System Design and Other Elements Flashcards
Transaction Processing Systems
Systems that process and record the routing daily transactions necessary to conduct business.
Management Information Systems (MIS)
Provides users predefined reports that support effective business decisions.
Decision Support Systems (DSS)
Extension of an MIS that provides interactive tools to support decision making.
Sometimes called an expert system
Executive Information System (EIS)
provides senior executives with immediate and easy access to internal and external information to assist in strategic decision making
consolidated information internal and external to the enterprise and reports it in a format and level of detail appropriate to senior executives
SDLC
provides a framework for planning and controlling the detailed activities associated with systems development.
Waterfall is most popular
Steps: A DITTO Systems Analysis Design Implementation and Conversion Training Testing Operations and Maintenance
Waterfall method
simplifies task scheduling
consists of sequential steps of analysis, planning, design , and implementation which flow in a single “downward” direction like a waterfall
System Analysis
- Define nature and scope - identify strengths and weaknesses
- Conduct indepth study to determine technological and economic feasibility
- Identify information needs of users and mgrs
- Document the information needs
- prepare a report to summarize
Conceptual Design
Identify and evaluate appropriate design alternatives
Develop detail specifications on what the system is to accomplish and how it is to be controlled
Physical Design
- design output docs
- design database as well as input docs
- write computer program
- create files and databases
- develop procedures
- develop controls
- identify and acquire necessary components
Implementation and Conversion
Translates the plan into action and then can be used to monitor the project
Training
Includes - hardware and software skill training, orientation to new policies and operations, training options
System Testing
test of the effectiveness of documents and reports, user input, operating and control procedures, processing procedures, and computer programs
Operations and Maintenance
the entire life cycle…may includes planning, managing the behavioral reactions to change, assessing the ongoing feasibility of the project
Management
Signals from top management for support
Accountants
- determine information needs and system requirements
- help manage
- active role in designing controls, and periodically monitoring and testing the system to verify that the controls are implemented and functioning properly
Information Systems Steering Committee
Plans and oversees the information systems function and address the complexities created by functional and divisional boundaries
consists of high-level management
Functions:
- setting governing policies for the AIS
- ensuring top-mgmt participation, guidance, and control
- facilitating the coordination and integration of information systems activities to increase goal congruence and reduce goal conflict
COBIT Framework consists of:
- Business Objectives
- Governance Objectives
- Information Criteria
- IT Resources
- Domain and processes of COBIT
Business Objectives
anticipate the global requirements that are typically associated with business owners or process managers as well as IT professionals and auditors
- Efficient decision support
- Efficient transaction processing
- Compliance with reporting requirements
Governance Objectives
- Strategic Alignment
- Value Delivery
- Resource Management
- Risk Management
- Performance Management
strategic alignment
linkage between business and IT plans
includes defining, maintaining, and validating the IT value proposition, with a focus on customer satisfaction
value delivery
includes the provision by IT of promised benefits to the organization while satisfying its customers and optimizing costs
resource management
focuses on the optimization of knowledge and infrastructure
risk management
defined as risk awareness by senior mgmt, characterized by understanding risk appetite and risk mgmt responsibilities
begins with identification of risks
performance measurement
includes tracking and monitoring strategy implementation, project completion, resource usage, process performance, and service delivery
information criteria
ICE RACE
Integrity
Confidentiality
Efficiency
Reliability
Availability
Compliance
Effectiveness
Integrity
accuracy, completeness, and validity
Confidentiality
protection of sensitive info
Efficiency
delivery of info through the optimal use of resources
Reliability
represents and appropriate to entity
Availability
providing current and future info as required, and safeguarding the assets
Compliance
info must comply with policies, laws, regulations, and contractual arrangements
Effectiveness
relevant or pertinent to a business, and delivered in a timely, correct, consistent, and useful manner
IT resources
- Applications - automated user systems and manual procedures
- Information - raw input, processed data, output infor
- Infrastructure - hardware, operating systems, networking, physical plant
Domains and Processes of COBIT
PO AIDS ME Plan and Organize Acquire and Implement Deliver and Support Monitor and Evaluate
General Controls
Designed to ensure that an organization’s control environment is stable and well-managed.
Application Controls
prevent, detect, and correct transaction error and fraud and are application -specific, providing reasonable assurance as to system: A. accuracy B. completeness C. validity D. authorization
Regulate integrity of input
- data validation at field level
- prenumbering forms
- well defined source data preparation procedures