Information Technology

Question 1

Which IT personnel roles should always be segregated?

Answer 1

Operators

Programmers

Librarians

Question 2

What are the duties of a systems analyst?

Answer 2

Designs or purchases IT system

Responsible for flowcharts

Liaison between Users and Programmers

Note: Think IT Manager

Question 3

What is the primary duty of a Systems Administrator?

Answer 3

A Systems Administrator controls database access.

Question 4

What are the duties of a Systems Programmer?

Answer 4

Writes- Updates- Maintains- & Tests software- systems- and compilers

Question 5

Which duties should a Systems Programmer NOT have?

Answer 5

In order to maximize internal control- a Systems Programmer should NOT have application programming duties/abilities or be an Operator on the system.

Question 6

What are the duties of a Systems Operator?

Answer 6

Schedules and Monitors Jobs

Runs IT Help Desk

Question 7

What duties should a System Operator NOT have?

Answer 7

For internal control purposes- they should not be a Programmer on the system.

Question 8

If it is not possible to segregate duties in an IT System- what actions should be taken to compensate for internal control purposes?

Answer 8

Include Computer Logs.

Control Group should review the logs.

Question 9

What is the purpose of a Management Information System (MIS)?

Answer 9

To assist with decision making.

Question 10

What is an Accounting Information System (AIS)?

Answer 10

A type of Management Information System (MIS) that processes accounting transactions.

Question 11

What are the characteristics of an Executive Information System (EIS)?

Answer 11

Specialized for Company Executive needs

Assists with Strategy Only

No Decision-Making Capabilities

Question 12

What are the characteristics of an Expert System (ES)?

Answer 12

Computer uses reasoning

Structured

No human interpretation needed

Question 13

What are the characteristics of a Decision Support System (DSS)?

Answer 13

Computer provides data

Gives Interactive Support

Human interpretation needed

Question 14

What are the characteristics of an Ad Hoc computer report?

Answer 14

User initiates the report.The report does not currently exist, but can be created upon demand, without having to get a software developer or programmer involved.
Often called a User Report Writer.

Question 15

When are Exception reports generated?

Answer 15

Exception reports are produced when Edit Tests- Check Digits- or Self-Checking Digits identify a problem

Question 16

What is a Query?

Answer 16

• A request for specific data that meet a set of criteria (Ex: Day’s sales)
• A type of Ad Hoc report- initiated by a user.

Question 17

What is End-User Computing?

Answer 17

The User develops and executes their own application.

Question 18

What is the primary benefit of E-commerce?

Answer 18

E-commerce makes business transactions easier.

Question 19

What are the risks of E-commerce?

Answer 19

Compromised data or theft.

Less paper trail for auditors.

Question 20

What are the benefits of Electronic Data Interchange?

Answer 20

Uses globally-accepted standards

Efficient

Question 21

What is a File Server?

Answer 21

A file server stores shared programs and documents.

Question 22

What is a Database & what is its purpose?

Answer 22

• Files that are interrelated & coordinated

- Located on a File Server- a Database allows users to share documents.

Question 23

What is the purpose of a LAN (Local Area Network)?

Answer 23

It connects computers in close proximity.

Question 24

What is the purpose of a WAN (Wide Area Network)?

Answer 24

It connects computers that are far apart.

Question 25

What are the characteristics of a VAN (Value-Added Network)?

Answer 25

Privately-owned Network

Serves as 3rd Party Between 2 Companies

Routes EDI Transactions

Accepts wide range of Protocols

Very Costly

Question 26

What is the purpose of a Firewall?

Answer 26

Prevents unauthorized access to a network.

Question 27

What are the characteristics of a virus?

Answer 27

Takes over a computer

Needs a host program to run

Question 28

What are the characteristics of a computer worm?

Answer 28

Takes over multiple computers

Doesn’t need a host program to run

Question 29

What is the purpose of Automated Equipment Controls?

Answer 29

They prevent and detect hardware errors.

Question 30

What is RAM?

Answer 30

Random Access Memory.

Internal memory in the computer used during immediate processing.

Question 31

What is a CPU?

Answer 31

Computer Processing Unit

It processes commands within a computer.

Question 32

What is Job Control Language?

Answer 32

It schedules and allocates system resources.

Question 33

What are examples of input devices?

Answer 33

Keyboard
Mouse
Scanner
Magnetic Ink Reader
Magnetic Tape Reader
EDI
Point of Sale Scanner

Question 34

What are examples of Output Devices?

Answer 34

Speakers

Monitors

Printers

Question 35

What are the characteristics of Magnetic Tape storage?

Answer 35

Sequential Access - Sorts data in order

Slower data retrieval

Header Label prevents Operator error by loading wrong tape

External Labels prevent accidental destruction by operator

Question 36

What are the characteristics of Magnetic Disks?

Answer 36

Random Access - Finds data in random spots

Faster data retrieval

Uses Boundary Protection for data

Question 37

What is a Gateway?

Answer 37

Connects one network to another

Note: the Internet is connected by Gateways

Question 38

What are Parity Checks?

Answer 38

A control that detects internal data errors.

A bit is added to each character- it checks to see if a bit was lost.

Question 39

What is an Echo Check?

Answer 39

Transmitted data is returned to the sender for verification (it echoes back to the sender)

Question 40

What is a Change Control?

Answer 40

It authorizes program changes and approves program test results.

Question 41

What is security software?

Answer 41

Software that controls access to IT systems.

Note: Don’t confuse this with anti-virus software

Question 42

What is the purpose of a Digital Signature?

Answer 42

It confirms a message has not been altered.

Question 43

List the types of computers from smallest to largest

Answer 43

PDA/Smartphone/Tablet

Microcomputer - PC- Laptop (cost-effective)

Minicomputer - Like a Mainframe- but smaller

Mainframe - Large computer with terminals attached

Supercomputer - Very powerful and very big

Question 44

What are the units of computer data from smallest to largest?

Answer 44

Bit - 1 (on) and 0 (off)
Byte - 8 bits to a byte/character
Field - group of related characters/bytes (i.e. Name- Zip Code- Serial #)
Record - Group of related fields (i.e. Member name- address- phone number)
File - Group of related records (i.e. Membership directory)

Question 45

What is the duty of a design engineer?

Answer 45

Determine language used for a specific computer- on a computer-to-computer basis

Question 46

What are object programs?

Answer 46

Programs written in base computer language- not similar to English.

Question 47

How can source programs be recognized?

Answer 47

They are written in a language close to English.

Question 48

What is the purpose of a Compiler?

Answer 48

Takes Source language (English) and converts to Object (Computer) Language

Question 49

How does Online Analytical Processing work?

Answer 49

It uses a Data Warehouse to support management decision making.

Question 50

What is Data Mining?

Answer 50

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.

Question 51

What is the purpose of online transaction processing?

Answer 51

To process a company’s routine transactions.

Question 52

What are the characteristics of batch processing?

Answer 52

Data held- updates multiple files all at once

Leaves a better audit trail

Uses Grandfather-Father-Son backup (3 levels of backup kept in 3 locations)

Question 53

What does an output control check for?

Answer 53

Checks to see if output data is valid- distributed and used in an authorized manner.

Question 54

What does a processing control check?

Answer 54

Checks if data processing produced proper output

Question 55

What is a hash total?

Answer 55

A meaningless total/sum of values included in the input- an input control number, that normally does not include dollar amounts.

Ex: Summing a list of SSNs to make sure the data is the same once entered as it was prior to input into the system.

Question 56

What is a validity check?

Answer 56

Checks to see if data in existing tables or files belongs in the set

For example- is there a # in an alpha-only field or a letter in a numeric-only field

Question 57

What is a limit check?

Answer 57

Checks to see if numbers surpass a certain limit- i.e. in an age field is the number greater than 110.

Question 58

What is a check digit?

Answer 58

An input control that adds an identification number to a set of digits - usually at the end

Question 59

What is a field check?

Answer 59

An input check that prevents invalid characters- i.e. checks for alphabetic letters in a SSN field

Question 60

What is a Hot Site?

Answer 60

A disaster recovery system where if the main system goes down- a Hot Site is ready to take over immediately.

Question 61

What is a Cold Site?

Answer 61

If a main system goes down- a Cold Site will take time to get set up and running.

Question 62

What is the most common database language?

Answer 62

SQL - Structured Query Language

Question 63

What is a Data Definition Language?

Answer 63

Defines SQL Database

Controls SQL Tables

Question 64

What is a Data Manipulation Language?

Answer 64

Queries SQL Database tables

Question 65

What is a Data Control Language?

Answer 65

Controls Access to SQL Database

Question 66

What are the characteristics of a Relational Database?

Answer 66

Logical structure

Uses rows and columns similar to spreadsheet

Question 67

What are the characteristics of a Hierarchical Database?

Answer 67

Has various levels

Uses trees to store data

Question 68

What are the advantages of a database?

Answer 68

Data is more accessible

Reduced redundancy

Question 69

What are the disadvantages of a database?

Answer 69

Cost of installation

Skilled personnel required to maintain

Question 70

What are the components of a database?

Answer 70

Desktop client

Application Server

Database Server

Think: Your desktop computer runs applications and saves to a database

Question 71

What is Batch Processing?

Answer 71

Occurs when transactions are recorded, but the master files are only updated PERIODICALLY, such as daily.

• There is ALWAYS a time delay b/w the time the transaction is initiated & the time it is fully processed.
• Most often found in “traditional” systems, (payroll or general ledger systems) where the data doesn’t need to be current at all times.

Question 72

What is Online Real-Time Processing (OLRT), aka Online Processing?

Answer 72

Occurs when transactions are recorded and master files are IMMEDIATELY updated in real-time.

• OLRT files are always current & error detection is immediate.
• REQUIRE random access storage devices.

Question 73

What is a Batch Total?

Answer 73

A total of fields in a transaction that might normally be added. It is most often used for totals of DOLLAR fields.
Ex: a batch might contain $1,000,000 of debits & $1,000,000 of credits.

Question 74

What are the steps in a System’s Development Life Cycle (SDLC)?

Answer 74

**Think: A DITTO   (pg. B4-20)
A - Systems Analysis
D - Design (Conceptual & Physical)
I - Implementation & Conversion
T - Training
T - Testing
O - Operations & Maintenance

Question 75

What is COBIT?

Answer 75

• Control Objectives for Information & Related Technology (COBIT)
• Provides managers, auditors & IT users with a set of measures, indicators, processes and best practices to maximize the benefit of information technology.

Question 76

What are the information criteria (the business requirements for info) described by COBIT?

Answer 76

**Think: ICE RACE -> Know it cold & learn it fast!! (pg. B4-25)
I - Integrity
C - Confidentiality
E - Efficiency

R - Reliability
A - Availibility
C - Compliance
E - Effectiveness

Question 77

What are Detective Security Controls?

Answer 77

They are generally chronological records that provide documentary evidence of the sequence of activities that can be used to detect errors or irregularities. (Ex: Audit logs)

Question 78

What are Preventative Security Controls?

Answer 78

They prevent errors or irregularities

-Org’s that rely heavily on e-commerce would probably want as many preventive controls as possible bc it might be difficult/impossible to correct errors after the fact.

Question 79

What are Corrective Security Controls?

Answer 79

They represent procedures put in place to correct security weaknesses.

Question 80

What are the 5 focus areas that the COBIT framework anticipates that IT governance will be framed by?

Answer 80

1. Strategic Alignment - linkage b/w business & IT plans
2. Value Delivery - provision by IT of promised benefits while satisfying its customers & optimizing Costs
3. Resource Management - Optimization of knowledge & infrastructure
4. Risk Management
5. Performance Measurement - tracking & monitoring

Question 81

What are the domains of the COBIT Framework?

Answer 81

**Think: You will need a purchase order, & therefore PO AIDS ME

PO - Plan & Organize - Directs the IT Process
AI - Acquire & Implement - Deliver the IT Solution
DS - Deliver & Support - Deliver the IT Service
ME - Monitor & Evaluate - Ensure directions are followed