Information Technology

Question 1

IC

Which IT personnel roles should always be segregated?

Answer 1

Operators

Programmers

Librarians

Question 2

IC

Systems Analyst duties

Note: Think IT Manager

Answer 2

Designs / purchases IT system

Flowcharts

Liaison Users and Programmers

Question 3

IC

Systems Administrator duties

Answer 3

Primary: Control database access.

Writes- Updates- Maintains- & Tests

Software, Systems and compilers

Question 4

IC

Duties a Systems Programmer should NOT have?

Answer 4

APPLICATION programming

Operator on the system.

Question 5

IC

Systems Operator duties

Answer 5

Schedules and Monitors Jobs

Runs IT Help Desk

Question 6

IC

Duties a System Operator should NOT have?

Answer 6

Should not be a Programmer on the system.

Question 7

IC

If it is not possible to segregate duties in an IT System-

what actions should be taken to compensate for internal control purposes?

Answer 7

Include Computer Logs.

Control Group should review the logs.

Question 8

SYSTEMS

Management Information System (MIS) purpose

Answer 8

provide past, present, future information

for planning, organizing, controlling operations.

Question 9

SYSTEMS

What is an Accounting Information System (AIS)?

Answer 9

A type of MIS that processes accounting transactions.

Question 10

SYSTEMS

Executive Information System (EIS) characteristics

Answer 10

Specialized for Company Executive needs

Assists with Strategy Only

No Decision-Making Capabilities

Question 11

SYSTEMS

Expert System (ES) characteristics

* type of AI

Answer 11

Computer uses reasoning methods to data

Structured

No human interpretation needed

Question 12

SYSTEMS

Decision Support System (DSS) characteristics

Answer 12

Computer combines models and data to resolve unstructured problems.

Gives Interactive Support

Human interpretation needed

Question 13

Ad Hoc computer report characteristics

Answer 13

User initiated

on demand

Question 14

IC - APPLICATION CONTROL

When are Exception reports generated?

Answer 14

When Edit Tests- Check Digits- or Self-Checking Digits identify a problem

Question 15

What is End-User Computing?

Answer 15

The User develops and executes their own application.

Question 16

E-COMMERCE

Risks

Answer 16

Security

Availability

Processing Integrity

Online Privacy

Confidentiality

Compromised data or theft.

Paper trail for auditors.

Question 17

E-COMMERCE

Benefit

Answer 17

Easier business transactions

Question 18

E-COMMERCE

EDI benefits

Answer 18

Uses globally-accepted standards

Quick

Accurate

Efficient

Question 19

What is a File Server?

Answer 19

Stores shared programs and documents.

Question 20

INTERNET

VAN (Value-Added Network) characteristics

Answer 20

Costly

Privately-owned Network

3rd Party Between 2 Companies Routes EDI Trx

Accepts wide range of Protocols

Question 21

LAN (Local Area Network)

purpose

Answer 21

It connects computers in close proximity.

Question 22

INTERNET

WAN purpose

Answer 22

It connects computers that are far apart.

Question 23

INTERNET

What is the purpose of a Firewall?

Answer 23

Prevents unauthorized access to a network.

Question 24

INTERNET

What are the characteristics of a virus?

Answer 24

Takes over a computer

Needs a host program to run

Question 25

INTERNET

What are the characteristics of a computer worm?

Answer 25

Takes over multiple computers

Doesn’t need a host program to run

Question 26

What is RAM?

Answer 26

Internal memory in the computer used during immediate processing.

Question 27

What is a CPU?

Answer 27

Processes commands within a computer.

Question 28

Input devices?

Answer 28

Scanner

Magnetic Ink Reader

Magnetic Tape Reader

EDI

Point of Sale Scanner

Question 29

SOFTWARE

What is Job Control Language?

Answer 29

It schedules and allocates system resources.

Question 30

What is the purpose of Automated Equipment Controls?

Answer 30

They prevent and detect hardware errors.

Question 31

Magnetic Disks characteristics?

Answer 31

Random Access - Finds data in random spots

Faster data retrieval

Uses Boundary Protection for data

Question 32

IC

What are Parity Checks?

Answer 32

A control that detects internal data errors.

A bit is added to each character- it checks to see if a bit was lost.

Question 33

IC

What is an Echo Check?

Answer 33

Transmitted data is returned to the sender for verification

(it echoes back to the sender)

Question 34

IC

What is a Change Control?

Answer 34

It authorizes program changes and approves program test results.

Code comparison program can compare controlled copy of s/w with in-use s/w

Question 35

What is a Gateway?

Answer 35

Connects one network to another

Note: the Internet is connected by Gateways

Question 36

What is security software?

Answer 36

Software that controls access to IT systems.

..not anti-virus software

Question 37

Purpose of a Digital Signature?

Answer 37

It confirms a message has not been altered.

Question 38

Sys Dev

What is the duty of a design engineer?

Answer 38

Determine language used for a specific computer

on a computer-to-computer basis

Question 39

SOFTWARE

How can source programs be recognized?

Answer 39

They are written in a language close to English.

Question 40

SOFTWARE

Purpose of a Compiler?

Answer 40

Takes Source language (English) and converts to Object (Computer) Language

Question 41

INPUT VALIDATION

What is a hash total?

Answer 41

An input control number

a meaningless sum of values included in the input.

Question 42

PROCESSING

How does Online Analytical Processing work?

Answer 42

It uses a Data Warehouse to support management decision making.

Question 43

PROCESSING

What is Data Mining?

Answer 43

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.

Explain, confirm, explore relationships

Question 44

PROCESSING

Purpose of online transaction processing?

Answer 44

To process a company’s routine transactions.

Question 45

PROCESSING

Characteristics of batch processing?

Answer 45

Data held- updates multiple files all at once

Leaves a better audit trail

Uses Grandfather-Father-Son backup

(3 levels of backup kept in 3 locations)

Question 46

Processing control check?

Answer 46

Checks if data processing produced proper output

Question 47

INPUT VALIDATION

Validity check

Answer 47

Checks to see if data in existing tables or files belongs in the set

For example- is there a # in an alpha-only field or a letter in a numeric-only field

Question 48

INPUT VALIDATION

Limit check?

Answer 48

Checks to see if numbers surpass a certain limit

i.e. in an age field is the number greater than 110.

Question 49

INPUT VALIDATION

Check digit?

Answer 49

An input control that adds an identification number to a set of digits – usually at the end

Question 50

INPUT VALIDATION

Field check?

Answer 50

An input check that prevents invalid characters

i.e. checks for alphabetic letters in a SSN field

Question 51

What is Data Mining?

Answer 51

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.

Question 52

Cold Site?

Answer 52

If a main system goes down- a Cold Site will take time to get set up and running.

Question 53

DATA STRUCTURES

What is the most common database language?

Answer 53

SQL - Standard Query Language

DDL (definition)

DML (manipulation)

DCL (control)

Question 54

DATA STRUCTURE DDL

What is a Data Definition Language?

Answer 54

Defines SQL Database

Controls SQL Tables

Question 55

DATA STRUCTURE

DML What is a Data Manipulation Language?

Answer 55

Queries SQL Database tables

Maintain - update, insert, modify

Question 56

DATA STRUCTURE

DCL What is a Data Control Language?

Answer 56

Controls Access to SQL Database

Question 57

DATA STRUCTURE

Relational Database characteristics

Answer 57

Logical structure

Uses rows and columns similar to spreadsheet

Question 58

DATA STRUCTURE

Hierarchical Database characteristics

Answer 58

Has various levels

Uses trees to store data

Question 59

DATA STRUCTURE

Database advantages

Answer 59

Data is more accessible

Data independence from Apps

Reduced redundancy

Question 60

Sys Dev - Overall lifecycle

Answer 60

• Plan
• Analysis
• Design
• Develop
• Testing
• Implement
• Maintain

Question 61

DATA STRUCTURE

Database disadvantages

Answer 61

Cost of installation

Skilled personnel required to maintain

Question 62

DATA STRUCTURE

Components of a database?

Answer 62

Desktop client

Application Server

Database Server

Think: Your desktop computer runs applications and saves to a database

Question 63

What is the most common database language?

Answer 63

SQL - Standard Query Language

Question 64

Sys Dev - Planning

Answer 64

• Id problem
• Define system based on strategic goals
• Scope determination
• Project Plan development
• Initial feasibility

Question 65

Sys Dev - Analysis

Answer 65

Terms to understand:

• Requirements
• Model
• Needs Assessment
• Gap Analysis from current sys
• System specification documents

Question 66

Sys Dev - Design

Answer 66

Technical blueprint

Question 67

Sys Dev - Development

Answer 67

Off-the-shelf or customized platform

Question 68

Sys Dev - Testing

Answer 68

Unit (code)

System Integration

User Acceptance

Question 69

Sys Dev - Implementation

Answer 69

Parallel

Plunge

Pilot

Phased

Question 70

Sys Dev - Maintenance

Answer 70

Monitor

Support

Training

Help Desk

Authorized Changes

Question 71

SOFTWARE

Operating System

Answer 71

Job Control Language for:

Scheduling

Resource allocation

data retrieval

Question 72

SOFTWARE

Multi - processing

Answer 72

simultaneous execution of tasks

same system, multiple CPU

Question 73

SOFTWARE

Multi - tasking

Answer 73

simultaneous processing of jobs

Question 74

SOFTWARE

Types of Source Programs

Answer 74

Machine Language

Assembly

High-level: COBOL, Basic, OOP (Object Oriented) C++, Java

Question 75

SOFTWARE

Desk checking

Answer 75

programmer review b4 run/debug

Question 76

SOFTWARE

Loop

Answer 76

Repeating program instructions

Question 77

PROCESSING

Data Warehouse

Answer 77

Periodic data dumps

Subject oriented

Integrated collection of data

Question 78

DATA STRUCTURE

Data Modeling

Answer 78

Entity-relationship modeling

Primary key - individ records

Foreign key - link relational db

AIS REA data model

• resource: object w/ economic value
• event: bus activity
• agent: people/org

Question 79

DATA STRUCTURE

Data Dictionary

Answer 79

data repository

data directory

stores meta-data

Question 80

INTERNET Languages

Answer 80

HTML

XML - extensible markup

* XBRL (XML for EDGAR)

Question 81

ISACA

COBIT Framework

Answer 81

COBIT Achieve objectives of: Governance and Mgt

Enterprise IT

Systematic integration with Biz strategies

Question 82

ISACA

COBIT Principles (5)

Answer 82

1. Meet Stakeholder needs
2. Cover enterprise end-to-end
3. Apply single integrated framework
4. Enable holistic approach
5. Separate governance from management

Question 83

ISACA

COBIT Enablers (7)

Answer 83

1. Processes
2. Org Structure
3. Culture
4. Policy - Principles
5. Information produced/used
6. Infrastructure
7. People competencies

Question 84

IC

ICHAMB *O*

Answer 84

Org structure

segregation of Development and Data processing

Question 85

IC

General Control Activities

Answer 85

Developing new systems

Changing existing

Access to data / app

Computer operations

Question 86

BUSINESS CONTINUITY Plan

Answer 86

Priorities

Insurance

Backup approach

Individual Assignments

Periodic Testing

Documentation

Question 87

FLOWCHARTs

Answer 87

Program: logic within application

System: application interactions

Audit/Document: dept to dept flow

Dataflow: data and functions (paper/elect)

Question 88

IC

Controls are classified into

Answer 88

the preventative, detective, and corrective categories