answer 21

General Controls- Control environment is stable & well managed Application Controls- prevent, detect & correct error & fraud

Answer 22

* Info _Systems_ Management Controls * _Security_ Management Controls * IT _Infrastructure_ Controls * _Software_ acquisition, development & maintenance controls

Answer 23

* Accuracy * Completeness * Validity * Authorization

Answer 24

* Data Matching * Recalculation of Batch Totals * Cross-Footing and Zero-Balance Tests

Answer 25

Input Controls- "garbage in, garbage out" Output Controls- user review of output, reconciliation, & encryption

Answer 26

* Strategic Master Plan- planning LT growth * Data Processing Schedule * Steering Committee- guide & oversee systems development & acquisition * System Performance Measurements

Answer 27

* Internally Developed System: deign hardware & decide network * Outside Purchased System: (System Integrators)- integrate new system w/ old

Answer 28

* Application Programmer/Software Developer- can be system integrators * System Programmer- install, support, monitor & maintain operating system

Answer 29

manages IT department

Answer 30

controls files from damage & unauthorized use

Answer 31

has custody & maintains entity's data

Answer 32

assigns & maintains passwords

Answer 33

* Database Adminstrator (DBA)- maintains & supports database software * Network Adminstrator- supports computer networks * Web Administrator- responsible for info on website

Answer 34

sets up & configures hardware & troubleshoots problems

Answer 35

anyone who enters data or uses information

Answer 36

end user (scientist who knows the data, but DBA designs system)

Answer 37

represent management's formal notification to employees regarding the entity's objectives

Answer 38

file librarian

Answer 39

File Backup Son = most recent back up... w/ 2+ previous backups periodic (daily) transaction files are stored separately

Answer 40

can be shut down = easy, backup when no one is on system do not shut down = more difficult and technically complex

Answer 41

file backup the backup computer is an exact real time duplicate of the actual system. very expensive but efficient

Answer 42

used so equipment does not lose power or crash during power outage aka battery backup

Answer 43

prevent unauthorized changes & track changes

Answer 44

encryption involves using a digital key to encrypt plaintext into cybertext. The intended recipient uses their digital key to decrypt the cybertext back to plaintext

Answer 45

electronic doc, created & digitally signed by trusted party

Answer 46

system used to issue & makage keys & digital certificates

Answer 47

* length \> 7 characters * complexity, contain 3/4 character types * age- NSA: 90 days * reuse- NSA: not last 24

Answer 48

* HR (& IT) provides new employee initial access & authorization for system access * HR & IT must make changes for employee in position

Answer 49

the most crucial element in a corporate information security infrastructure & must be considered long before security technology is acquired & deployed

Answer 50

require people to protect information

Answer 51

E-Commerce electronic exchange transactions E-Business any use of IT in business (may or may not involve a transaction

Answer 52

is the computer to computer exchange of business transaction documents that allow direct processing (no human input)

Answer 53

* Reduced Handling Costs & Increased Processing Speed * Standard Data Format (XML) * Communications- use VAN

Answer 54

* Legal Costs (trade contracts) * Hardware Costs * Costs of Translation Software * Costs of Data Transmission (VAN) * Process Reengineering & Employee Training Costs * Security, Monitoring & Control Procedures

Answer 55

VAN * costs more * more secure * slower (batch) Internet * costs less * less secure * faster (OLRT)

Answer 56

= improving systems over time

Answer 57

* Tradition * Resistance * Time & Cost Requirements * Lack of Management Support * Retraining

Answer 58

* Speed- faster processing (Internet) * Timing- 24/7 * Personalization- online profile * Security- encryption * Reliability- no opportunity for human error

Answer 59

* store info in central repository so dat may be intered, accessed, & used by various deprtments * Provide vital cross-functional info quickly to managers for strategic planning (EIS)

Answer 60

* What- goods received should match goods ordered * When- goods should be delivered by data promised * Where- goods should be delivered to location requested * How much- goods should cost as low as possible

Answer 61

To Achieve Flexibility & Reposnsiveness Through: * Planing * Sourcing * Making * Delivery

Answer 62

to increase customer satisfaction 80% of sales come from 20% of customers

Answer 63

* third party vendor * data encryption * reduction in errors

Answer 64

renting systems * Adv- lower cost, greater flexibility * Disadv- possible security & privacy risks, possible poor support by ASP

Answer 65

Colllaborative Websites & Social Networking Dynamic Content

Answer 66

collages of other webpages & info

Answer 67

not integrated with the accounting system ex: shopping cart software

Answer 68

Larger companies, integrated into a single software system

Answer 69

virtual servers over the Internet (less expensive)

Answer 70

Hypertext Markup Language formatting for webpage

Answer 71

Hypertext Transfer Protocol transfers pages to web

Answer 72

Uniform Resource Locator http://www.Becker.com.us * http:// (transfer protocol) * www (server) * Becker (domain name) * .com (top-level domain) * .us (country)

Answer 73

* Strategic Risk * Operating Risk * Financial Risk * Informational Risk

Answer 74

risk of choosing innappropriate technology

Answer 75

Risk of doing the right think the wrong way

Answer 76

Risk of having financial resources lost, wasted or stolen

Answer 77

Risk of loss of data integrity, incomplete transactions, or hackers

Answer 78

* Errors * Intentional Acts * Disasters

Answer 79

* Virus * Worm * Trojan Horse * Denial-of-Service (DOS) Attack * Phishing

Answer 80

program that inserts itself into another program to propogate

Answer 81

virus that runs independently w/o a host program

Answer 82

Appears to have a useful function but contains hidden security risk

Answer 83

floods network and intended users are unable to reach the webpage

Answer 84

sending phony emails to lure people to a fake website for financial information

Answer 85

possibility of harm or loss

Answer 86

hostile intent

Answer 87

characteristic of design, suceptible to threat

Answer 88

spend money on controls to minimize vulnerability

Answer 89

Physical Access * locks, ID cards Electronic Access * User ID codes w/ regularly changed pws * File Attributes/permissions * Firewalls= gatekeepers

Answer 90

Firewalls deter but cannot completely prevent Network Firewalls- Physical Device "box" Application Firewalls- protect specific software

Answer 91

plan for continuing operations in the event of the destruction of program & data files and processing capabilities

Answer 92

1. Assess the risks 2. Identify mission-critical applications & data 3. Develop a plan 4. Determine the responsibilities for personnel involved 5. Test the plan

Answer 93

* Use of Disaster Recovery Service (External) * Internal Disaster Recovery (mirroring) * Multiple Data Center Backup

Answer 94

Longest to Shortest * Full Backup= exact copy of entire database * Differential Backup= copy only items changed since last FULL backup * Incremental Backup= copy only items changed since last partial backup

Answer 95

* Cold Site (cheapest, 1-3 days)- no actual equipment * Warm Site (compromise, 1/2-1 day)- all hardware needed to create simple data center * Hot Site (most expensive, few hours)- just need to recover backup

Answer 96

extensible business reporting language = designed to exchange financial info over web