IS 414 CH. 12 (Threats and Controls)

Question 1

General issues throughout the cycle

Answer 1

1. Inaccurate or invalid master data
2. Unauthorized disclosure of sensitive information
3. Loss or destruction of data
4. Poor performance

Question 2

1. Inaccurate or invalid master data

Answer 2

1. 1 Data processing integrity controls
2. 2 Restriction of access to master data
3. 3 Review of all changes to master data

Question 3

2. Unauthorized disclosure of sensitive information

Answer 3

2. 1 Access controls

2. 2 Encryption

Question 4

3. Loss or destruction of data

Answer 4

3.1 Backup and disaster recovery plan procedures

Question 5

4. Poor performance

Answer 5

4.1 Managerial reports

Question 6

Sales Order Entry

Answer 6

5. Incomplete/inaccurate orders
6. Invalid orders
7. Uncollectible accounts
8. Stockouts or excess inventory
9. Loss of customers

Question 7

5. Incomplete/inaccurate orders

Answer 7

5. 1 Data entry controls

5. 2 Restriction of access to master data

Question 8

6. Invalid orders

Answer 8

6.1 Digital signatures or written signatures

Question 9

7. Uncollectible accounts

Answer 9

7. 1 Credit limits
8. 2 Specific authorization to approve sales to new customers or sales that exceed a customer’s credit limit
9. 3 Aging of A/R

Question 10

8. Stockouts or excess inventory

Answer 10

8. 1 Perpetual inventory system control
9. 2 Use of barcode or RFID
10. 3 Training
11. 4 Periodic physical counts of inventory

Question 11

9. Loss of customers

Answer 11

9.1 CRM systems, self-help websites, and proper evaluation of customer service ratings

Question 12

Shipping

Answer 12

10. Picking the wrong items
11. Theft of inventory
12. Shipping errors (delay or failure to ship, wrong quantities, wrong items, wrong addresses, duplication)

Question 13

10. Picking the wrong items

Answer 13

10. 1 Barcode & RFID

10. 2 Reconciliation of picking lists to sales order details

Question 14

11. Theft of inventory

Answer 14

11. 1 Restriction of physical access to inventory
12. 2 Documentation of all inventory transfers
13. 3 RFID and barcode
14. 4 Periodic physical counts of inventory and reconciliation to recorded quantities

Question 15

12. Shipping errors (delay or failure to ship, wrong quantities, wrong items, wrong addresses, duplication)

Answer 15

12. 1 Reconciliation of shipping documents with sales orders, picking lists, and packing slips
13. 2 Use RFID systems to identify delays
14. 3 Data entry via bar-code scanners and RFID
15. 4 Data entry edit controls (if shipping data entered on terminals)
16. 5 Configuration of ERP system to prevent duplicate shipments