Final Questions Flashcards
1
Q
Best describes the purpose of a BPMN collapsed sub-process?
A
Contain a series of activities that are hidden from view
2
Q
Access Control
A
limit to who can use and change records in the system (example: passwords control who can use an application)
3
Q
Accounts Receivable
A
monies owed by customers for prior sales of goods or services. In data modeling context, AR are calculated as each customer’s sales less corresponding cash receipts
4
Q
Agents
A
the people or organizations who participate in business events such as customers and salespeople
5
Q
Application controls
A
ensure data integrity and an audit trail (for example: new invoices are assigned sequential numbers)
6
Q
Cash
A
organization’s monies in bank or related accounts. the instances of the class are individual accounts. considered a resource
7
Q
cash receipts
A
record receipts of cash from external agents (customers) and the corresponding deposit of those receipts into cash accounts. Considered an event
8
Q
Choreography
A
the interaction (message flows) between two participants (modeled as pools) in a process modeled using BPMN
9
Q
Collaboration
A
A BPMN model showing two participant pools and the interactions between then within a process
10
Q
Customer
A
the external agent in the sales and collections process
11
Q
error event
A
an intermediate event in a BPMN model showing processing for exceptions to the normal process flow
12
Q
Events
A
classes that model the organization’s transactions, usually affecting the organization’s resources such as sales and cash receipts
13
Q
Many-to-many relationship
A
exists when instances of one class (sales) are related to many instances of another class (inventory) and vice versa. these relationships are implemented in Access and relational databases by adding a linking table to convert the many-to-many relationship into two one-to-many relationships
14
Q
one-to-many relationships
A
exists when instances of one class are related to multiple instances of another class (example: a customer can participate in many sales but each sale involves only one customer)
15
Q
Orchestration
A
In BPMN, the sequence of activities within one pool
16
Q
Product
A
class representing the organization’s goods held for sales, that is, the organization’s inventory. considered a resource
17
Q
Quote
A
description of the products and/or services to be provided to a customer if ordered
18
Q
REA
A
resource-event-agent framework for modeling business processes, originally developed by William McCarthy
19
Q
Sales
A
Events documenting the transfer of goods or services to customer and the corresponding recognition of revenue for the organization
20
Q
Sales order
A
event documenting commitments by customers to purchase products. the sales order event precedes the economic event (sale)
21
Q
Subprocess
A
represent a series of process steps that are hidden from view in BPMN. the sue of subprocesses in modeling helps reduce complexity
22
Q
type image
A
class that represents management information (such as categorizations, policies, and guidelines) to help manage a business process. Type image often allows process information to be summarized by category
23
Q
Access point
A
logically connects stations to a firm’s network
24
Q
Audit around the computer (or black-box approach)
A
auditors test the reliability of computer generated information by first calculating expected results from the transactions entered into the system. Then, auditors compare these calculations to the processing or output results
25
Audit through the computer (or white box approach)
requires auditors to understand the internal logic of the system/ application being tested
26
computer-assisted audit techniques (CAATs)
essential tools for auditors to conduct an audit in accordance with heightened auditing standards
27
continuous audit
preforming audit-related activities on a continuous basis
28
data governance
the convergence of data quality, data management, data policies, business process management and risk management surrounding the handling of data in a firm
29
Data mining
a process of using sophisticated statistical techniques to extract and analyze data from large databases to discern patterns and trends that were not previously known
30
Data warehouse
a collection of information gathered from an assortment of external and operations (internal) databases to facilitate reporting from decision making and business analysis
31
Database
A shared collection of logically related data for various uses
32
Database system
a term typically used to encapsulate the constructs of a data model, database management system (DBMS) and database
33
embedded audit module
a programmed audit module that is added to the system under review
34
Firewall
a security system comprised of hardware and software that is built using routers, servers and a variety of software
35
generalized audit software (GAS)
frequently used to perform substantive tests and sued for testing of controls through transactional data analysis
36
hub
contains multiple ports
37
integrated test facility (ITF)
an automated technique that enables test data to be continually evaluated during the normal operation of a system
38
local area network (LAN)
a group of computers, printers, and other devices connected to the same network that covers limited geographical range such as a home, small office or a campus building
39
MAC (media access control) address
a designated address that is connected to each device via the network and only sees trafic
40
operating system (OS)
performs the tasks that enable a computer to operate; comprised of system utilities and programs
41
operational database
often includes data for the current fiscal year
42
parallel simulation
attempts to simulate the firm's key features or processes
43
remote access
connection to a data-processing system from a remote location (through a virtual private network)
44
Router
software-based intelligent device that chooses the most efficient communications path through a network to the required destination
45
Station
a wireless endpoint device equipped with a wireless network interface card
46
Switch
an intelligent device that provides a path for each pair of connections on the switch by storing address information in its switching tables
47
Test data technique
uses a set of input data to validate system integrity
48
virtual private network (VPN)
securely connects a firm's WANs by sending/receiving encrypted packets via virtual connections over the public Internet to distant offices, salespeople and business partners
49
Wide are network (WAN)
links different sites together; transmits information across geographically dispersed LANs; and covers a broad geographic area such as a city, region, nation or an international link
50
Wireless network
comprised of two fundamental architectural components: access points and stations
51
Another name for data warehousing is data mining.
a. True
b. False
False
52
Data warehousing refers to the short-term storage of large amounts of data for an entire enterprise.
a. True
b. False
False
53
An operating system handles input and output to and from attached hardware devices, such as hard disks, printers, and dial-up ports and sends messages to each application or interactive user about the status of operation and any errors that may have occurred.
a. True
b. False
True
54
Which of the following is not a function of generalized audit software?
a. To aid in the random selection of transactions for substantive testing.
b. To run in parallel with the client's application software and compare the output.
c. To test the mathematical accuracy by footing and cross-foot items in the accounting system.
d. To keep an independent log of access to computer application software.
D
55
Which of the following is not a computer-assisted audit technique?
a. Test data
b. Tagging and lagging
c. Integrated test facility
d. Parallel simulation
B. Tagging and Lagging
56
When would "auditing around the computer" be appropriate?
a. When significant controls over the computer system are adequate.
b. When significant controls over the computer system are not required.
c. It is never appropriate to audit around the computer.
B
57
: A virtual private network (VPN) sends encrypted messages though public Internet service providers.
a. True
b. False
True
58
A _____ is a type of network equipment that directs information or data to transmit over the Internet.
a. Server
b. Router
c. Firewall
d. Switch
B. Router
59
A ____ is a network with security and controlled access for a private group but built on top of a public network.
a. Wide area network.
b. Virtual organization.
c. Middleware network.
d. Virtual private network.
d. Virtual private network.
60
Common IT techniques that are needed to implement continuous auditing include:
a. Database management systems
b. Computer-assisted audit techniques (CAATs)
c. Data warehouses
d. All of the above
All of the above
61
Which of the following best describes the purpose of a balanced scorecard?
a. Mission statement
b. Performance measurement framework
c. Strategy map
d. Budgeting document
b. Performance measurement framework
62
balanced scorecard framework
provides an integrating framework that describes organizational performance relative to its strategic objectives across four perspectives: learning and growth, process, customer, and finance. Objectives for each perspective describe the strategy in a series of cause-and-effect relationships
63
Balanced scorecard management process
the process by which companies plan, implement and monitor performance. It consists of five steps: formulate the strategy, translate the strategy, link the strategy to operations, monitor performance and adapt
64
Customer perspective
the balanced scorecard perspective that describes the organization's customer related objectives and corresponding customer measures; it views organization performance from the customers' perspective
65
enterprise IT (EIT)
a type of information technology that restructures interactions within an organization and with external partners, such as customer relationship management systems
66
financial perspective
the balanced scorecard perspective that describes the organization's financial objectives and corresponding financial measures of performance; it views organizational performance from the shareholders' perspective
67
function IT (FIT)
a type of information technology that performs/supports a single function, such as spreadsheet applications
68
information capital
an intangible asset that reflects the readiness of the company's technology to support strategic internal processes. it includes computing hardware, infrastructure, applications and employees' abilities to use technology effectively
69
key performance indicator
those measures that the organization feels best indicates the performance of a particular activity
70
learning and growth perspective
the balanced scorecard perspective that describes the organizations' objectives and corresponding measures related to improvements in tangible and intangible infrastructure, such as human, information, and organizational capital
71
network IT (NIT)
a type of information technology that allows people to communicate with one another such as e-mail and instant messaging
72
process perspective
the balanced scorecard perspective that describes the organizations' internal, process-related, objectives and corresponding measures; it views organizational performance from an internal perspective
73
strategy map
a one-page representation of the firm's strategic priorities and the cause-and-effect linkages to those strategic priorities
74
value proposition
represents the product and service characteristics, such as price, quality, selection and brand image that the firm attempts to deliver to customers to meet or exceed customers' expectations and thereby result in customer retention and new customer acqusition
75
accounting rate of return (ARR)
the average annual income from the IT initiative divided by the initial investment cost
76
acquisition costs
all direct and indirect costs necessary to acquire and implement the IT initiative
77
alignment risk
the risk that an IT initiative is not aligned with the strategy of the organization
78
benefits
the positive consequences to the organization of an IT investment
79
breakeven analysis
determines the breakeven point, where the total value of benefits is equals that of total costs
80
business case
economic justification for an IT investment or other major project
81
change risk
the risk that the organization will be unable to make the changes necessary to implement the IT initiative successfully
82
economic justification process
the process by which an organization creates a business case for an IT investment or other major project
83
financial risk
the risk that the IT investment will not deliver expected financial benefits
84
internal rate of return (IRR)
the discount rate (return) that makes a project's net present value equal to zero
85
net present value (NPV)
the sum of the present value of all cash inflows minus the sum of the present value of all cash outflows related to an IT investment or other capital investment
86
operation cost
the recurring cost necessary to operate, maintain and administer an IT initiative
87
payback period
the amount of time necessary to recoup a project's initial investment
88
project risk
the risk that the project will not be completed on time or within budget
89
relevant costs
those costs that will change as a result of an IT initiative or other major project
90
solution risk
the risk that the proposed solution will not generate expected benefits
91
technological risk
the risk that the technology will not perform as expected to deliver the planned benefits
92
value proposition
summarizes the costs and benefits of a preferred alternative IT investment, describing (1) the relevant time frames that the costs will by incurred and benefits realized, (2) the corresponding discount rates to apply future cash flows and (3) the sensitivity of the results to assumptions
93
100% rule
a rule operation percent planning of all tasks, including all of the internal, external and interim tasks
94
15-15 rule
a rule suggesting that if a project is more than 15% over budget or 15% off the planned schedule, it will likely never recoup the time or cost necessary to be considered successful. at this point a decision needs to be made on if or how to proceed from that point on
95
analysis phase
the phase of the SDLC involves a complete, detailed analysis of the systems needs of the end user as well as a proposed solution
96
critical path
the longest path for a project and represents the minimum amount of time needed for the completion of the project when sufficient resources are allocated
97
design phase
the phase of the SDLC that involves describing in detail the desired features of the system that were uncovered in the analysis phase
98
Gantt chart
a graphical representation of the project schedule that maps the tasks to a project calendar
99
implementation phase
the phase of SDLC that involves development, testing and implementation of the new proposed system
100
maintenance phase
the final phase of the SDLC that includes making changes, corrections, additions and upgrades (generally smaller in scope) to ensure the system continues to meet the business requirements that have been set out for it
101
perceived ease of use
the extent to which a person perceives that the use of a particular system will be relatively free from effort
102
perceived usefulness
the extent to which users believe the system will help them perform their job better
103
planning phase
the phase of SDLC that summarizes the business needs with a high-level view of the intended project
104
Program Evaluation Review Technology (PERT)
a project management tool used to help identify all tasks needed to complete a project. it is also helpful in determining task dependencies
105
project
a series of tasks that are generally performed in a defined sequence to produce a predefined output
106
project management
the process of carrying out the system development life cycle to achieve an intended outcome
107
project manager
the lead member of the project team who is responsible for the project
108
project sponsor
generally a senior executive in the company who takes responsibility for the success of the project
109
scope creep
the change in a project's scope after the project work has started
110
systems analyst
person responsible for both determining the information needs of the business and designing a system to meet those needs
111
systems development life cycle (SDLC)
the process of creating or modifying information systems to meet the needs of its users. it serves as the foundation for all processes people use to develop such systems
112
technology acceptance model (TAM)
a model that predicts when users will adopt a new system to the extent they believe the system will help them perform their job better
113
triple constaint
three factors that constrain information technology and other projects: cost, scope and time. also known as Dempster's triangle
114
work breakdown structure (WBS)
the process of identifying all tasks needed to complete a project
