Final Exam Chapter 7

Question 1

a reliable system of processes data accurately completely, in a timely manner, and only with proper authorization which requires controls over data input quality, processing of the data, and data output

Answer 1

processing integrity

Question 2

source document controls that only authorized personnel should prepare source documents

Answer 2

Authorization

Question 3

Source document control where you design forms to minimize errors and omissions

Answer 3

Forms Design

Question 4

source document control where program system to identify missing or duplicate form numbers

Answer 4

pre-numbered forms sequence test

Question 5

source document control where you make machine readable to minimize input errors

Answer 5

Turnaround documents

Question 6

source document control where you stamp entered paper documents set a flag field on processed electronic documents

Answer 6

cancellation of documents

Question 7

source document control where you scan documents for reasonableness and correctness before entering them into the system

Answer 7

visual scanning

Question 8

data entry control that checks whether the characters are of the proper type

Answer 8

field check

Question 9

data entry control where you check if the data has the appropriate sign + or -

Answer 9

sign check

Question 10

data entry control where you check that the amount doesn’t exceed a maximum value or is below a minimum value

Answer 10

limit check

Question 11

data entry control where you make sure the amount falls between a particular range

Answer 11

range check

Question 12

data entry control where the number of characters does not exceed the field size

Answer 12

size check

Question 13

Data entry control where all required data items have been entered

Answer 13

completeness check

Question 14

data entry control where program compares id number account number or name entered to a table of valid numbers or names in a database

Answer 14

validity check

Question 15

data entry control where the logical relationship is correct

Answer 15

reasonableness test

Question 16

data entry control where the check digit is in the ID number

Answer 16

Check Digit verification

Question 17

Batch processing controls for data entry data is in proper numerical or alphabetical sequence

Answer 17

sequence check

Question 18

Batch processing controls for data entry that records information about input or processing errors

Answer 18

error log

Question 19

Batch processing controls for data entry that have financial totals hash totals or record count

Answer 19

batch totals

Question 20

online data entry control where system requests each input item and waits for an acceptable response (online completeness check)

Answer 20

prompting

Question 21

online data entry control where system checks accuracy of input data by retrieving and displaying related information

Answer 21

closed loop verification

Question 22

online data entry control where system maintains a detailed record of all transactions data

Answer 22

transaction logs

Question 23

processing controls were two or more items must match before processing can proceed

Answer 23

data matching

Question 24

processing controls where file labels should be checked to ensure he correct and most current files are being updated

Answer 24

file labels

Question 25

processing control where batch totals should be recomputed as processing takes place and compared to original batch totals

Answer 25

Recalculation of batch totals

Question 26

processing control where you compare arithmetic results produced by two different methods to verify accuracy

Answer 26

cross footing

Question 27

processing control the protect against accidental writing over or erasing of data files

Answer 27

write protection mechanisms

Question 28

processing control that locks other users out until first user has finished processing

Answer 28

concurrent update controls

Question 29

output control where users carefully examin output for reasonableness and completness and to assure that they are the intended recipient

Answer 29

user review of output

Question 30

output control that periodoically all transactions and system updates should be reconciled to control reports or file status/update reports ex. subsidiary ledgers

Answer 30

reconcilation procedures

Question 31

database totals should periodically be reconciled with data maintained outside the system

Answer 31

external data reconciliation

Question 32

hash of the file by sender and reciever

Answer 32

checksums

Question 33

extra bit added to byte to make byte odd or even

Answer 33

parity bits

Question 34

reliable systems are available for use whenever needed to perform business processes

Answer 34

availability

Question 35

use physical and logical access controls
properly store magnetic and optical media
use redundant components to provide fault tolerance
use serge protectors and an uninterruptible power supply
properly design computer rooms
train computer operators
conduct security awareness training
install run and update antivirus and antivirus software
scan email cds dvds usb drive and any other removable media for malware
THESE ARE ALL EXAMPLES OF WHAT

Answer 35

Minimizing the risk of system downtime

Question 36

a plan to recover data processing capacity as smoothly and quickly as possible in the event of an emergency that disables the computer system or destroys the data center

Answer 36

disaster recovery plan

Question 37

a plan that specifies how to resume all business processes in the event of a major calamity that destroys a company’s main headquarters

Answer 37

business continuity plan

Question 38

what are the key components of a disaster recovery plan and business continuity plan

Answer 38

data backup procedures 
provisions for access to replacement infrastructure 
thorough documentation 
periodic testing 
adequate insurance

Question 39

transmit and store securely both on-site and off-site

Answer 39

create multiple backup copies

Question 40

maintain two copies of the database in separate data centers and update both copies in real time

Answer 40

real time mirroring

Question 41

empty building is purchased or leased and prewired for necessary telephone and internet access, also contracts are created so all necessary equipment will be brought in if necessary

Answer 41

cold site

Question 42

facility that is pre-wired for phone and internet but also contains the essential computing and office equipment

Answer 42

Hot site

Question 43

what should business continuity plans and disaster recovery plans contain (4)

Answer 43

instructions for notifying the staff
steps to take to resume operations
assignments of responsibilities
detailed operating instructions

Question 44

how should availability be tested

Answer 44

at least yearly testing to test transfer of actual operations of hot or cold sites and testing of backup restoration

Question 45

what controls should be taken to protect availability (7)

Answer 45

change requests should be documented and follow a standardized format
all changes should be approved by management
changes should be thoroughly tested prior to implementation
all documentation should be updated to reflect authorized changes
emergency changes must be documented and subjected to a formal review and approval process soon after implementation
back out plans to revert back to original configuration
user rights and privileges need to be carefully monitored during the change process to ensure that proper segregation of duties is mantained