BEC Custom 9

Question 1

Risk

Answer 1

possibility of loss or other unfavorable outcome that results from uncertainty inherent in future events

Question 2

Business Risk

Answer 2

• the broad, macro-risk a firm faces largely as a result of the relationship between the nature of the firm and the nature of its environment

Question 3

Diversifiable risk (also Unsystematic or Firm-specific)

Answer 3

• elements of risk that can be eliminated through diversification of investments

Question 4

Non-diversifiable risk (Systematic or Market-related risk)

Answer 4

• elements of risk that can’t be eliminated through diversification of investments

Question 5

EBIT

Answer 5

• earnings before interest and taxes

- measures the results of a firm’s operating activities, except debt financing

Question 6

Financial risk

Answer 6

• common shareholders’ risk that result from the use of debt financing and preferred stock which require payment before common shareholders receive a return on investment

Question 7

Default risk

Answer 7

Risk that the issuer of a security will not be able to make future interest and/or principal payments; the risk that the issuer may default on its obligation

Question 8

Interest rate risk

Answer 8

• risk that increases in market rate of interest will decrease the value of outstanding debt

Question 9

Inflationary (also purchasing power) risk

Answer 9

• risk that a rise in general price levels (inflation) will result in a reduction in the purchasing power of a fixed sum of money

Question 10

Liquidity (also Marketability) risk

Answer 10

Risk that an asset can’t be readily sold at fair value for cash

Question 11

Political risk

Answer 11

Risk associated with operations in a foreign country that has different political, governmental, cultural, ethical, market structure, or other socio-political elements than a firm’s domestic market

Question 12

What is the purpose of COBIT?

Answer 12

• align IT and business goals/strategies
• link business risks, control needs & IT
• common language for users, auditors, management and business process owners in identifying risks and structuring controls

Question 13

What are the basic elements of the COBIT framework?

Answer 13

• IT resources
• monitor and evaluate
• deliver and support
• acquire and implement
• plan and organize

Question 14

What is the COBIT focus?

Answer 14

IT controls and processes

Question 15

What is the focus of COSO?

Answer 15

organizational controls and processes

Question 16

What is the goal of a Enterprise Resource Planning System (ERP)?

Answer 16

• to integrate management support, knowledge work support, and operational support into one system

Question 17

Online Transaction Processing System (OLTP)

Answer 17

• include core business functions - sales, production, purchasing, payroll, financial reporting, etc.

Question 18

Online Analytical processing system (OLAP)

Answer 18

• data warehouse and data mining capabilities within ERP

Question 19

Infrastructure as a Service (IaaS)

Answer 19

• access to virtual hardware

- e.g. Amazon Web Services & Carbonite

Question 20

Platform as a Service (PaaS)

Answer 20

Access operating system and related services including development

Question 21

Software as a Service (SaaS)

Answer 21

Access software

- e.g. Office 365, Google Docs

Question 22

Cold Site

Answer 22

• off-site location with electrical and other physical requirements for processing
• no equipment or files
• 1-3 days start-up
• Cheaper

Question 23

Warm Site

Answer 23

• off-site location with similar computer hardware
• does not include backed up data
• more $

Question 24

Hot Site

Answer 24

• completely equipped including data
• near-immediate (within hours) operation
• Big $$$

Question 25

Mirrored Site

Answer 25

• fully redundant, fully staffed, fully equipped

- real-time replication of mission critical systems

Question 26

BRM

Answer 26

Business risk management

Question 27

BCP

Answer 27

Business continuity planning

Question 28

OCP

Answer 28

organizational continuity plan

- process of risk assessment, contingency planning, and long-term continuity maintenance

Question 29

BIA

Answer 29

• business impact analysis

- risk analysis portion of BCP

Question 30

What are the three important functions of an information technology department?

Answer 30

• development
• admin and programming
• operations

Question 31

Applications Development

Answer 31

• create and maintain applications
• for safety, done in a test environment
• use “nonlive” copies of programs
• when tested and approved, put into use “live”
• duty = safeguarding (future) “assets”: application programs and systems in development

Question 32

Systems Analysts

Answer 32

• analyze and design new systems
• lead teams of programmers
• partner with end users to define problems and solutions

Question 33

Application programmers

Answer 33

• write application programs

Question 34

System administrators

Answer 34

• duty = authorize events (access)

Question 35

System programmers

Answer 35

• maintain operating systems and related hardware

- segregation of duties - must not have access to application programs or data files

Question 36

Data control clerk

Answer 36

• control document flows; schedule batches for data entry and editing; reconcile control totals

Question 37

Computer operators

Answer 37

• operate the mainframe computer

- load program and data files, run programs (execute transactions)

Question 38

File Librarian

Answer 38

• maintain files and data that are not online in the file library
• check files in and out to support scheduled jobs

Question 39

What are the four roles in the systems development life-cycle (SDLC)?

Answer 39

• IT Steering Committee
• Lead Systems Analyst
• Systems Analysts & Application Programmers
• End users

Question 40

IT Steering Committee

Answer 40

• review, approve, and prioritize systems development proposals
• include members from IT department and functional user areas

Question 41

Lead Systems Analyst

Answer 41

• manages development team(s) and projects
• direct contact with end users
• usually responsible for developing overall programming logic and functionality

Question 42

Source Program Library Management System (SPLMS)

Answer 42

• software and instructions for people
• for new or changed programs, manages migration from application development test environment to production library
• controls and validates program changes by comparing new to old code

Question 43

What are the 4 functions of the SPLMS?

Answer 43

• store programs in the source program library
• retrieve programs for updating and maintenance
• delete obsolete programs
• audit trail - document program changes

Question 44

System Documentation

Answer 44

• overview of program, data files, processing logic, interactions with other programs and systems
• may include requirements, architecture, and design

Question 45

Program Documentation

Answer 45

• detailed descriptions of inputs, logic, and outputs

- includes program flowcharts, source code listings, record layouts

Question 46

Operator Documentation

Answer 46

• also called “run manual”
• how to load and execute programs and data
• includes needed equipment, files, supplies, commands, and error messages