Module 41: Information Technology Flashcards

Question 1

Q

information system within a business

Answer

A

an information system processes data and transactions to provide users with the information they need to plan, control and operate an organization, including:

collecting transaction and other data
entering it into the information system
processing the data
providing users with the information needed
controlling the process

Question 2

Q

advantage of computer systems versus manual systems

Answer

A

computer processing tends to reduce or eliminate processing time, and prevent computational errors and errors in processing routine transactions (when fraud is not involved)

Question 3

Q

General types of IT systems

Answer

A

office automation systems
transaction processing systems
management reporting systems
management information systems

Question 4

Q

Management reporting systems

Answer

A

designed to help with the decision making process by providing access to computer data
types:
1. management information systems
2. decision support systems
3. expert systems
4. executive information systems

Question 5

Q

office automation systems

Answer

A

designed to improve productivity by supporting daily work of employees (e.g. word processing, spreadsheets, presentation tools, email, electronic calendars, contact management software

Question 6

Q

transaction processing systems

Answer

A

involve the daily processing of transactions (e.g. airplane reservations systems, payroll recording, cash receipts, cash disbursements)

Question 7

Q

management information systems

Answer

A

(management reporting system) systems designed to provide past, present and future information for planning, organizing and controlling the operations of the organization

Question 8

Q

decision support systems

Answer

A

(management reporting system) computer based information systems that combine models and data to resolve non-structured problems with extensive user involvement

Question 9

Q

expert support systems

Answer

A

(management reporting system) computer systems that apply reasoning models to data in a specific relatively structured area to render advice or recommendations, much like a human expert

Question 10

Q

executive information systems

Answer

A

(management reporting system) computerized systems that are specifically designed to support executive work

Question 11

Q

the two distinct roles for systems

Answer

A

recording of transactions of various types

2. providing support for decision making

Question 12

Q

designing and implementing a new information and control system provides an opportunity to reexamine

Answer

A

business processes, especially if the new system is an enterprise resource planning (ERP) system; more efficient and effective

Question 13

Q

Systems development lifecycle (SDLC)

Answer

A

the traditional methodology for developing information systems

characterized by its phases, each representing a specific set of development activities:

planning
analysis
design
development
testing
implementation
maintenance

Question 14

Q

SDLC Planning Phase

Answer

A

identify the problems that proposed system will solve
define the system to be developed (based on strategic goals of the organization)
determine the project scope (what the system will do and how it will be evaluated); a project scope document is used and can be revisited and revised
develop a project plan- defines the activities that will be performed, and the individuals and resources that will be used; a project manager develops the plan and tracks its progress; sets project milestones
evaluate the initial feasibility of the project- can involve determining the project’s technical, organizational, and economical feasibility

Question 15

Q

SDLC Analysis Phase

Answer

A

Involves teams including end users, information technology specialists, systems analysts, and process design specialists to understand the requirements for the proposed system

Typically, processing data, and logic models are produced to help determine system requirements; a needs assessment may also be performed
Next, an analysis is performed on the existing system along the same dimensions
then a gap analysis is performed to examine the differences (gaps) between the required system and the existing system
Finally, priorities are established for the gaps, which will be documented in a requirements definition document, which will receive sign-off from the end users
* It is during this phase that a company can take advantage of processes inherent in the new system to improve the existing process

Question 16

Q

A needs assessment (SDLC analysis phase)

Answer

A

involves determining the requirements for the system in terms of processes, data capture, information and reporting

Question 17

Q

Requirements definition document (SDLC analysis phase)

Answer

A

final document that outlines the differences between the required system and the existing system (requirements) that will receive a sign-off from end users

Question 18

Q

Specific specification documents contain information on basic requirements which include (SDLC analysis phase)

Answer

A

performance levels
reliability
quality
interfaces
security and privacy
constraints and limitations
functional capabilities
data structures and elements

Question 19

Q

The Design Phase (SDLC)

Answer

A

the primary goal of the design phase is to build a technical blueprint of how the proposed system will work

the components that are typically designed during this phase include:

databases
user interfaces for input and output
required reports
programs
infrastructure and controls

Question 20

Q

The Development Phase (SDLC)

Answer

A

documents from the design phase are transformed into the actual system

the platform on which the system is to operate is built or purchased off-the-shelf and customized and databases are developed

Question 21

Q

The Testing Phase (SDLC)

Answer

A

involves verifying that the system works and meets the business requirements as set forth in the analysis phase

tests that should be performed:

unit testing
system testing
integration testing
user acceptance testing

Question 22

Q

unit testing (testing phase test)

Answer

A

involves testing the units or pieces of code

Question 23

Q

system testing (testing phase test)

Answer

A

involves testing the integration of the units or pieces of code into a system

Question 24

Q

integration testing (testing phase test)

Answer

A

involves testing whether the separate systems can work together

Question 25

Q

user acceptance testing (testing phase test)

Answer

A

determines whether the system meets the business requirements and enables users to perform their jobs efficiently and effectively

Question 26

Q

The Implementation Phase (SDLC)

Answer

A

involves putting the system in operation by the users; in order to effectively implement the system, detailed user documentation must be provided to the suers and the users must be adequately trained

implementation methods include:

parallel implementation
plunge implementation
pilot implementation
phased implementation

Question 27

Q

parallel implementation (implementation phase)

Answer

A

uses both systems until it is determined that the new system is operating properly

this has the advantages of a full operational test of the new system with less risk of system disaster

the disadvantage is the additional work and cost during the period both systems are operating

Question 28

Q

plunge implementation (implementation phase)

Answer

A

the organization ceases using the old system and begins using the new system immediately

less costly than the parallel method but it has a higher risk of system breakdown

Question 29

Q

pilot implementation (implementation phase)

Answer

A

involves having a small group of individuals using the new system until it is seen to be working properly

has the advantage of providing a partial operational test of the new system at a lower cost than parallel implementation

Question 30

Q

phased implementation (implementation phase)

Answer

A

involves installing the system in a series of phases (e.g. GL, AR, etc)

Question 31

Q

The Maintenance Phase (SDLC)

Answer

A

involves monitoring and supporting the new system

in this phase the organization provides ongoing training, help desk resources, and a system for making authorized and tested changes to the system

Question 32

Q

Types of Computers

Answer

A

supercomputers
mainframe computers
servers
microcomputers
tablets/ smart phones/ personal digital assistants

Question 33

Q

supercomputers

Answer

A

extremely powerful, high speed computers used for extremely high-volume and/or complex processing needs

Question 34

Q

mainframe computers

Answer

A

large, powerful, high-speed computers; less powerful than super computers but they have traditionally been used for high-volume transaction processing

clusters of low cost, less powerful “servers” are increasingly taking over the processing chores of mainframe computers

Question 35

Q

servers

Answer

A

high-powered microcomputers that “serve” applications and data to clients that are connected via a network (web servers/ database servers)

typically have greater capacity (faster processors,more RAM, more storage capabilities) than their clients (microcomputers) and often act as a central repository for organizational data

servers today are often configured as a “virtual machine,” meaning multiple operating systems can coexist and operate simultaneously on the same machine

virtual machines are appealing because they lower hardware costs and create energy savings

Question 36

Q

Microcomputers

Answer

A

e.g. desktop computers, laptop computers

designed to be used by one person at a time (personal computers)

typically used for word processing, email, spreadsheets, surfing the web, creating and editing graphics, playing music, and gaming

Question 37

Q

tablets/ smart phones/ personal digital assistants

Answer

A

e.g. iPad, iPhone, android, blackberry

these are typically smaller, handheld wireless devices that depend on WiFi and/ or cellular technology for communications

Question 38

Q

Central Processing Unit (CPU)

Answer

A

the principal hardware components of a computer

contains:

arithmetic/ logical unit
primary memory
control unit

major function is to fetch stored instructions and data, decode the instructions, and carry out the instructions

Question 39

Q

Arithmetic/ logical unit (CPU)

Answer

A

performs mathematical operations and logical comparisons

Question 40

Q

Primary memory (CPU storage)

Answer

A

active data and program steps that are being processed by the CPU

it may be divided into RAM (random-access memory) and ROM (read-only memory)

application programs and data are stored in the RAM at execution time

Question 41

Q

Control Unit (CPU)

Answer

A

interprets program instructions and coordinates input, output, and storage devices

Question 42

Q

random (RAM)

Answer

A

=direct storage

Question 43

Q

Secondary Storage Devices

Answer

A

magnetic tape
magnetic discs
RAID (Redundant array of independent [previously, inexpensive] disks)
compact discs
solid state drives (SSDs)
could-based storage

Question 44

Q

magnetic tape

Answer

A

slowest type of storage available because data is stored sequentially

primarily used for archiving purposes today

Question 45

Q

magnetic disks

Answer

A

the most common storage medium in use on computers today

also called “hard disks” or “hard disk drives: (HDD)

data can be accessed directly

Question 46

Q

RAID (Redundant array of independent [previously, inexpensive] disks)

Answer

A

a way of storing the same data redundantly on multiple magnetic discs (back-up)

when originally recorded, data is written to multiple discs to decrease the likelihood of loss
if a disk fails, at least one of the other disks has the information and continues operation

Question 47

Q

compact discs

Answer

A

discs (CDs) and digital video discs (DVDs)

both are the same physical size and both use optical technology to read and write data to the disc

Question 48

Q

solid state drives (SSDs)

Answer

A

use microchips to store data and require not moving parts for read/write operations

SSDs are faster and more expensive per gigabyte than CDs, DVDs, and HDDs

SSDs are increasingly being used in place HDDs in microcomputers but cost and limited capacity have constrained their adoption as a primary storage device

more commonly used for auxiliary storage

SSDs that are “pluggable” are often called “thumb drives” “flash drives” or “USBs”

Question 49

Q

cloud based storage

Answer

A

also called “storage as a Service” (SaaS)

hosted offsite, typically by third parties, and is accessed via the internet

Question 50

Q

manner in which information is represented in a computer

Answer

A

digital

2. analog

Question 51

Q

digital (manner in which information is represented in a computer)

Answer

A

a series of binary digits (0s and 1s)

one binary is called a “bit”

a series of 8 bits is referred to as a “byte”

one byte can form a letter, a number, or special character (e.g. 00000111 is the binary equivalent of the decimal number 7)

Question 52

Q

analog (manner in which information is represented in a computer)

Answer

A

the representation that is produced by the fluctuations of a continuous signal (e.g. speech, temperature, weight, speed, etc.)

rather than using 0s and 1s to represent information analog signals use electrical, mechanical, hydraulic or pneumatic devises to transmit the fluctuations in the signal itself to represent information

Question 53

Q

Online

Answer

A

equipment in direct communication with, and under the control of, the CPU

online also refers to having a connection to the Internet

Question 54

Q

Off-Line

Answer

A

equipment not in direct communication with the CPU; the operator generally must intervene to connect off-line equipment or data to the CPU (e.g. mount a magnetic tape of archival data)

Off-line also refers to the absence of an Internet connection

Question 55

Q

Console

Answer

A

a terminal used for communications between the operator and the computer (e.g. the operator of a mainframe computer)

Question 56

Q

peripheral equipment

Answer

A

all non-CPU hardware that may be placed under the control of the central processor

classified as online or off-line, this equipment consists of input, storage, output, and communications

Question 57

Q

controllers

Answer

A

hardware units designed to operate specific input-output untits

Question 58

Q

buffer

Answer

A

a temporary storage unit used to hold data during computer operations

Question 59

Q

MIPS

Answer

A

millions of instructions per second; a unit for measuring the execution speed of computers

Question 60

Q

Input Devices

Answer

A

keying data- data entry devices
online entry
turnaround documents
automated source data input devices
electronic commerce and electronic data interchange

Question 61

Q

Key-to-Tape and Key-to-disk (keying data- input device)

Answer

A

data is entered on magnetic tape and/ or disk respectively and then read into a computer

Question 62

Q

visual display terminal/monitor (online entry)

Answer

A

uses keyboard to directly enter data into computer
1. input interface- a program that controls the display for the user (usually on a computer monitor) and that allows the user to interact with the system

graphical user interface (GUI)- uses icons, pictures, and menus instead of text for inputs (e.g windows)
command line interface- uses text-type commands (e.g barcodes)

Question 63

Q

mouse, joystick, lightpens (online entry)

Answer

A

familiar devices that allow data entry

Question 64

Q

touch-sensitive screen (online entry)

Answer

A

allows users to enter data from a menu of items by touching the surface monitor

Answer 65

A

documents that are sent to the customer and returned as inputs (e.g. utility bills; to make payments “remittance”)

Answer 66

A

magnetic tape reader
magnetic ink character reader (MICR)
scanner
automatic teller machine (ATM)
radio frequency identification (RFID)
point of scale (POS) recorders
voice recognition

Answer 67

A

a device capable of sensing information recorded as magnetic spots on magnetic tape

Answer 68

A

device that reads characters that have been encoded with a magnetic ink (e.g. bank check readers)

Answer 69

A

a device that reads characters on printed pages

Answer 70

A

a machine used to execute and record transactions with financial institutions

Answer 71

A

uses radio waves to track and input data (e.g. wave card entry)

increasingly used for inventory and contactless payment systems

RFID tags can be read wirelessly by RFID readers; does not require line-of-sight access like bar code technology (e.g Mobil’s Speedpass payment systems, FasTrak toll collection system)

Answer 72

A

devises that read price and product code data (purchasing groceries)

ordinarily function as both a terminal and a cash register

allows one to record and track customer orders, process credit and debit cards, connect to other systems in a network, and manage inventory

example: a POS system for restaurants is likely to have all menu items stored in a database that can be queried for information in a number of ways

Increasingly, POS terminals are also we-enabled, which makes remote training and operation possible, as well as inventory tracking across geographically dispersed locations

Answer 73

A

a system that understands spoken words and transmits them into a computer

Answer 74

A

involves one company’s computer communicating with another’s computer

example: a buyer electronically sending a purchase order to a supplier

Answer 75

A

many automated source data input devices and electronic commerce/electronic data interchange devices are capable of outputting data (writing in addition to reading) and therefore become output devices as well as input devices
monitors
printers
plotters- produce paper outputs of graphs
computer output to microfilm or microfiche (COM)- makes use of photographic process to store output

Answer 76

A

Operating system
Utility programs
Communications software

Answer 77

A

manages the input, output, processing and storage devices and operations of a computer (Windows, Linux, Unix)

Performs scheduling, resource allocation, and data retrieval based on instructions provided in job control language

Answer 78

A

handle common file, data manipulation and “housekeeping” tasks

Answer 79

A

controls and supports transmission between computers, computers and monitors, and access various databases

Answer 80

A

systems software

2. applications software

Answer 81

A

programs designed for specific uses, or “applications”, such as

word processing, graphics, spreadsheets, email, and database systems
accounting software

Answer 82

A

low-end: all in one package, designed for small organizations (quickbooks, peachtree, dell-tech)
high-end: ordinarily in modules (e.g. general ledger, receivables)
Enterprise resource planning (ERP): designed as relatively complete information system “suites” for large and medium size organizations (e.g. human resources, financial applications, manufacturing, distribution). Major vendors are well known- SAP, People Soft, Oracle, and J.D. Edwards

Answer 83

A

Integration of various portions of the information system, direct electronic communication with suppliers and customers, increased responsiveness to information requests for decision-making

i.e. its all done for you; you have good support

Answer 84

A

Complexity, costs, integration with supplier and customer systems may be more difficult than anticipated

**very expensive

Answer 85

A

produces a machine language object program from a source program language

Answer 86

A

simultaneous execution of two or more tasks, usually by two or more CPUs that are part of the same system

Answer 87

A

the simultaneous processing of several jobs on a computer

Answer 88

A

the converted source program that was changed using a compiler to create a set of machine readable instructions that the CPU understands

Answer 89

A

a program written in a language from which statements are translated into machine language; computer programming has developed in “generations”

Answer 90

A

machine language
assembly language
“high-level” programming languages such as COBOL, Basic, Fortran, C++, and Java
an “application- specific” language usually built around database systems (i.e. SQL, a structured query language)
a relatively new and developing form that includes visual or graphical interfaces used to create source language that is usually compiled with a 3rd or 4th generation language compiler

Answer 91

A

composed of combinations of 1’s and 0’s that are meaningful to the computer (binary)

Answer 92

A

C++ and Java are considered object-oriented programs (OOP) in that they are based on the concept of an “object” which is a data structure that uses a set of routines, called “methods,” which operate on the data

The “objects” are efficient in that they often are reusable in other programs

Object-oriented programs keep together data structures and procedures (methods) through a procedure referred to as encapsulation.

Answer 93

A

a low-level programming language that uses words (mnemonics) instead of numbers to perform an operation.

assembly language must be translated to machine language by a utility program called an “assembler”

generally, an assembly language is specific to a computer architecture and is therefore not portable like most high-level languages

Answer 94

A

(storage) online secondary memory that is used as an extension of primary memory, thus giving the appearance of larger, virtually unlimited internal memory

Answer 95

A

rules determining the required format and methods for transmission of data

Answer 96

A

review of a program by the programmer for errors before the program is run and debugged on the computer

Answer 97

A

to find and eliminate errors in a computer program

many compliers assist debugging by listing errors in the program such as invalid commands

Answer 98

A

to correct input data prior to processing

Answer 99

A

a set of program instructions performed repetitively a predetermined number of times, or until all of a particular type of data has been processed

Answer 100

A

a listing of the contents of storage

Answer 101

A

a section of coding inserted into a program to correct a mistake or to alter a routine

Answer 102

A

a complete cycle of a program including input, processing and output

Answer 103

A

batch or online real-time

2. centralized, decentralized, or distributed

Answer 104

A

transactions flow through the system in groups of like transactions (batches).

Example: all cash receipts on accounts receivable for a day may be aggregated and run as a batch

ordinarily leaves a relatively easy-to-follow audit trail

*goes through edit checks and prints out errors (admin fee process)

Answer 105

A

transactions are processed in the order in which they occur, regardless of type.

data files and programs are stored online so that updating can take place as the edited data flows to the application

system security must be in place to restrict access to programs and data to authorized persons

categorized into:

online transaction processing (OLTP)
online analytical processing (OLAP)

Answer 106

A

databases support day-to-day operations

2. example: airline reservation systems, bank automatic teller systems, internet website sales systems

Answer 107

A

enables the user to query the system (retrieve data), and conduct an analysis, etc.; primarily used for analytics

uses statistical and graphical tools

example: airline company downloads its OLTP reservation info into another database to allow analysis of that reservation information

Answer 108

A

computer-based info systems that combine models and data in an attempt to solve relatively unstructured problems with extensive user involvement

Answer 109

A

data warehouse: a subject-oriented, integrated collection of data used to support management decision-making processes or;
a data mart: a data warehouse that is limited in scope

Answer 110

A

using sophisticated techniques from statistics, artificial intelligence and computer graphics to explain, confirm and explore relationships among data (which is often stored in a data warehouse or data mart)

Answer 111

A

a combination of systems that help aggregate, access, and analyze business data and assist in the business decision-making process

Answer 112

A

computer software designed to help make decisions (may be viewed as an attempt to model aspects of human thought on computers)

Answer 113

A

one form of AI (artificial intelligence)

a computerized information system that guides decision processes within a well-defined area and allows decisions comparable to those of an expert

example: an expert system may be used by a credit card company to authorize credit card purchases to minimize fraud and credit losses

Answer 114

A

processing occurs at one location

Answer 115

A

processing (and data) are stored on computers at multiple locations

may be viewed as a collection of independent databases

Answer 116

A

transactions for a single database are processed at various sites

processing may be either a batch or online real-time basis

Answer 117

A

a binary digit (0 or 1) which is the smallest storage unit in a computer

Answer 118

A

a group of adjacent bits (usually 8) that is treated as a single unit, or character, by the computer.

one byte can form a letter, a number, or a special character, or unprintable codes (those that control peripheral devices such as computers)

Answer 119

A

a group of related characters (social security number)

Answer 120

A

an ordered set of logically related fields

example: all payroll data (including SS number field and others) relating to a single employee

Answer 121

A

a group of related records (e.g. all the weekly pay records YTD), which is usually arranged in sequence

Answer 122

A

a group of related records in a relational database with a unique identifier (primary key field) in each record

Answer 123

A

a group of related files or a group of related tables (if a relational database)

ordinarily stored online

Answer 124

A

a file containing relatively permanent information used as a source of reference and periodically updated with a detail (transaction) file (e.g. permanent payroll files- all banking information)

Answer 125

A

a file containing current transaction information used to update the master file (e.g. hours worked by each employee during the current period used to update the payroll master file)

Answer 126

A

a file containing current transaction information used to update the master file (e.g. hours worked by each employee during the current period used to update the payroll master file)

Answer 127

A

focus upon data processing needs of individual departments; each application program or system is set up to meet the needs of the particular requesting department or user group

Answer 128

A

currently operational for many existing systems

2. cost effective for simple applications

Answer 129

A

data files are dependent upon a particular application program
in complex systems, there is much duplication of data
each application must be developed individually
program maintenance is expensive
data may be difficult to share btwn functional areas (isolated)

Answer 130

A

the process of separating the database into logical tables to avoid certain kinds of updating difficulties (referred to as “anomalies”)

Answer 131

A

computer hardware and software that enables the database to be implemented

Answer 132

A

software that provides a facility for communications btwn various applications programs (e.g. a payroll prep program) and the database (e.g. master payroll file containing earnings)

*create and modify

Answer 133

A

basic to database systems is this concept which separates the data from the related application program

Answer 134

A

identifying and organizing a database’s data, both logically and physically.

data model determines what info is to be contained in a database, how the info will be used, and how the items in the database will be related to each other

Answer 135

A

an approach to data modeling

the model (called entity-relationship diagram, or ERD) divides the database into two logical parts:

entities (e.g. customer, product) and
relations (e.g. buys, pays for)

Answer 136

A

the fields that make a record in a relational database table unique

Answer 137

A

the fields that are common to two (or more) related tables in relational database

Answer 138

A

a data model designed for use in designing accounting information databases

Resources; Events; Agents

Answer 139

A

(data repository or data directory system)

data structure that stores meta-data

Answer 140

A

definitional data that provides info about or documentation of other data managed within an application or environment

i.e. data about data elements, records and data structures (length, fields, columns)

Answer 141

A

used for creating and querying relational databases; 3 types:

data definition language (DDL): used to define a database (creating, altering, deleting tables and establishing various constraints)
data manipulation language (DML): maintain a database (updating, inserting in, modifying, and querying)
data control language (DCL): used to control database (which users have various privileges

Answer 142

A

hierarchical
networked
relational
object-oriented
object-relational
distributed

Answer 143

A

data elements at one level “own” the data elements at the next lower level

Answer 144

A

each data element can have several owners and can own several other elements

Answer 145

A

a database with the logical structure of a group of related spreadsheets

have largely replaced hierarchical and networked database structures

Answer 146

A

information (attributes and methods) are included in structures called object classes

this is the newest database management system technology

Answer 147

A

includes both relational and object-oriented features

Answer 148

A

a single database that is spread physically across computers in multiple locations that are connected by a data communications link

Answer 149

A

user department
access controls
backup and recovery
database administrator (DBA)
audit software

Answer 150

A

strict controls over who is authorized to read and/or change the database are necessary

Answer 151

A

controls within the database itself; limit the user to reading and/or changing (updating) only authorized portions of the database

Answer 152

A

limits the access of users to the database, as well as operations a particular user may be able to perform

read only, not write, privileges

Answer 153

A

users may be provided with authorized views of only the portions of the database for which they have a valid need

Answer 154

A

a database is updated on a continuous basis during the day; 3 methods of backup and recovery include:

backup of database and logs of transactions
database replication
backup facility

Answer 155

A

individual responsible for maintaining the database and restricting access to the database to authorized personnel

Answer 156

A

usually used by auditors to test the database

Answer 157

A

data independence: easily used by diff. applications
minimal data redundancy
data sharing: sharing of data
reduced program maintenance
commercial applications are available for modification to a company’s needs

Answer 158

A

traditional file processing systems

2. database systems

Answer 159

A

need for specialized personnel with database expertise
installation of database is costly
conversion of traditional file systems is costly
comprehensive backup and recovery procedures are necessary

Answer 160

A

a group of interconnected computers and terminals

Answer 161

A

the electronic transmission of info by radio, fiber optics, wire, microwave, laser, and other electromagnetic systems- has made possible the electronic transfer of information between networks of computers

Answer 162

A

personal network area (PAN)
local area networks (LAN)
Metropolitan area network (MAN)
Wide area networks (WAN)

Answer 163

A

a computer network that is centered around an individual and the personal communication devices she uses (Bluetooth, USB)

Answer 164

A

privately owned networks within a single building or campus of up to a few miles in size

*emphasized in AICPA materials

Answer 165

A

a larger version of LAN; might include a group of nearby offices within a city

Answer 166

A

Networks that span a large geographical area, often a country or continent

composed of a collection of computers and other hardware and software for funning user programs

Answer 167

A

Private
Public
Cloud computing/ cloud services

Answer 168

A

one in which network resources are usually dedicated to a small number of applications or a restricted set of users, as in a corporation’s network

advantages: secure, flexible, performance often exceeds that of public
disadvantages: costly

Answer 169

A

resources are owned by third-party companies and leased to users on a usage basis (also referred to as public switch networks- PSN)

advantages and disadvantages: in general, the opposite of those for private networks, but certainly a significant disadvantage is that they are less secure

Answer 170

A

the use and access of multiple server-based computational resources via digital network

applications are provided and managed by the cloud server and data is stored remotely in the cloud configurations

Answer 171

A

information security and privacy- users rely on cloud providers access controls
continuity of services-user problems occur if cloud provider has service interruptions
migration- users may have difficulty changing cloud providers because there are no data standards

Answer 172

A

internet
intranet
extranet

Answer 173

A

network internet classifications: data communications are ordinarily

HTML and XML: languages used to create and format documents, link documents to other web pages, and communicate between web browsers

XML is increasingly replacing HTML in internet applications due to its superior ability to tag and format documents that are communicated among trading partners

Answer 174

A

an XML-based language being developed specifically for the automation of business information requirements, such as the preparation, sharing, and analysis of financial reports, statements, and audit schedules

Answer 175

A

international collection of networks made up of independently owned computers that operate as a large computing network

internetwork communication requires the use of a common set of rules, or protocols (TCP), and a shared routing system (IP)

Answer 176

A

the primary internet protocol for data communication on the World Wide Web

Answer 177

A

a standard for finding a document by typing in an address (www.sldkfslkfjd.com)

Answer 178

A

a framework for accessing linked resources spread out over the millions of machines all over the Internet

Answer 179

A

client software that provides the user with the ability to locate and display web resources

Answer 180

A

software that “serves” (makes available) web resources to software clients

Answer 181

A

a method for protecting computers and computer information from outsiders

consists of security algorithms and router communications protocols that prevent outsiders from tapping into corporate database and email systems

Answer 182

A

a communications interface device that connects two networks and determines the best way for data packets to move forward to their destinations

Answer 183

A

a device that divides LAN (local area networks) into two segments, selectively forwarding traffic across the network boundary it defines; similar to a switch

Answer 184

A

a device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination

Answer 185

A

a combination of hardware and software that links to different types of networks

example: gateways between email systems allow users of differing email systems to exchange messages

Answer 186

A

a server that saves and serves copies of web pages to those who request them

Answer 187

A

2nd generation of the web

refers to era of web-based collaboration and community-generated content via web-based software tools such as:

blog
wiki
twitter
RSS/ATOM Feeds- Really simple syndication

Answer 188

A

an asynchronous discussion, or web log, led by a moderator that typically focuses on a single topic

Answer 189

A

an information-gathering and knowledge-sharing website that is developed collaboratively by a community or group, all of whom can freely add, modify or delete content

Answer 190

A

a micro-variation of a blog

Answer 191

A

an XML application that facilitates the sharing and syndication of website content by subscribers

Answer 192

A

the basic communication language or protocol of the internet

two layers; one assembles messages and the other assigns IP addresses

Answer 193

A

the number that identifies a machine as unique on the internet

Answer 194

A

an entity that provides access to the internet

Answer 195

A

virus
trojan horse
worm
antivirus software
botnet

Answer 196

A

a program (or piece of code) that requests the computer operating system to perform certain activities not authorized by the computer user

can be transmitted by files that contain macros that are sent as an email attachment

Answer 197

A

a stored set of instructions and functions that are organized to perform a repetitive task and can be easily activated, often by a simple key stroke combination

most macros serve valid purposes but those associated with viruses cause problems

Answer 198

A

a malicious, security-breaking program that is disguised as something benign, such as a game, but actually is intended to cause IT damage

Answer 199

A

a program that propagates itself over a network, reproducing itself as it goes

Answer 200

A

is used to attempt to avoid viruses, trojan horses and worms but the rapid development of new viruses results in a situation in which antivirus software developers are always behind virus developers

Answer 201

A

a network of computers that are controlled by computer code, called a “bot”, that is designed to perform a repetitive task such as sending spam, spreading a virus, or creating a distributed denial of service attack

Answer 202

A

a local network, usually limited to an organization, that uses internet-based technology to communicate within the organization

Answer 203

A

similar to an intranet, but includes an organization’s external customers and/or suppliers in the network

Answer 204

A

the architecture must divide three responsibilities (1) input, (2) processing, (3) storage

a client server model may be viewed as one in which communications ordinarily take the form of a request message from the client to the server asking for some service to be performed

a “client” may be viewed as the computer or workstation of an individual user

the server is a high-capacity computer that contains the network software and may provide a variety of services ranging from simply “serving” files to a client to performing analyses

overall client-server systems
subtypes of client/server architectures
distributed systems

Answer 205

A

a networked computing model (usually a LAN- local area network) in which database software on a server performs database commands sent to it from client computers

diagram on page 83

Answer 206

A

file servers
database servers
three-tier architectures

Answer 207

A

the file server manages file operations and is shared by each of the client PCs (ordinarily attached to a LAN- local area network)

3 responsibilities are divided in a manner in which most input/output , and processing occurs on client computers rather than on the server:

input/output
processing
storage

the file server acts simply as a shared data storage device, with all data manipulations performed by client PCs

*two tier architecture: client tier and server database tier

Answer 208

A

similar to file servers, but the server here contains the database management system and thus performs more of the processing

*two tier architecture: client tier and server database tier

Answer 209

A

a client/server configuration that includes three tiers

the change from file and database servers is that this architecture includes an additional server layer

examples of additional servers:

printer server: make shared printers available to clients
communications server: serve a variety of tasks
fax server: allows network to share hardware for faxes
web server: stores and serves web pages on request

Answer 210

A

connect all company locations to form a distributed network in which each location has its own input/output, processing, and storage capabilities

Answer 211

A

privately owned networks within a single building or campus of up to a few miles in size

Answer 212

A

allows devices to function cooperatively and share network resources such as printers and disk storage space

Answer 213

A

network server
file server: stores programs and data files for users
print server
communications server

Answer 214

A

workstations
peripherals
transmission media
network interface cards

Answer 215

A

ordinarily microcomputers

Answer 216

A

example: printers, network attached storage (NAS) devices, optical scanners, fax board

Answer 217

A

physical path that connect components of LAN, ordinarily twisted-pair wire, coaxial cable, or optical fiber

LANs that are connected wirelessly are called WLANS or WiFi networks

Answer 218

A

connect workstation and transmission media

Answer 219

A

general controls are often weak (controls over development and modification of programs, access and computer operations)
controls often rely upon end users, who may not be control conscious (people writing passwords)
often users may not be provided with adequate resources for problem resolution, troubleshooting and recovery support
controlling access and gaining accountability through logging of transactions enforces segregation of duties
good management controls are essential (access codes and passwords)
LAN software ordinarily does not provide security features available in larger scale environments

*test of controls may address whether controls related to the above are effective

Answer 220

A

LANs generally make possible the computer audit techniques that may be performed either by internal auditors or external auditors

Answer 221

A

personal computers (PCs) and laptop computers

a small business will probably use a PC to run a commercially purchased general ledger package (off the shelf software)

segregation of duties becomes especially difficult in such an environment because one individual may perform all recordkeeping (processing) as well as maintain other nonrecordkeeping responsibilities

a larger client may use a network of PCs that may or may not be linked to a large corporate mainframe computer

Answer 222

A

security
verification of processing
personnel

Answer 223

A

security over small computers, while still important, may not be as critical as security over the data and any in-house developed software

access to the hard drive must be restricted since anyone turning on the power switch can read the data stored on files

a control problem may exist because the computer operator often understands the system and also has access to the input data –> management may need to become more involved in supervision when lack of segregation of duties exist in data processing

Answer 224

A

periodically, an independent verification of applications being processed on the small computer system should be made to prevent the system from being used for personal projects

verification also helps prevent errors in internally developed software from going undetected

Answer 225

A

centralized authorization to purchase hardware and software should be required to ensure that appropriate purchasing decisions are made, including decisions that minimize software and hardware compatibility difficulties

software piracy and viruses may be controlled by prohibiting the loading of unauthorized software and data on company-owned computers

Answer 226

A

establishing a corporate software policy
maintaining a log of all software purchases
auditing individual computers to identify installed software

Answer 227

A

the end user is responsible for the development and execution of the computer application that generates the information used by that same end user

user substantially eliminates many of the services offered by an MIS (management information system) department

overall physical access controls become more difficult when companies leave a controlled MIS environment and become more dependent upon individual users for controls

Answer 228

A

end-user applications are not always adequately tested before implemented
more client personnel need to understand control concepts
management often does not review the results of applications appropriately
old or existing applications may not be updated for current applicability and accuracy

Answer 229

A

require applications to be adequately tested before they are implemented
require adequate documentation
physical access controls
control access to appropriate users
control use of incorrect versions of data files (use control totals for batch processing of uploaded data)
require backup files
provide applications controls (edit checks, range tests, reasonableness checks)
support programmed or user reconciliations to provide assurance that processing is correct

Answer 230

A

clamps or chains to prevent removal of hard disks or internal boards
diskless workstations that require downloaded files
regular backup
security software to limit access to those who know user ID and password
control over access from outside
commitment to security matters written into job descriptions, employee contracts, and personnel evaluation procedures

Answer 231

A

passwords and user IDs
menus for EUC access to database
protect system by restricting user ability to load data
when user uploads data, require appropriate validation, authorization, and reporting control
independent review of transactions
record access to company databases by EUC applications

Answer 232

A

involves individuals and organizations engaging in a variety of electronic transactions with computers and telecommunication networks (internet or telephone)

Answer 233

A

security
availability
processing integrity
online privacy
confidentiality

some believe these risks are impairing the growth of the web

Answer 234

A

developed by the AICPA and the Canadian Institute of Chartered Accountants

a form of assurance that tells potential customers that the firm has evaluated a website’s business practices and controls to determine whether the are in conformity with WebTrust principles

Answer 235

A

allows an individual to digitally sign a message so the recipient knows that it actually came from that individual and wasn’t modified

Answer 236

A

the conversion of data into a form called cipher text, that cannot be easily understood by unauthorized people

Answer 237

A

the process of converting encrypted data back into its original form so it can be understood

the conversion is performed using an algorithm and key which only the users control

Answer 238

A

a detailed sequence of actions to perform to accomplish some task

Answer 239

A

in the content of encryption, a value that must be fed into the algorithm used to decode an encrypted message in order to reproduce the original plain text

Answer 240

A

an encryption system in which both the sender and receiver have access to the electronic key, but do not allow others access

disadvantage: both parties must have the key

Answer 241

A

the machine instructions necessary to encrypt and decrypt data constitute system overhead, which slows down the rate of processing

Answer 242

A

off-site mirrored Web servers

Answer 243

A

making cash payments between two or more organizations or individuals electronically rather than by using checks (or cash)

Answer 244

A

EFT (electronic funds transfer) are vulnerable to the risk of unauthorized access to proprietary data and to the risk of fraudulent fund transfers

Answer 245

A

control of physical access to network facilities
electronic ID should be required
passwords should control access
encryption should be used to secure stored data and data being transmitted

Answer 246

A

the electronic exchange of business transactions, in a standard format, from one entity’s computer to another’s through an electronic communications network

Answer 247

A

commonly used for sales and purchasing, and related accounts; the speed transactions occur often reduces receivables due to electronic processing of receipts
preventive controls, instead of detective controls, are usually used
no paper trail; some electronic copies are only kept for a certain period of time, which affect audits

Answer 248

A

point-to-point
value-added network (VAN)
public networks
proprietary networks

Answer 249

A

a direct computer to computer private network link

automakers and governments traditionally use this method

Answer 250

A

no reliance on third parties for computer processing
organization controls who has access to the network
organization can enforce proprietary (its own) software standard in dealings with all trading partners
timeliness of delivery may be improved since no third party is involved

Answer 251

A

must establish connection with each trading partner
high initial cost
computer scheduling issues
need for common protocols between partners
need for hardware and software compatibility

Answer 252

A

a privately owned network that routes the EDI (electronic data interchanges) transactions between trading partners and in many cases provides translation, storage, and other processing

it alleviates problems related to interorganizational communication that results from the use of differing hardware and software

a VAN receives data from sender, determines intended recipient, and places data in the recipient’s electronic mailbox

Answer 253

A

reduces communication and data protocol problems since VANs can deal with differing protocols (eliminating need for trading partners to agree on them)
partners do not have to establish the numerous point-to-point connections
reduces scheduling problems since receiver can request delivery of transactions when it wishes
VAN translates application to a standard format the partner does not have to reformat
VAN can provide increased security

Answer 254

A

cost (expensive)
dependence upon VAN’s systems and controls
possible loss of data confidentiality

Answer 255

A

example: the internet-based commerce solutions described earlier (EFT, EDI)

Answer 256

A

avoids cost of proprietary lines
avoids cost of VAN
directly communicates transactions to trading partners
software is being developed which allows communication between differing systems

Answer 257

A

possible loss of data confidentiality
computer or transmission disruption
hackers and viruses
attempted electronic frauds

Answer 258

A

in some circumstances (health care, banking) organizations have developed their own network for their own transactions

costly to develop and operate (because of proprietary lines) although they are often extremely reliable

Answer 259

A

controls:

authentication-controls over the origin, proper submission, and proper delivery of EDI communications (have proof of this)
packets- a block of data that is transmitted from one computer to another (contains data and authentication info)
encryption- conversion of plain text into cipher text data used by an algorithm and key which only the users control

Answer 260

A

quick response and access to info
cost efficiency
reduced paperwork
accuracy and reduced errors and error-correction costs
better communications and customer service
necessary to remain competitive

Answer 261

A

total dependence upon computer system for operation
possible loss of confidentiality of sensitive info
increased opportunity for unayuthorized transactions and fraud
concentration of control among a few people involved in EDI
reliance on third parties (trading partners, VAN)
data processing, application and communication errors
potential legal liability due to errors
potential loss of audit trails and information needed by management due to limited retention policies
reliance on trading partner’s system

Answer 262

A

the electronic transmission of info by raido, wire, fiber optic, coaxial cable, microwave, laser, or other electromagnetic system

information transmitted: voice, data, video, fax, other

Answer 263

A

computers
transmission facilities (copper wire, fiber optic cables, microwave stations, communcations satellites)
modems

Answer 264

A

controls and monitors the hardware, formats information, adds appropriate control info, performs switching operations, provides security, and supports the managment of communications

Answer 265

A

EDI (electronic data interchanges)
EFT (electronic funds transfers)
point of sale (POS) system
commercial databases
airline reservation systems

Answer 266

A

system integrity at remote sites
data entry
central computer security
dial-in security
transmission accuracy and completeness
physical security over telecommunications facilities
encryption during transmissions

Answer 267

A

these orgs record and process data for companies

Answer 268

A

a framework developed by the Information Systems Audit and Control Association to assist enterprises in achieving their objectives for governance and management of enterprise IT

it is business-oriented in that it provides a systematic way of integrating IT with business strategy and governance

Answer 269

A

meeting shareholders needs
covering the enterprise end-to-end
applying a single integrated framework
enabling a holistic approach
separating governance from management

Answer 270

A

factors that individually and collectively influence whether something will work in an organization

processes (an organized set of practices and activities to achieve certain objectives)
organizational structures (the key decision-making entities in an organization)
culture, ethics, and behavior of individuals and the org
principals, policies and frameworks (the vehicle to translate the desired behavior into guidance for day-to-day management)
information produced and used by the enterprise
services, infrastructure, and applications (the infrastructure, technology, and applications that provide the enterprise with information technology processing and services)
people, skills, and competencies required for successful completion of all activities and for making correct decisions

Answer 271

A

an organized set of practices and activities to achieve certain objectives

Answer 272

A

the key decision-making entities in an organization

Answer 273

A

the vehicle to translate the desired behavior into guidance for day-to-day management

Answer 274

A

the infrastructure, technology, and applications that provide the enterprise with information technology processing and services

Answer 275

A

one that is capable of operating without material error, fault, or failure during a specified period in a specified environment

5 AICPA TrustServices reliable principals:

security
availability
processing integrity
online privacy
confidentiality

Answer 276

A

the system is protected against unauthorized access (physical and logical)

lock doors and prevent access to data

Answer 277

A

the system is available for operation and use as committed or agreed

the system is available for operation and use in conformity with the entity’s availability policies

system failure results in interruption of business operations and loss of data

Answer 278

A

system processing is complete, accurate, timely, and authorized

invalid, incomplete or inaccurate processing can affect input data, data processing, updating of master files, and creation of output

Answer 279

A

personal information obtained as a result of e-commerce is collected, used, disclosed, and retained as committed or agreed

risks include disclosure of customer info such as SS #s, CC #s, credit rating, and medical conditions

Answer 280

A

information designated as confidential is protected as committed or agreed

examples of confidential data that might be disclosed:
transaction details
engineering details of products
business plans
banking info
legal documents
inventory/ other account info
customer lists
confidential details of operations

Answer 281

A

segregate functions between information systems department and user departments

do not allow information systems department to initiate or authorize transactions

at a minimum, segregate:

programming
data entry
operations
library function within the information systems department

Answer 282

A

are the other departments of the company that utilize the data prepared by the information systems department

Answer 283

A

the system analyst analyzes the present user environment and requirements and may:

recommend specific changes
recommend the purchase of a new system
design a new information system

Answer 284

A

responsible for implementing, modifying, and debugging the software necessary for making the hardware work

Answer 285

A

responsible for writing, testing and debugging the application programs from specifications provided by the systems analyst

Answer 286

A

responsible for maintain the database and restricting access to the database to authorized personnel

Answer 287

A

data may be prepared by user departments and input by key to storage devices

Answer 288

A

the operator is responsible for the daily computer operations of both the hard ware and the software

supervises operations on the operator’s console, accepts any required input, and distributes any generated output

operator should have adequate documentation to run the program (a run manual), but should not have detailed program info

*help desks are usually a responsibility of the operators because of the operational nature of their functions (ex. assisting users with systems problems and obtaining technical support)

Answer 289

A

librarian is responsible for custody of the removable media (i.e. magnetic tape or disks) and for the maintenance of program and system documentation

in many systems the library function is maintained and performed electronically by the computer

Answer 290

A

the control group acts as a liaison between users and the processing center

this group records input data in a control log, follows the progress of processing, distributes output, and ensures compliance with control totals

*ideally, in a large system, the above key functions are segregated but in a smaller co. many are concentrated to a small number of employees

***at a minimum an attempt should be made to segregate programming, operating, and library functions

Answer 291

A

the computerized accounting system is affected by whether the company uses small computers and/or a complex mainframe system

Small systems can use off the shelf software:

controls within the software may be well known
analysis of exception reports generated during processing is important to determine that exceptions are properly handled

for complex mainframe systems, software is usually developed internally:

controls are unknown to auditor prior to testing
analysis of exception reports is important

Answer 292

A

a common method for monitoring for inappropriate access is review of system-access log (who has access0

IT can also facilitate monitoring: continuously evaluate data/trax and capture samples of items

Answer 293

A

in which a computer is involved may be segregated into:

computer general control activities
application control activities
programmed application controls
manual follow-up of computer exception reports
user control activities to test the completeness and accuracy of computer processed controls

Answer 294

A

control program development, program changes, computer operations, and access to programs and data

Answer 295

A

programmed control activities: relate to specific computer applications and are embedded in the comp program

manual follow-up of comp. exception reports: involves employee follow up of items listed on the comp exception reports

Answer 296

A

represent manual checks of computer output against source document or other input, and thus provide assurance that programmed aspects of the accounting system and control activities have operated effectively

Answer 297

A

developing new programs and systems
changing existing programs and systems
controlling access to programs and data
controlling computer operations

Answer 298

A

user departments participate in systems design
both users and information systems personnel test new systems
management, users, and information systems personnel approve new systems before they are placed into operation
all master and transaction file conversion should be controlled to prevent unauthorized changes and to verify the accuracy of the results
programs and systems should be properly documented

Answer 299

A

of chip technology and controls built into the hardware

controls include:

parity check
echo check
diagnostic routines
boundary protection
periodic maintenance

Answer 300

A

a special bit is added to each character that can be detected if the hardware loses a bit during the internal movement of a character

Answer 301

A

primarily used in telecommunications transmissions

during the sending and receiving of characters, the receiving hardware repeats back to the sending hardware what it received and the sending hardware automatically resends any characters that were received incorrectly

Answer 302

A

hardware or software supplied by the manufacturer to check the internal operations and devices within the computer system

Answer 303

A

must CPUs have multiple jobs running simultaneously (multiprogramming environment)

boundary controls do not allow one job to change the allocated memory of another job

Answer 304

A

the system should be examined periodically (often weekly) by a qualified service technician

Answer 305

A

systems and programs should be adequately documented

system specification documents should detail such matters as performance levels, reliability, security and privacy, constraints and limitations, functional capabilities, and data structure elements

Answer 306

A

should be documented in a change request log

Answer 307

A

information systems manager should review all changes
modified program should be appropriately tested
details of all changes should be documented
a code comparison program may be used to compare source and/or object codes of a controlled copy of a program with the program currently being used to process data (will identify unauthorized changes)

Answer 308

A

access to program documentation should be limited to those who require it in the performance of their duties
access to data files and programs should be limited to those authorized to process data
access to computer hardware should be limited to authorized individuals (computer operators and their supervisors)

Answer 309

A

the physical facility that houses the computer equipment, files, and documentation should have controls to limit access only to authorized individuals

controls: guard, key card, manual key locks, fingerprint and palmprint access granting devices

Answer 310

A

use visitor logs to document those who have had access to the area

Answer 311

A

(user identification)

the most used control is a combination of a unique identification code and a confidential password

Answer 312

A

a specialized form of user ID in which the user dials the system, identifies themselves, and is disconnected from the system

then either manually or computer finds authorized phone number and calls back

Answer 313

A

data is coded when stored in computer files and/or before transmission to or from remote locations

protects data since unauthorized users not only have to obtain data, they also have to decode it

Answer 314

A

operators should have access to an operations manual that contains the instructions for processing programs and solving routine operational program issues, but not with detailed program documentation
the control group should monitor the operators activities and jobs should be scheduled

Answer 315

A

backup recovery
contingency processing
internal and external labels

Answer 316

A

detailed contingency processing plans should be developed to prepare for system failures

responsibilities of individuals, as well as the alternate processing sites that should be utilized

Answer 317

A

external labels are gummed-paper labels attached to storage media which identify the file

internal labels perform the same function through the use of machine readable information in the first record of the file

use of labels allows the computer operator to determine whether the correct file has been selected for processing (file protection ring makes it read only)

Answer 318

A

apply to a specific application

operate to assure the proper input and processing of data

Answer 319

A

inputs should be authorized and approved
system should verify all significant data fields used to record info
conversion of data into machine-readable form should be controlled and verified for accuracy

Answer 320

A

preprinted form
check digit
control, batch, or proof total
hash total
record count
limit (reasonable test)
menu driven input
field check
validity check
missing data check
field size check
logic check
redundant data check
closed-loop verification

Answer 321

A

info is pre-assigned a place and a format on the input form

Answer 322

A

an extra digit added to an ID number to detect certain types of data transmission errors

Answer 323

A

a total of one numerical field for all the records of a batch that would normally be added (total sales dollars)

Answer 324

A

a control total where the total is meaningless for financial purposes

Answer 325

A

a control total of the total records processed

Answer 326

A

test of the reasonableness of a field of data, given a predetermined upper and/or lower limit

example: limit for auditing scores would be 100

Answer 327

A

what score did you get on the auditing section of the CPA exam? 75-100?

you must enter a number between 75 and 100

Answer 328

A

control that limits the types of characters accepted into a specific data field

ex. pay rate should only include numerical data

Answer 329

A

a control that allows only “valid” transactions or data to be entered into the system (female is 1 and male is 2- anything else would not be valid)

Answer 330

A

a control that searches for blanks inappropriately existing in input data (required fields in a form online)

Answer 331

A

a control of an exact number of characters to be input (EIN has to be 9 digits)

Answer 332

A

ensures that illogical combinations of input are not accepted

Answer 333

A

uses two identifiers in each transaction record to confirm that the correct master file record is being updated (duplicate profile entries- it notifies me when its already in the system)

Answer 334

A

a control that allows data entry personnel to check the accuracy of input data

Answer 335

A

when the input has been accepted by the computer, it usually is processed through multiple steps

Answer 336

A

these controls involve employee (operator and/ or control group) follow-up of items listed on computer exception reports

their effectiveness depends on the effectiveness of both the programmed control activities that produce the reports and the manual follow-up activities

Answer 337

A

checks of computer output against source documents, control totals, or other input to provide assurance that programmed aspects of the f/r system and control activities have operated effectively
reviewing computer processing logs to determine that all correct computer jobs were executed properly
maintaining proper procedures and communications specifying authorized recipients of output (did the right person get the output?)

Answer 338

A

a plan should allow the firm to:

minimize the extent of disruption, damage, and loss
establish an alternate (temporary) method for processing info
resume normal operations as quickly as possible
train and familiarize personnel to perform emergency operations

a plan should include priorities, insurance, backup approaches, specific assignment, period testing and updating, and documentation

Answer 339

A

batch systems

2. online databases and master file systems

Answer 340

A

three forms of the file saved, 1, 2, and 3

if one is destroyed, two recovers it and so on

Answer 341

A

checkpoint
rollback
backup facilities

Answer 342

A

system makes copies of the system at certain “checkpoints”

if files are destroyed, the last checkpoint saved will restore the destroyed file

Answer 343

A

as a part of recovery, to undo changes made to a database to a point at which it was functioning properly

Answer 344

A

reciprocal agreement
hot site
cold site
internal site
mirrored web server

Answer 345

A

an agreement btwn two or more organizations to aid each other with their data processing needs in the event of a disaster (mutual aid pact)

Answer 346

A

a commercial disaster recovery service that allows a business to continue computer operations in the event of a computer disaster

example: if a co’s data processing center becomes inoperable, that enterprise can move all processing to a hot site that has all the equipment needed to continue operation (recovery operations center ROC)

costly

Answer 347

A

similar to hot site, but the customer provides and installs the equipment needed to continue operations

less expensive, but takes longer to get into full operation after a disaster (empty shell)

Answer 348

A

large organizations with multiple data processing centers sometimes rely upon their own sites for backup in the event of a disaster

Answer 349

A

an exact copy of a website which is the best way to back up the website

Brainscape's Knowledge GenomeTM

Module 41: Information Technology Flashcards

Brainscape's Knowledge Genome^TM