Module 41: Information Technology Flashcards

1
Q

Information Systems

A

An information system processes data and transactions to provide users with the information they need to plan, control and operate an organization, including: -Collecting transaction and other data -Entering it into the information system -Processing the data -Providing users with the information needed -Controlling the process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of IT Systems - Office automation systems

A

Designed to improve productivity by supporting daily work of employees (e.g. word processing, spreadsheets, presentation tools, e-mail, electronic calendars, contract management software)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Types of IT systems - Transaction processing systems

A

Involve the daily processing of transactions (e.g. airplane reservation systems, payroll recording, cash receipts, cash disbursement)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Types of IT systems - Management reporting systems

A

Designed to help with the decision making process by providing access to computer data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Types of IT systems - Management information systems

A

Systems designed to provide past, present, and future information for planning, organizing and controlling the operations of the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Types of IT systems - Decision support systems

A

Computer-based information systems that combine models and data to resolve nonstructured problems with extensive user involvement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Types of IT systems - Expert systems

A

Computer systems that apply reasoning methods to data in a specific relatively structured area to render advice or recommendations, much like a human expert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Types of IT systems - Executive information systems

A

Computerized systems that are specifically designed to support executive work

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Type of computers - Supercomputers

A

Extremely powerful, high-speed computers used for extremely high-volume and complex processing needs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Types of computers - Mainframe computers

A

Large, powerful, high-speed computers. While less powerful than supercomputers, they have traditionally been used for high-volume transaction processing. Clusters of lower cost, less powerful “servers” are increasingly taking over the processing chores of mainframe computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Types of computers - Servers

A

High-powered microcomputers that serve applications and data to clients that are connected via a network (e.g. web servers, database servers). Servers typically have greater capacity (faster processors, more RAM, more storage) than clients (microcomputers) and often act as central repository for organizational data. Servers today are often configured as a virtual machine meaning multiple operating systems can coexist and operate simultaneously on the same machine. Virtual machines are appealing because they lower hardware costs and create energy savings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Types of computers - Microcomputers (desktop or laptop)

A

Designed to be used by one person at a time; often called personal computers; typically used for work processing, e-mail, spreadsheets, surfing the web, creating and editing graphics, playing music, gaming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Types of computers - Tablets/Smart Phones/PDAs

A

These are typically smaller, handheld wireless devices that depend on WiFi and/or cellular technology for communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Central processing unit (CPU)

A

The principal hardware components of a computer. It contains an arithmetic/logic unit, primary memory, and a control unit. The major function of the CPU is to fetch stored instructions and data, decode the instructions, and carry out the instructions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Arithmetic/logic unit

A

Performs mathematical operations and logical comparisons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Primary memory (storage)

A

Active data and program steps that are being processed by the CPU; divided into RAM (random-access memory) and ROM (read-only memory). Application programs and data are stored in the RAM at execution time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Control unit

A

Interprets program instructions and coordinates input, output, and storage devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Magnetic tape

A

Slowest type of storage available because data is stored sequentially. Primarily used for archiving purposes today.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Magnetic disks

A

Most common storage medium in use on computers today. Magnetic disks are also called hard disks or hard disks drives (HDDs). Disks can be accessed directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

RAID (Redundant array of independent (previously, inexpensive) disks

A

Way of storing the same redundantly on multiple magnetic disks. Reduces the likelihood of loss of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Compact disks

A

Discs (CDs) and Digital Video Discs (DVDs). Both are the same physical size and both use optical technology to read and write data to the disc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Solid State Drives (SSDs)

A

Use microchips to store data and require no moving parts for read/write operations. Faster and more expensive per gigabyte than CDs, DVDs, and HDDs. Increasingly being used in place of HDDs in microcomputers but cost and limited capacity have constrained their adoption as a primary storage device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Cloud-Based Storage

A

Also called “Storage as a Service” (SaaS). This type of storage is hosted offsite, typically by third parties and is accessed via the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Digital

A

Series of binary digits (0s and 1s). One binary digit is called a “bit”. A series of 8 bits is referred to as a “byte.” One byte can form a letter, number, or special character.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Analog

A

The representation that is produced by the fluctuations of a continuous signature (speech, temperature, weight, speed). Use electrical, mechanical, hydraulic or pneumatic devices to transmit the fluctuations in the signal itself to represent information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Online

A

Equipment in direct communication with, and under the control of, the CPU. Online also refers to having a connection to the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Off-Line

A

Equipment not in direct communication with the CPU; the operator generally must intervene to connect off-line equipment or data to the CPU. Off-line also refers to the absence of an Internet connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Console

A

Terminal used for communication between the operator and the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Peripheral equipment

A

All non-CPU hardware that may be placed under the control of the central processor. Classified as online or off-line, this equipment consists of input, storage, output and communication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Controllers

A

Hardware units designed to operate specific input-output units.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Buffer

A

Temporary store unit used to hold data during computer operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

MIPS

A

Millions of instructions per second; a unit for measuring the execution speed of computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Key-to-tape and key-to-disk

A

Data is entered on a magnetic tape and/or disk respectively, and then read into a computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Visual display terminal/monitors

A

Uses keyboard to directly enter data into computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Input interface

A

A program that controls the display for the user (usually on a computer monitor) that allows the user to interact with the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Graphical user interface (GUI)

A

Uses icons, pictures, and menus instead of text for inputs (e.g. Windows)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Command line interface

A

Uses text-type commands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Mouse, joystick, light pens

A

Familiar devices that allow data entry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Touch-sensitive screen

A

Allows users to enter data from a menu of items by touching the surface of the monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Turnaround documents

A

Documents that are sent to the customer and returned as inputs (e.g. utility bills)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Magnetic tape reader

A

A device capable of sensing information recorded as magnetic spots on magnetic tape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Magnetic ink character reader (MICR)

A

Device that reads characters that have been encoded with a magnetic ink (e.g. bank check readers)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Scanner

A

A device that reads characters on printed pages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Automatic teller machine (ATM)

A

A machine used to execute and record transactions with financial institutions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Radio Frequency Identification (RFID)

A

Uses radio waves to track and input data. Increasingly used for inventory and contactless payment systems. Does not require line-of-sight access like bar code technology (e.g. FasTrak)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Point-of-sale (POS) recorders

A

Devices that read price and product code data (e.g. recall purchasing groceries - items are frequently passed over a POS recorder). POS processing allows one to record and track customer orders, process credit and debit cards, connect to other systems in a network and manage inventory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Voice Recognition

A

A system that understands spoken words and transmits them into a computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Electronic commerce and Electronic Data Interchange

A

Invoices one company’s computer communicating with another’s computer. E.g a buyer electronically sending a purchase order to a supplier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Monitors

A

Visually display output

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Printers

A

Produce paper output

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Plotters

A

Produce paper output of graphs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Computer output to microfilm or microfiche (COM)

A

Makes use of photographic process to store output

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Operating system

A

Manages the input, output, processing and storage devices and operations of a computer (e.g. Windows, Linux, Unix)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Utility programs

A

Handle common file, data manipulation and housekeeping tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Communications software

A

Controls and supports transmission between computers, computers and monitors, and accesses various databases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Low-end accounting software

A

All in one package, designed for small organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

High-end accounting software

A

Ordinarily in modules (e.g. general ledger, receivables)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Enterprise Resource Planning (ERP)

A

Designed as relatively complete information system “suites” for large and medium size organizations (e.g. HR, financial applications, manufacturing, distribution). Major vendors are SAP, PeopleSoft, Oracle, and J.D. Edwards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Compiler

A

Produces a machine language object program from a source program language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Multiprocessing

A

Simultaneous execution of two or more tasks, usually by two or more CPUs that are part of the same system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Multitasking

A

The simultaneous processing of several jobs on a computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Object program

A

The converted source program that was changed using a compiler to create a set of machine readable instructions that the CPU understands

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Source program

A

A program written in a language from which statements are translated into machine language; computer programming has developed in generations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Machine language

A

Composed of combinations of 1’s and 0’s that are meaningful to the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Assembly language

A

Low-level programming language that uses words (mnemonics) instead of numbers to perform an operation. Must be translated to machine language by an assembler. Assembly language is specific to a computer architecture and not portable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

High-level programming languages

A

COBOL, Basic, Fortran, C++, Java

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Object-oriented programs

A

C++ and Java; based on concept of an objcet which is a data structure that uses a set of routines called methods which operate on the data. Keep together data structures and procedures (methods) through a procedure referred to as encapsulation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Application-Specific Language

A

Built around database systems. These programs are ordinarily closer to human languages than the first three generations (e.g. SQL, Structures Query Language)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Virtual memory (storage)

A

Online secondary memory that is used as an extension of primary memory, thus giving the appearance of larger, virtually unlimited internal memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Protocol

A

Rules determining the required format and methods for transmission of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Desk checking

A

Review of a program by the programmer for errors before the program is run and debugged on the computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Debug

A

To find and eliminate errors in a computer program. Many compilers assist debugging by listing errors in a program such as invalid commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

Edit

A

To correct input data prior to processing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

Loop

A

A set of program instructions performed repetitively a predetermined number of times, or until all of a particular type of data has been processed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

Memory dump

A

A listing of the contents of storage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Patch

A

A section of coding inserted into a program to correct a mistake or to alter a routine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Run

A

A complete cycle of a program including input, processing, and output

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Batch

A

Transactions flow through the system in groups of like transactions (batches) E.g. all cash receipts on accounts receivable for a day may be aggregated and run as a batch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Online real-time (aka direct access processing)

A

General: Transactions are processed in the order in which they occur, regardless of type. data files and programs are stored online so that updating can take place as the edited data flows to the application. System security must be in place to restrict access to programs and data to authorized personals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Online transaction processing (OLTP)

A

Databases that support day-to-day operations. E.g. airline reservation systems, bank automatic teller systems, and internet website sales systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

Online analytical processing (OLAP)

A

Category of software technology that enables the user to query the system (retrieve data) and conduct an analysis ordinarily while the user is at a PC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Data warehouse

A

Subject-oriented, integrated collection of data used to support management decision-making processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Data mart

A

Data warehouse that is limited in scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Data mining

A

Using sophisticated techniques from statistics, artificial intelligence and computer graphics to explain, confirm and explore relationships among data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Business intelligence (BI)

A

A combination of systems that help aggregate, access, and analyze business data and assist in the business decision-making process

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

Artificial intelligence (AI)

A

Computer software designed to help humans make decisions. AI may be viewed as an attempt to mode aspects of human thought on computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Expert system

A

Form of AI. A computerized information system that guides decision processes within a well-defined area and allows decisions comparable to those of an expert. Modeled into a mathematical system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

Example of an Expert System

A

Used by a credit card department to authorize credit card purchases so as to minimize fraud and credit losses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

Centralized

A

-Processing occurs at one location -This is the model used in which a mainframe computer processes data submitted to it through terminals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Decentralized

A

-Processing (and data) are stored on computers at multiple locations -Computers involved are not interconnected by a network, so users at various sites cannot share data. -Viewed as a collection of independent databases, rather than a single database -End-user computing is relatively decentralized.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

Distributed

A

-Transactions for a single database are processed at various sites -Processing may be on either a batch or online real-time basis -Overall single data base is ordinarily updated for these transactions and available at the various sites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

Bit

A

Binary digit (0 or 1) which is the smallest storage unit in a computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

Byte

A

A group of adjacent bits (usually 8) that is treated as a single unit, or character, by the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

Field

A

A group of related characters (e.g. social security number)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

Record

A

An ordered set of logically related fields. E.g. all payroll data (included the SSN field and others) relating to a single employee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

File

A

A group of related records (e.g. all the weekly pay records YTD), which is usually arranged in a sequence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

Table

A

Group of related records in a relational database with a unique identifier (primary key field) in each record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

Database

A

A group of related files or a group of related tables (if a relational database)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

Array

A

An aggregate that consists of data objects with attributes, each of which may be uniquely referenced by an index (address). E.g. an array may be used to request input of various payroll information for a new employee in one step. Thus an array could include: employee name, SSN, withholdings, pay rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

Master file

A

A file containing relatively permanent information used as a source of reference and periodically updated with a detail (transaction) file (e.g. permanent payroll records)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

Detail or transaction file

A

A file containing current transaction information used to update the master file (e.g. hours worked by each employee during the current period used to update the payroll master file)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

Traditional file processing systems

A

Systems focus upon data processing needs of individual departments. Each application program or system is developed to meet needs of particular requesting department or user group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

Advantages of traditional processing systems

A

-Currently operational for many existing (legacy) systems -Cost effective for simple applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

Disadvantages oft traditional processing systems

A

-Data files are dependent upon a particular application program -In complex business situation there is much duplication of data b/w data files -Each application must be developed individually -Program maintenance is expensive -Data may be isolated and difficult to share b/w functional areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

Database

A

Collection of interrelated files, ordinarily most of which are stored online

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

Normalization

A

The process of separating the database into logical tables to avoid certain kinds of updating difficulties (referred to as anomalies)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

Database system

A

Computer hardware and software that enables the database to be implemented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

Database management system

A

Software that provides a facility for communications between various applications programs (e.g. a payroll prep program) and the database (e.g. a payroll master file containing the earnings records of the employees)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

Data independence

A

Basic to database systems is this concept which separates the data from the related application programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

Data modeling

A

Identifying and organizing a database’s data, both logically and physically. Determines what information is to be contained in a database, how the info will be used and how the items in the database will be related to each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

Entity-relationship modeling

A

An approach to data modeling. Divides the database in two logical parts. E.g. Customer, product and relations are buys and pays for

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

Primary key

A

The field(s) that make a record in a relational database table unique

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

Foreign key

A

The field(s) that are common to two (or more) related tables in a relational database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

REA data model

A

Data model designed for use in designing accounting information databases. REA is an acronym for the model’s basic types of objects: Resources - Identifiable objects that have economic value Events - An organization’s business activities Agents - People or organizations about which data is collected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

Data Dictionary

A

AKA data repository or data directory system; a data structure that stores meta-data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

Meta-data

A

Definitional data that provides information about or documentation of other data managed within an application or environment. For example, data about data elements, and data structures (length, fields, columns, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

Structured query language (SQL)

A

The most common language used for creating and querying relational databases

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

Data definition language (DDL)

A

Used to define a database, including creating, altering, and deleting tables and establishing various constraints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

Data manipulation language (DML)

A

Commands used to maintain and query a database, including updating, inserting in, modifying and querying (asking for data). E.g. frequent query involves the joining of information from more than one table

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

Data control language (DCL)

A

Commands used to control a database, including controlling which users have various privileges (e.g. who is able to read from and write to various portions of the database)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Database structures - Hierarchical

A

The data elements at one level “own” the data elements at the next lower level (think of an organization chart in which one manager supervises several assistants, who in turn each supervise several lower level employees)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

Database structures - Networked

A

Each data element can have several owners and can own several other elements (think of a matrix type structure in which various relationships can be supported)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

Database structures - Relational

A

A database with the logical structure of a group of related spreadsheets. Each row represents a record, which is an accumulation of all the fields related to the same identifier or key; each column represents a field common to all of the records

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

Database structures - Object-oriented

A

Information (attributes and methods) are included in structures called object classes. This is the newest database management system technology.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

Database structures - Object-relational

A

Includes both relational and object-oriented features

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

Database structures - distributed

A

A single database that is spread physically across computers in multiple locations that are connected by a data communications link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

User department

A

Because users directly input data, strict controls over who is authorized to read and/or change the database are necessary.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

Access controls

A

In addition to the usual controls over terminals and access to the system, database processing also maintains controls within the database itself. These controls limit the user to reading and/or changing (updating) only authorized portions of the database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

Restricting privileges

A

This limits the access of users to the database, as well as operations a particular user may be able to perform. For example, certain employees and customers may have only read and not write privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

Logical views

A

Users may be provided with authorized views of only the portions of the database for which they have a valid need.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
131
Q

Backup and recovery

A

Database is updated on a continuous basis during the day.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
132
Q

Backup of database and logs of transactions (aka systems logs)

A

Approach is to backup the entire database several times per week, generally to magnetic tape. A log of all transactions is also maintained.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
133
Q

Database replication

A

To avoid catastrophic failure, another approach is to replicate the database at one or more locations. Thus, all data may be recorded to both sets of the database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
134
Q

Backup facility

A

Another approach is to maintain a backup facility with a vendor who will process data in case of an emergency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
135
Q

Database administrator (DBA)

A

Individual responsible for maintaining the database and restricting access to the database to authorized personnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
136
Q

Audit software

A

Usually used by auditors to test the database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
137
Q

Data independence

A

Data can be used relatively easily by differing applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
138
Q

Minimal data redundancy

A

Manner in which data is structured results in information being recorded in only one place, thus making updating much easier than is the case with traditional file systems

139
Q

Data sharing

A

The sharing of data between individuals and applications is relatively easy

140
Q

What are the advantages of database systems?

A

-Data independence -Minimal data redundancy -Data sharing -Reduced program maintenance -Commercial applications are available for modification to a company’s needs

141
Q

Disadvantages of database systems

A

-Need for specialized personnel with database expertise -Installation of database costly -Conversion of traditional file systems (legacy systems) costly -Comprehensive backup and recovery procedures are necessary

142
Q

Network

A

A network is a group of interconnected computers and terminals.

143
Q

Telecommunications

A

Electronic transmission of information by radio, fiber optics, wire, microwave, laser, and other electromagnetic systems has made possible the electronic transfer of information between networks of computers.

144
Q

Personal area network (PAN)

A

A computer network that is centered around an individual and the personal communication devices he/she uses. PANs associated with both wireless and wired communication device.

145
Q

Local area networks (LAN)

A

Privately owned networks within a single building or campus of up to a few miles in size.

146
Q

Metropolitan area network (MAN)

A

Larger version of a LAN. E.g. it might include a group of nearby offices within a city

147
Q

Wide area networks (WAN)

A

Networks that span a large geographical area, often a country or continent. It is composed of a collection of computers and other hardware and software for running user programs.

148
Q

Private networks

A

One in which network resources are usually dedicated to a small number of applications or a restricted set of users, as in a corporation’s network

149
Q

Advantages of private networks

A

Secure, flexible, performance often exceeds that of public

150
Q

Disadvantages of private networks

A

Costly

151
Q

Public networks

A

Resources are owned by third-party companies and leased to users on a usage basis (aka public-switched networks)) PSN

152
Q

How are public networks accessed?

A

Access is typically through dial-up circuits E.g. applications using the internet

153
Q

Significant disadvantage of public networks

A

Security

154
Q

Cloud computing/cloud services

A

The use and access of multiple server-based computational resources via a digital network (WAN, Internet connection using the World Wide Web). Applications are provided and managed by the cloud server and data is stored remotely in the cloud configuration. Users do not download and install applications on their own device or computer; all processing and storage is maintained by the cloud server.

155
Q

What are the risks of cloud computing?

A

-Information security and privacy - users must rely on cloud’s providers’ data access controls -Continuity of services - user problems may occur if the cloud provider has disruptions in service -Migration - users may have difficulty in changing cloud providers because there are no data standards

156
Q

HTML

A

Hypertext Markup Language; language used to create and format documents, link documents to other Web pages and communicate between Web browsers

157
Q

XML

A

Extensible Markup Language; language used to create and format documents, link documents to other Web pages and communicate between Web browsers

158
Q

Why is XML increasingly replacing HTML?

A

Superior ability to tag (i.e. label) and format documents that are communicated among trading partners

159
Q

XBRL

A

Extensible Business Reporting Language is an XML based language being developed specifically for the automation of business information requirements. Used in filings with the SEC that made available on EDGAR, the SEC’s Electronic Data Gathering and Retrieval database.

160
Q

Internet

A

An international collection of networks made up of independently owned computers that operate as a large computing network. Internetwork communication requires the use of a common set of rules, or protocols (TCP) and a shared routing system (IP)

161
Q

HTTP

A

Hypertext Transfer Protocol - the primary Internet protocol for data communication on the WWW

162
Q

URL

A

Uniform Resource Locator - a standard for finding a document by typing in an address

163
Q

WWW or Web

A

World Wide Web - a framework for accessing linked resources spread out over millions of machines all over the Internet

164
Q

Web browser

A

Client software (e.g. IE, Firefox, Chrome, Mosaic) that provides the user with the ability to locate and display web resources

165
Q

Web servers

A

The software that serves web resources to software clients.

166
Q

Firewall

A

A method for protecting an organization’s computers and computer information from outsiders. A firewall consists of security algorithms and router communications protocols that prevent outsiders from tapping into corporate database and e-mail systems

167
Q

Router

A

A Communications interface device that connects two networks and determines the best way for data packets to move forward to their destinations

168
Q

Bridge

A

A device that divides a LAN into two segments, selectively forwarding traffic across the network boundary it defines; similar to a switch

169
Q

Switch

A

A device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination

170
Q

Gateway

A

Combination of hardware and software that links to different types of networks. E.g. gateways between e-mail systems allow users of differing e-email systems to exchange messages

171
Q

Proxy server

A

A server the saves and serves copies of web pages to those who request them. When a web page is requested, the proxy server is able to access that page either through its cache or by obtaining it through the original server. Can both increase efficiency of internet operations and help assura data security.

172
Q

Web 2.0

A

2nd generation of the web

173
Q

Blog

A

An asynchronous discussion, or web log, led by a moderator that typically focuses on a single topic

174
Q

Wiki

A

An information-gathering and knowledge-sharing website that is developed collaboratively by a community or group, all of whom can freely add, modify or delete content.

175
Q

Twitter

A

A micro-variation of a blog. Restricts input (tweet) to 140 characters

176
Q

RSS/ATOM fees - Really Simple Syndication

A

An XML application that facilitates the sharing and syndication of website content by subscription. RSS feeds are automatically checked by RSS-enabled client software for new website content on a regular basis

177
Q

TCP/IP (Transmission Control Protocol/Internet Protocol)

A

The basic communication language or protocol of the Internet. Two layers: 1. Higher layer assembles messages or files into smaller packets that are transmitted over the Internet 2. The lower layer assigns IP addresses and insures that messages are delivered to the appropriate computer

178
Q

IP address

A

The number that identifies a machine as unique on the internet

179
Q

ISP (Internet Service Provider)

A

An entity that provides access to the internet

180
Q

Virus

A

A program or piece of code that requests the computer operating system to perform certain activities not authorized by the computer user. Can be easily transmitted through use of files that contain macros that are sent as attachment to e-mail messages.

181
Q

Macro

A

A stored set of instructions and functions that are organized to perform a repetitive task and can be easily activated, often by a simple keystroke combination

182
Q

Trojan horse

A

Malicious, security-breaking program that is disguised as something benign, such as a game, but actually is intended to cause IT damage

183
Q

Worm

A

A program that propagates itself over a network, reproducing itself as it goes

184
Q

Antivirus software

A

Used to attempt to avoid problems.

185
Q

Botnet

A

Network of computers that are controlled by computer code, called a bot that is designed to perform a repetitive task such as sending spam, spreading a virus, or creating a distributed denial of service attack

186
Q

Intranet

A

Local network, usually limited to an organization, that uses internet-based technology to communicate within the organization

187
Q

Extranet

A

Similar to an intranet, but includes an organization’s external customers and/or suppliers in the network

188
Q

Overall client-server systems

A

A networked computing model (usually LAN) in which database software on a server performs database commands sent to it from client computers

189
Q

File servers

A

The file server manages file operations and is shared by each of the client PCs (ordinarily attached to a LAN).

190
Q

Database servers

A

Server contains the database management system and thus performs more of the processing

191
Q

Three-tier architectures

A

A client/server configuration that includes three tiers. A two-tier architecture includes the client tier and server database tier.

192
Q

Examples of other serves that may be added to n-tier architectures

A

-Print server - make shared printers available to various clients -Communications server - serve a variety of tasks; such as acting as a gateway to internet or to the corporate intranet -Fax server - Allow clients on the network to share the hardware for incoming and outgoing fax transmissions -Web server - stores and serves web pages on request

193
Q

Distributed systems

A

These systems connect all company locations to form a distributed network in which each location has its own input/output, processing, and storage capabilities

194
Q

LANs (Local Area Networks)

A

Privately owned networks within a single building or campus of up to a few miles in size

195
Q

Software

A

Allows devices to function cooperatively and share network resources such as printers and disk storage space

196
Q

Workstations

A

Ordinarily microcomputers

197
Q

Peripherals

A

Printers, network attached storage (NAS) devices, optical scanners, fax board

198
Q

Transmission media

A

Physical path that connect components of LAN, ordinarily twisted-pair wire, coaxial cable, or optical fiber. LANs that are connected wirelessly are called WLANs or WiFi networks.

199
Q

Network interface cards

A

Connect workstation and transmission media

200
Q

End-User computing (EUC)

A

The end user is responsible for the development and execution of the computer application that generates the information used by the same end user

201
Q

Advantage of EUC

A

Substantially eliminates many of the services offered by an MIS department

202
Q

What are the risks of EUC?

A

-End-user applications are not always adequately tested before implemented -More client personnel need to understand control concepts -Management often does not review the results of applications appropriately -Old or existing applications may not be updated for current applicability and accuracy -Physical access controls become more difficult

203
Q

What are examples of physical controls?

A

-Clamps or chains to prevent removal of hard disks or internal boards -Diskless workstations that require download of files -Regular backup -Security software to limit access to those who know user ID and password -Control over access from outside -Commitment to security matters written into job descriptions, employee contacts, and personnel evaluation procedures

204
Q

What is Electronic Commerce?

A

Involves individuals and organizations engaging in a variety of electronic transactions with computers and telecommunication networks. Can be publicly or privately available.

205
Q

What are the five areas of risk associated with electronic commerce IT systems?

A

-security -availability -processing integrity -online privacy -confidentiality

206
Q

What is the WebTrust Seal of Assurance?

A

Developed by AICPA and Canadian Institute of Chartered Accountants -Tells potential customers that the firm has evaluated a website’s business practices and controls to determine whether they are in conformity with WebTrust principles

207
Q

What is a digital certificates?

A

Aka digital IDs. Means of assuring data integrity.

208
Q

What is a digital certificate (signature)?

A

Allows an individual to digitally sign a message so the recipient knows that it actually came from that individual and was not modified in any manner.

209
Q

Encryption

A

The conversion of data into a form called a cipher text, that cannot be easily understood by unauthorized people.

210
Q

Decryption

A

Process of converting encrypted data back into its original form so it can be understood. The conversion is performed using an algorithm and key which only the users control.

211
Q

Algorithm

A

A detailed sequence of actions to perform to accomplish some task.

212
Q

Key

A

In the content of encryption, a value that must be fed into the algorithm used to decode an encrypted message in order to reproduce the original plain text.

213
Q

Private key system

A

An encryption system in which both the sender and receiver have access to the electronic key, but do not allow others access. The primary disadvantage is that both parties must have the key.

214
Q

System overhead

A

Slow down the rate of processing

215
Q

Electronic funds transfer (EFT)

A

Making cash payments between two or more organizations or individuals electronically rather than by using checks (or cash).

216
Q

What are EFT systems vulnerable to?

A

Risk of unauthorized access to proprietary data and to the risk of fraudulent fund transfers

217
Q

What are controls of EFT systems?

A

-Control of physical access to network facilities -Electronic identification required for all network terminals authorized to use EFT -Access controlled through passwords -Encryption used to secure stored data and data being transmitted

218
Q

Electronic data interchange (EDI)

A

Electronic exchange of business transactions, in a standard format, from one entity’s computer to another entity’s computer through an electronic communications network. Web-based commerce is replacing a portion of these EDI systems.

219
Q

Advantages of EDI?

A

-Reduces amounts receivable (payables) due to electronic processing of receipts (payments) -Preventive controls desirable versus detective controls

220
Q

Point-to-point

A

A direct computer-to-computer private network link. Automakers and governments have traditionally used this method.

221
Q

Advantages of point-to-point

A

-No reliance on third parties for computer processing -Organization controls who has access to the network -Organization can enforce propriety (its own) software standard in dealings with all trading partners -Timeliness of delivery may be improved since no third party is involved

222
Q

Disadvantages of point-to-point

A

-Must establish connection with each trading partner -High initial cost -Computer scheduling issues -Need for common protocols between partners -Need for hardware and software compatibility

223
Q

Value-added network (VAN)

A

Privately owned network that routes the EDI transactions between trading partners and in many cases provides translation, storage, and other processing. Designed and maintained by an independent company that offers specialized support to improve the transmission effectiveness of network.

224
Q

How does a VAN work?

A

A VAN receives data from sender, determines intended recipient, and places data in the recipient’s electronic mailbox.

225
Q

Advantages of a VAN (Value-added network)

A

-Reduces communication and data protocol problems since VANs can deal with differing protocols -Partners do not have to establish the numerous point-to-point connections -Reduces scheduling problems since receiver can request delivery of transactions when it wishes -VAN translates application to a standard format the partner does not have to reformat -Provide increased security

226
Q

Disadvantages of a VAN (Value-added network)

A

-Cost of VAN -Dependence upon VAN’s systems and controls -Possible loss of data confidentiality

227
Q

Public networks

A

Internet-based commerce

228
Q

Advantages of public networks

A

-Avoids cost of proprietary lines -Avoids cost of VAN -Directly communicates transactions to trading partners -Software is being developed which allows communication between differing systems

229
Q

Disadvantages of public networks

A

-Possible loss of data confidentiality on the Internet -Computer or transmission disruption -Hackers and viruses -Attempted electronic frauds

230
Q

Proprietary networks

A

Organizations have developed their own network for their own transactions. Costly to develop and operate, although they are often extremely reliable.

231
Q

Authentication

A

Controls must exist over the origin, proper submission, and proper delivery of EDI communications. Receiver of the message must have proof of the origin of the message, as well as its proper submission and delivery.

232
Q

Packets

A

A block of data that is transmitted from one computer to another. It contains data and authentication information.

233
Q

Encryption

A

The conversion of plain text data into cipher text data used by an algorithm and key which only the users control.

234
Q

Benefits of EDI per AICPA Auditing Procedures

A

-Quick response and access to information -Cost efficiency -Reduced paperwork -Accuracy and reduced errors and error-correction costs -Better communications and customer service -Necessary to remain competitive

235
Q

Exposures of EDI per AICPA Auditing Procedures

A

-Total dependence upon computer system for operation -Possible loss of confidentiality of sensitive information -Increased opportunity for unauthorized transactions and fraud -Concentration of control among a few people involved in EDI -Reliance on third parties -Data processing, application and communications errors -Potential legal liability due to errors -Potential loss of audit trails and info needed by management due to limited retention policies -Reliance on trading partner’s system

236
Q

Telecommunications

A

The electronic transmission of information by radio, wire, fiber optic, coaxial cable, microwave, laser or other electromagnetic system

237
Q

What are the hardware involved in telecommunications?

A

-Computers for communications control and switching -Transmission facilities such as copper wire, fiber optic cables, microwave stations and communications satellites -Models may be used to provide compatibility of format, speed

238
Q

What does telecommunications enable?

A

Technologies such as: -EDI (Electronic data interchange) -EFT (Electronic funds transfer) -Point of sale systems -Commercial databases -Airline reservation systems

239
Q

What are controls needed for telecommunications?

A

-System integrity at remote sites -Data entry -Central computer security -Dial-in security -Transmission accuracy and completeness -Physical security over telecommunications facilities

240
Q

Computer Service Organizations (Bureaus, Centers)

A

Computer service organizations record and process data for companies. These orgs allow companies (users) to do away with part of the data processing function.

241
Q

Control Objectives for Information and Related Technology (COBIT)

A

Developed by the Information Systems Audit and Control Association (ISACA) to assist enterprises in achieving their objectives for governance and management of enterprise IT

242
Q

What is the most current version of the framework?

A

COBIT 5 - business-oriented in that it provides a systematic way of integrating IT with business strategy and governance

243
Q

What are the 5 principles of COBIT 5?

A

-Meeting stakeholder needs -Covering the enterprise end-to-end -Applying a single integrated framework -Enabling a holistic approach -Separating governance from management

244
Q

What are the COBIT 5 enablers?

A

Factors that individually and collectively influence whether something will work in an organization. -Processes - an organized set of practices and activities to achieve certain objectives -Organizational structures - the key decision-making entities in an organization -Culture, ethics, and behavior of individuals and the organization -Principles, policies and frameworks - the vehicle to translate the desired behavior into guidance for day-to-day management -Information produced and used by the enterprise -Services, infrastructure and applications - the infrastructure, technology, and applications that provide the enterprise with information technology processing and servicers -People, skills, and competencies required for successful completion of all activities and for making correct decisions.

245
Q

Reliable system

A

Reliable system is one that is capable of operating without material error, fault, or failure during a specified period in a specified environment

246
Q

How is a system analyzed for reliability?

A

The AICPA’s Trust Services. Provides assurance on information systems, use a framework with five principles of a reliable system.

247
Q

What are the 5 principles of a reliable system?

A

-Security -Availability -Processing integrity -Online Privacy -Confidentiality If a principle is not met a risk exists

248
Q

Reliable system; principle 1: security

A

System is protected against unauthorized access (both physical and logical)

249
Q

Reliable system; principle 2: availability

A

The system is available for operation and use as committed or agreed. The system is available for operation and use in conformity with the entity’s availability policies

250
Q

Reliable system; principle 3: processing integrity

A

System processing is complete, accurate, timely, and authorized

251
Q

Reliable system; principle 4: online privacy

A

Personal information obtained as a result of e-commerce is collected, used, disclosed, and retained as committed or agreed

252
Q

Reliable system; principle 5: confidentiality

A

Information designated as confidential is protected as committed or agreed

253
Q

What are the seven factors of the control environment

A

I - Integrity and ethical values C - Commitment to competence H - Human resource policies and practices A - Assignment of authority and responsibility M - Management’s philosophy and operating style B - BOD or audit committee participation O - Organizational structure

254
Q

What are the steps in the system development lifecycle?

A

-Software concept - identify the need for the new system -Requirements analysis - determine the needs of the users -Architectural design - determining the hardware, software, people, etc. needed -Coding and debugging - acquiring and testing the software -System testing - testing and evaluating the functionality of the system

255
Q

What are segregation controls?

A

Segregates functions between information systems department and user departments

256
Q

Examples of segregation controls b/w information systems department and user departments

A

-Do not allow the information systems department to initiate or authorize transactions -Segregate programming, data entry, operations, and the library function within the information systems department

257
Q

What is systems analysis?

A

The systems analyst analyzes the present user environment and requirements and: -Recommend specific changes -Recommend the purchase of a new system -Design a new information system

258
Q

What is systems programming?

A

The systems programmer is responsible for implementing, modifying, and debugging the software necessary for making the hardware work (operating system, telecommunications monitor, and the database management system)

259
Q

What is applications programming?

A

Responsible for writing, testing, and debugging the application programs from the specifications provided by the systems analyst. Program flowchart is one tool used by the applications programmer to define the program logic.

260
Q

What is database administration?

A

In a database environment, a DBA is responsible for maintaining the database and restricting access to the database to authorized personnel.

261
Q

What is data preparation?

A

Data may be prepared by user departments and input by key to storage devices

262
Q

What are operations?

A

The operator is responsible for the daily computer operations of both the hardware and software. Should have adequate documentation available to run the program, but should not have detailed program information.

263
Q

What is a data library?

A

The librarian is responsible for custody of the removable media (magnetic tapes or disks) and for the maintenance of program and system documentation.

264
Q

What is data control?

A

The control group acts as liaison between users and the processing center. This group records input data in a control log, follows the progress of processing, distributes output, and ensures compliance with control totals.

265
Q

At a minimum, what controls should be segregated?

A

Programming, operations, and library functions

266
Q

What is a web administrator (web manager)?

A

Responsible for overseeing the development, planning, and the implementation of a website.

267
Q

What is a web master?

A

Responsible for providing expertise and leadership in the development of a website, including the design, analysis, security, maintenance, content development, and updates.

268
Q

What is a web designer?

A

Responsible for creating the visual content of the website.

269
Q

What is a web coordinator?

A

Responsible for the daily operations of the website.

270
Q

What is an internet developer?

A

Responsible for writing programs for commercial use. Similar to a software engineer or systems programmer.

271
Q

What is a Intranet/Extranet developer?

A

Responsible for writing programs based on the needs of the company.

272
Q

Risk assessment of changes in computerized information systems?

A

Risk of improper financial reporting.

273
Q

Common method of monitoring?

A

Review of system-access log; IT can also facilitate monitoring.

274
Q

How are control activities divided?

A
  1. Computer general control activities 2. Computer application control activities; programmed application control activities;manual follow-up of computer exception reports 3. User control activities to test the completeness and accuracy of computer processed controls
275
Q

What are general control activities?

A

Affect all computer applications. There are four types of general controls: 1. Develop new programs and systems 2. Changing existing programs and systems 3. Controlling access to programs and data 4. Controlling computer operations

276
Q

Why is computer hardware extremely reliable?

A

Primarily due to chip technology. Also due to the controls built into the hardware and systems software to provide for a self-diagnostic mechanism to detect and prevent equipment failures.

277
Q

Parity check

A

A special bit is added to each character that can detect if the hardware loses a bit during the internal movement of a character.

278
Q

Echo check

A

Primarily used in telecommunications transmissions. During the sending and receiving of characters, the receiving hardware repeats back to the sending hardware what it received and the sending hardware automatically resends any characters that were received incorrectly.

279
Q

Diagnostic routines

A

Hardware or software supplied by the manufacturer to check the internal operations and devices within the computer system. These routines are often activated when the system is booted up.

280
Q

Boundary protection

A

Most CPUs have multiple jobs running simultaneously (multiprogramming environment). To ensure that these simultaneous jobs cannot destroy or change the allocated memory of another job, the systems software contains boundary protection controls.

281
Q

Periodic maintenace

A

The system should be examined periodically (often weekly) by a qualified service technician.

282
Q

Documentation

A

Systems and programs should be adequately documented. System specification documents should detail such matters as performance levels, reliability, security and privacy, constraints and limitations, functional capabilities, and data structure elements.

283
Q

What is a change request log?

A

Where all suggestions for changes (from users and information system personnel) should be documented.

284
Q

Who reviews changes to existing programs and systems?

A

The information systems manager should review all changes

285
Q

What is a code comparison program?

A

May be used to compare source and/or object codes of a controlled copy of a program with the program currently being used to process data.

286
Q

Limited physical acess

A

The physical facility that houses the computer equipment, files and documentation should have controls to limit access only to authorized individuals.

287
Q

Visitor entry logs

A

Used to document those who have had access to the area

288
Q

Access control software (user identification)

A

The most used control is a combination of a unique identification code and a confidential password

289
Q

Call back

A

Specialized form of user identification in which the user dials the system, identifies him/herself, and is disconnected from the system. Then either (1) an individual manually finds the authorized telephone number or (2) the system automatically finds the authorized telephone number of the individual and calls back

290
Q

Encryption

A

Data is encoded when stored in computer files and/or before transmission to or from remote locations (e.g. through use of modems and telephone lines). This coding protects data, since to use the data unauthorized users must not only obtain access, but must also translate the coded form of the data.

291
Q

What should operators have access to in regards to segregation controls?

A

Have access to an operations manual that contains the instructions for processing programs and solving routine operational program issues, but not with detailed program documentation

292
Q

Contingency processing

A

Prepare for system failures. Plans should detail the responsibilities of individuals as well as the alternate processing sites that should be utilized.

293
Q

Internal and external labels

A

External labels are gummed-paper labels attached to storage media which identify the file. Internal labels perform the same function through the use of machine readable identification in the first record of a file. The use of labels allows the computer operator to determine whether the correct file has been selected for processing.

294
Q

What are the overall controls of inputs?

A

-Inputs should be properly authorized and approved -System should verify all significant data fields used to record information (editing the data) -Conversion of data into machine-readable form should be controlled and verified for accuracy

295
Q

Preprinted form

A

Information is preassigned a place and a format on the input form

296
Q

Check digit

A

An extra digit added to an identification number to detect certain types of data transmission errors.

297
Q

Example of a check digit

A

A bank may add a check digit to individuals’ 7-digit account numbers. The computer will calculate the correct check digit based on performing predetermined numbers. The computer will calculate the correct check digit based on performing predetermined mathematical operations on the 7-digit account number and will then compare it to the check digit.

298
Q

Control, batch, or proof total

A

Total of one numerical field for all the records of a batch that normally would be added (e.g. total sales $)

299
Q

Hash total

A

A control total where the total is meaningless for financial purposes (e.g. mathematical sum of employee social security numbers)

300
Q

Record count

A

A control total of the total records processed

301
Q

Limit (reasonableness) test

A

A test of the reasonableness of a field of data, given a predetermined upper and/or lower limit (e.g. for a field that indicates auditing exam scores, a limit check would test for scores over 100)

302
Q

Menu driven input

A

As input is entered, the operator responds to a menu prompting the proper response (e.g. What score did you get on the Auditing part of the CPA exam?)

303
Q

Field check

A

A control that allows only valid transactions or data to be entered into the system. (e.g. a field indicating sex of an individual where 1 = female and 2 = male). If the field is coded in any other manner it would not be accepted.

304
Q

Missing data check

A

A control that searches for blanks inappropriately existing in input data (e.g. if an employee’s division number were left blank an error message would result)

305
Q

Field size check

A

A control of an exact number of characters to be input (e.g. if part numbers all have 6 digits, an error message would result if more or less than 6 characters were input)

306
Q

Logic check

A

Ensures that illogical combinations of input are not accepted (e.g. if the Tuba City branch has no company officers, an error message would result if two fields for a specified employee indicated that the employee worked as an officer in Tuba City)

307
Q

Redundant data check

A

Uses two identifiers in each transaction record (e.g. customer account number and the first five letters of customer’s name) to confirm that the correct master file record is being updated.

308
Q

Closed-loop verification

A

A control that allows data entry personnel to check the accuracy of input data. For example, the system might retrieve an account name of a record that is being updated, and display it on the operator’s terminal. This control may be used instead of a redundant data check.

309
Q

What should a disaster recovery and business continuity plan have?

A

-Minimize the extent of disruption, damage, and loss -Establish an alternate (temporary) method for processing information -Resume normal operations as quickly as possible -Train and familiarize personnel to perform emergency operations

310
Q

Batch systems - Grandfather-Father-Son method

A

A master file (e.g. accounts receivable) is updated with the day’s transactions files (e.g. files of cash receipts and credit sales). After the update, the new file master file is the son. The file from which the father was developed with the transaction files of the appropriate day is the grandfather. The grandfather and son files are stored in different locations. If the son were destroyed, it could be reconstructed by rerunning the father file and the related transaction files.

311
Q

Checkpoint

A

Similar to grandfather-father-son, but at certain points, “checkpoints,” the system makes a copy of the database and this checkpoint file is stored on a separate disk or tape. If a problem occurs the system is restarted at the last checkpoint and updated with subsequent transactions.

312
Q

Rollback

A

As a part of recovery, to undo changes made to a database to a point at which it was functioning properly.

313
Q

Reciprocal agreement

A

An agreement between two or more organizations (with compatible computer facilities) to aid each other with their data processing needs in the event of a disaster. Sometimes referred to as a mutual aid pact.

314
Q

Hot site

A

A commercial disaster recovery service that allows a business to continue computer operations in the event of computer disaster. E.g. If a company’s data processing center becomes inoperable, that enterprise can move all processing to a hot site that has all the equipment needed to continue operation. Also referred to as a recovery operations center (ROC) approach

315
Q

Cold site

A

Similar to a hot site, but the customer provides and installs the equipment needed to continue operations. Less expensive, but takes longer to get in full operation after a disaster. Sometimes referred to as an empty shell in that the shell is available and ready to receive whatever hardware the temp user needs.

316
Q

Internal site

A

Large orgs with multiple data processing centers sometimes rely upon their own sites for backup in the event of a disaster.

317
Q

Mirrored web server

A

An exact copy of a website which is the best way to back up the website

318
Q

Flowcharting symbols - Document

A

This can be a manual form or a computer printout.

319
Q

Flowcharting symbols - Computer Operation

A

Computer process which transforms input data into useful information

320
Q

Flowcharting symbols - Manual Operation

A

Manual (human) process to prepare documents, make entries, check output, etc.

321
Q

Flowcharting symbols - Decision

A

Determines which alternative path is followed (IF/THEN/ELSE conditions)

322
Q

Flowcharting symbols - Input/Output

A

General input or output to a process. Often used to represent accounting journals and ledgers on document flowcharts.

323
Q

Flowcharting symbols - Online Storage

A

Refers to direct access computer storage connected directly to the CPU. Data is available on a random access basis.

324
Q

Flowcharting symbols - Disc Storage

A

Refers to data stored on a magnetic disk

325
Q

Flowcharting symbols - Off-Line Storage

A

Refers to a file or indicates the mailing of a document (e.g. invoices or statements to customers). A letter in the symbol below the line indicates the order in which the file is stored (N - Numerical, C- Chronological, A - Alphabetical)

326
Q

Flowcharting symbols - Display

A

Visual display of data and/or output on a terminal screen

327
Q
A
328
Q

Flowcharting symbols - Batch Total Tape

A

Manually computed total before processing (such as the number of records to be processed). This total is recomputed by the computer and compared after processing is completed.

329
Q

Flowcharting symbols - Magnetic tape

A

Used for reading, writing, or storage on sequential storage media

330
Q

Flowcharting symbols - Manual Data Entry

A

Refers to data entered through a terminal keyboard or key-to-tape or key-to-disk device

331
Q

Flowcharting symbols - Annotation

A

Provides additional description or information connected to symbol to which it annotates by a dotted line (not a flowline)

332
Q

Flowcharting symbols - Flowline

A

Shows direction of data flow, operations, and documents

333
Q
A
334
Q

Flowcharting symbols - Communication Link

A

Telecommunication line linking computer system to remote locations

335
Q

Flowcharting symbols - Start/Termination

A

Used to begin or end a flowchart May be used to show connections to other procedures or receipt/sending of documens to/from outsiders

336
Q
A
337
Q

Flowcharting symbols - On Page Connector

A

Connects parts of flowchart on the same page

338
Q

Flowcharting symbols - Off Page Connector

A

Connects parts of flowchart on separate pages

339
Q

System flowchart

A

A graphic representation of a data processing application that depicts the interaction of all the computer programs for a given system, rather than the logic for an individual computer program

340
Q

Program flowchart

A

A graphic representation of the logic (processing steps) of a computer program

341
Q

Internal control (audit) flowchart or document flowchart

A

A graphic representation of the flow of documents from one department to another, showing the source flow and final disposition of the various copies of all documents.

342
Q

Decision table

A

Use a matrix format that lists sets of conditions, and the actions that result from various combinations of these conditions.

343
Q

Data flow diagram (DFD)

A

Presents logical flows of data and functions in a system. E.g. a data flow diagram for the delivery of goods to a customer would include a symbol for the warehouse from which the goods are shipped and a symbol representing the customer. Would not emphasize details such as computer processing and paper outputs.