IT

Question 1

Acquire and Implement

Answer 1

the process of identifying automated solutions

Question 2

What is COBIT

Answer 2

The Control Objectives for Info and Related Technology. Int’t standard for identifying best practices in IT security and control.

Question 3

Monitor and evaluate

Answer 3

Regularly assess IT processes.
The process of reviewing system response time logs.
Assessment over time.

Question 4

Deliver and support

Answer 4

the process of security and continuous services

Question 5

What is the purpose of COBIT?

Answer 5

common language for users, auditors, mgmt, and business process owners in identifying risks and structuring controls.
Aligns IT & Biz goals/strategies.

Question 6

What are the components of the basic COBIT framework?

Answer 6

IT Resources
Plan & Organize
Acquire & Implement
Deliver & Support
Monitor & Evaluate

Question 7

What is included in IT Resources

Answer 7

Data
Applications Systems
Technology
Facilities
People

Question 8

Plan and organize

Answer 8

the process of developing tactics to realize the strategic vision for an info tech unit

Question 9

Enterprise Resource Planning system

Answer 9

Provides transaction processing, mgmt support, and decision-making support in a single, integrated package. It attempts to eliminate many of the problems faced by orgs when they attempt to consolidate info from operations in multiple dept/divisions by integrating all data/processes into a unified system.

Question 10

What are risks of cloud-based computing

Answer 10

Data Loss
Vendor security failure
System hacks

Question 11

What is the ERP system designed to do?

Answer 11

to integrate data from all aspects of an org’s acitivities into a centralized data repository.

Question 12

OLAP Online Analytical Processing System

Answer 12

provides data warehouse capabilities and data mining for the ERP system. Provides an integrated view of transactions in all parts of the system.

Question 13

Online transaction processing system (OLTP)

Answer 13

Includes core biz functions: sales, production, purchasing, payroll, fin. reporting. Records the day to day operational transactions and enhances the visibility of these transactions throughout the system. Primarily concerned with collecting data and not analyzing it across the org.

Question 14

PaaS (platform as a service)

Answer 14

use of the cloud to create (not access) software

Question 15

IaaS (infrastructure as a service)

Answer 15

Use of the cloud to access virtual hardware

Question 16

SaaS (software as a service)

Answer 16

Use of the cloud to access software

Question 17

What are the risks of a cloud-based system

Answer 17

Data loss - all eggs in one basket.
system penetration
in the vendor you trust

Question 18

What are the backup facility types?

Answer 18

cold site - no computers $
warm site - computers, no data $$
hot site - everything $$$
mirrored - fully redundant $$$$

Question 19

What tasks are given top priority in DRP?

Answer 19

mission critical tasks - which includes, customer facing services
manufacturing
financials

Question 20

What tasks are given the lowest priority in DRP?

Answer 20

Task critical

Question 21

What type of recovery would help a company recover from a disaster and ensure a timely recovery?

Answer 21

Business continuity planning.

Question 22

What info does one need to prepare a DRP?

Answer 22

Names and locations of key vendors
Current hardware configuration
Names of team members
Alternative processing location

Question 23

Cold site

Answer 23

hardware and records are delivered AFTER the occurrence of a disaster.

Question 24

What is a logical first step in developing a disaster relief plan?

Answer 24

Prepare a statement of responsibilities for the tasks included in the DRP

Question 25

OCP (organizational continuity planning)

Answer 25

identify and plan for disruptions.

Integrate OCP into risk mgmt

Question 26

What does the term “stakeholders” reference in an IT environment

Answer 26

include both the IT personnel responsible for developing and maintaining the system, as well as the personnel from all areas of the org, who are the end users of the system.

Question 27

Who is responsible for granting users access to specific data resources?

Answer 27

database administrator - est user names and authorizing access to specific data files and fields

Question 28

Who maintains the custody of an entitys data

Answer 28

the data librarian

Question 29

What is the role of a systems analyst in an IT environment?

Answer 29

Designing systems, prepares specifications for programmers, and serves as intermediary between users and programmers

Question 30

Most IT people controls are

Answer 30

General and preventive

Question 31

What is the responsibility of a network administrator?

Answer 31

managing remote access

Question 32

What is the responsibility of the app programmer?

Answer 32

code approved changes to a payroll program

Question 33

Who controls the flow of documents in and out of the computer operations dept?

Answer 33

the data control clerk