Computer Systems and Information Technology Flashcards

1
Q

List and describe the three broad classes of computer controls?

A

General Controls - overall operation

Application Controls - Specific programs input, processing and output

User controls - human controls applied by individuals outside of the computer system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name the categories of general computer controls?

A

controls over data center and network operations, system software acquisition, change and maintenance

access security

application system acquisition, development and maintenance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How is test data used to check a computer program?

A

a batch of transactions is entered into a software program with one valid transaction. if programmed properly it should handle the invalid transactions appropriately

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are some of the testing methods in auditing through the computer process?

A

test data approach

parallel simulation

embedded audit module approach

integrated test facility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a controlled program?

A

an original program copy that is kept unchanged to perform a parallel simulation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is an integrated test facility?

A

allows dummy data to be processed along with live data. if dummy data is processed correctly then it assumed live data is also processed correctly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a parallel simulation?

A

client data is processed in some type of controlled process, then same data processed using client’s software. results should be the same

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the definition of online real-time processing?

A

direct access into the processing unit of main computer, changes made at a terminal are immediately processed and the effect of the changes are immediate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are several controls to ensure computers, programs and data are adequately secured?

A

locked files

locked computers

passwords

ID numbers

access logs

restricted access to all computer hardware

exception reporting for failed attempts to access the system or data files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What separation of duties is particularly important in the IT department?

A

programmers be separate from system design and computer operators

access to data and system files should also be separate from program and system development

specific individuals charged with IT management who are responsible for oversight of IT functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are several application controls to keep bad or faulty data out of the computer system?

A

self-checking numbers

control totals

batch totals

item counts

hash totals

limit tests

validity checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a self-checking number?

A

a number where the final digit or a digit in a consistent position within the number derived by some mathematical formula based on other digits in the number

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is being measured by item counts, hash totals, and batch totals?

A

item count is number of transactions

hash total is a number derived from a group of computer transactions that is not normally determined

batch total is a total normally derived but also used for control purposes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a limit test?

A

an application control where upper and lower limits are set for certain transactions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a validity check?

A

compares data being processed to an independent database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a control group?

A

independent team established for review of computer system controls

17
Q

How should companies reduce the chance of misuse of EDI transmissions?

A

authentication controls to ensure proper submission and delivery of information

encryption so that messages are unreadable to unauthorized parties

18
Q

What prevents mixing of data between several programs running simultaneously?

A

program boundary protection

19
Q

What is a generalized audit software package?

A

a set of programs designed specifically for auditing purposes, which can be easily operated on an auditor’s desktop or laptop computers

20
Q

What is a control total?

A

a total that has been determined in advance for data being entered into a computer program

21
Q

What is EDI?

A

transmission of document image and data within that image directly from a computer at one entity to a computer at another entity

22
Q

What are the two benefits of an EDI system?

A

increase the speed of data transmission between two or more entities that are doing business with one another

decrease the opportunity for clerical errors

23
Q

What is the main problem an auditor faces when auditing a client that uses an online real-time system?

A

it gives users access into the computerized info systems from a remote terminal location

24
Q

What controls should an online real-time computer system have?

A

frequently changing passwords

approved terminals

limit of log-on attempts

25
Q

What is a value-added network?

A

an organization that gathers and transmits EDI communications between specific parties

26
Q

What is a code comparison program?

A

an application software program that compares an existing program with a controlled program to discover any differences in program code