GTG For iT II Flashcards
WHAT would be considered an example of a General Control?
Controls for documenting and approving programs and changes to programs
NOTE: General Controls are controls related to the organization’s IT environment as a whole (which is why this example is accurate)
WHAT is an assertion made under the COBIT 5 framework?
THE creation of stakeholder value is the fundamental goal of any enterprise
WHAT IT Control would most likely detect computer-related fraud?
Reviewing the systems access log
i.e. reviewing the systems-access log may detect improper access related to fraud
WHAT is one function of a Decision Support System (DSS)?
IT allows certain aspects of a problem to be preprogrammed
WHAT is a critical aspect of separation of duties within information systems?
Programmers and Computer Operators
WHY? - Because a computer operator should not be assigned programming responsibility and have the opportunity to make changes in programs as he operates the equipment
WHAT is XML?
XML (eXtensible Markup Language)
i.e. IT is useful for putting structured data into a text file and used on the content of the data
NOTE: XML can be used to extract and tag structured information from a database for transmission and subsequent use
Fill in the Blank.
Remote batch processing avoids the need for having ______.
File updating at each user location
WHY? - Because Remote batch processing (remote job entry) entails collection and entry of data from places other than the location of the file updating
WHAT is an effective control to prevent a firm’s batch check-writing program from preparing checks for unauthorized vendors (i.e. not yet included in the vendor file)?
Implementing a record lookup for vendors during data entry
i.e. Verifying valid vendors at the point of entry is the most cost-effective means of preventing incorrect data from entering the system
WHAT is Program Documentation?
A control designed primarily to ensure that Programs are kept up to date and perform as intended
WHAT would be considered an example of a validity check?
A computer flags transmissions of which the control field value does not match an existing file record
WHY? - Because validity checks test identification numbers or transaction codes for validity by comparison with items already known to be correct
WHAT is considered a critical success factor in data mining a large data store?
Pattern Recognition
WHY? - Because typical applications of data mining are identification of potential customers and purchasing power
WHAT is the role of the IT Systems Analyst?
Designing systems
Preparing specifications for programmers; and
Serving as intermediary between users and programmers
WHAT is the primary function of a database management system?
TO create and modify the database
WHY? - Because it is an integrated set of software tools superimposed on the data files that helps maintain the integrity of the underlying database
WHAT is an important function of the Database Administrator?
“Redefining” and “Restructuring” the database
i.e. THEY have the overall responsibility for developing and maintaining the database
Thus, the Database Administrator (DA) also establishes controls over the integrity of the database
WHAT is an added benefit of using computer-aided software engineering (CASE) technology?
IT can ensure that data integrity rules are applied consistently
e.g. Data integrity rules such as validation and access, are applied consistently across all files
WHAT is an important element of a Decision Support System (DSS)?
They facilitate solving relatively unstructured problems
i.e. It assists decision makers by allowing them to access data and test different solutions to problems
NOTE: This ONLY supplies support and should not take the place of the decision maker’s insights and judgment
WHAT is System Authentication?
THE process by which a System verifies the identity of a user
i. e. Authentication is the process of determining that individuals are who they say they are
e. g. a password may identify but not authenticate its user if it is known by more than one individual
WHAT are Utility Programs?
Computer programs that perform routine processing functions, such as sorting and merging
i.e. These programs are provided by manufacturers of equipment to perform routine processing tasks required by both clients and auditors
WHAT is the hierarchy of storage commonly found in computerized databases, from least complex to most complex?
Byte, field, record, file
i.e. A byte is a group of bits (binary 1s and 0s). A field is a group of bytes. A record is a group of fields. A file is a group of records
WHAT is a distributed denial-of-service attack?
An attack on computer networks that uses the computers of innocent parties infected with Trojan horse programs
