System Design and Other Elements

Question 1

Transaction Processing Systems

Answer 1

Systems that process and record the routing daily transactions necessary to conduct business.

Question 2

Management Information Systems (MIS)

Answer 2

Provides users predefined reports that support effective business decisions.

Question 3

Decision Support Systems (DSS)

Answer 3

Extension of an MIS that provides interactive tools to support decision making.

Sometimes called an expert system

Question 4

Executive Information System (EIS)

Answer 4

provides senior executives with immediate and easy access to internal and external information to assist in strategic decision making

consolidated information internal and external to the enterprise and reports it in a format and level of detail appropriate to senior executives

Question 5

SDLC

Answer 5

provides a framework for planning and controlling the detailed activities associated with systems development.

Waterfall is most popular

Steps: A DITTO
Systems Analysis
Design
Implementation and Conversion
Training
Testing
Operations and Maintenance

Question 6

Waterfall method

Answer 6

simplifies task scheduling

consists of sequential steps of analysis, planning, design , and implementation which flow in a single “downward” direction like a waterfall

Question 7

System Analysis

Answer 7

1. Define nature and scope - identify strengths and weaknesses
2. Conduct indepth study to determine technological and economic feasibility
3. Identify information needs of users and mgrs
4. Document the information needs
5. prepare a report to summarize

Question 8

Conceptual Design

Answer 8

Identify and evaluate appropriate design alternatives

Develop detail specifications on what the system is to accomplish and how it is to be controlled

Question 9

Physical Design

Answer 9

1. design output docs
2. design database as well as input docs
3. write computer program
4. create files and databases
5. develop procedures
6. develop controls
7. identify and acquire necessary components

Question 10

Implementation and Conversion

Answer 10

Translates the plan into action and then can be used to monitor the project

Question 11

Training

Answer 11

Includes - hardware and software skill training, orientation to new policies and operations, training options

Question 12

System Testing

Answer 12

test of the effectiveness of documents and reports, user input, operating and control procedures, processing procedures, and computer programs

Question 13

Operations and Maintenance

Answer 13

the entire life cycle…may includes planning, managing the behavioral reactions to change, assessing the ongoing feasibility of the project

Question 14

Management

Answer 14

Signals from top management for support

Question 15

Accountants

Answer 15

• determine information needs and system requirements
• help manage
• active role in designing controls, and periodically monitoring and testing the system to verify that the controls are implemented and functioning properly

Question 16

Information Systems Steering Committee

Answer 16

Plans and oversees the information systems function and address the complexities created by functional and divisional boundaries

consists of high-level management

Functions:

• setting governing policies for the AIS
• ensuring top-mgmt participation, guidance, and control
• facilitating the coordination and integration of information systems activities to increase goal congruence and reduce goal conflict

Question 17

COBIT Framework consists of:

Answer 17

• Business Objectives
• Governance Objectives
• Information Criteria
• IT Resources
• Domain and processes of COBIT

Question 18

Business Objectives

Answer 18

anticipate the global requirements that are typically associated with business owners or process managers as well as IT professionals and auditors

1. Efficient decision support
2. Efficient transaction processing
3. Compliance with reporting requirements

Question 19

Governance Objectives

Answer 19

1. Strategic Alignment
2. Value Delivery
3. Resource Management
4. Risk Management
5. Performance Management

Question 20

strategic alignment

Answer 20

linkage between business and IT plans

includes defining, maintaining, and validating the IT value proposition, with a focus on customer satisfaction

Question 21

value delivery

Answer 21

includes the provision by IT of promised benefits to the organization while satisfying its customers and optimizing costs

Question 22

resource management

Answer 22

focuses on the optimization of knowledge and infrastructure

Question 23

risk management

Answer 23

defined as risk awareness by senior mgmt, characterized by understanding risk appetite and risk mgmt responsibilities

begins with identification of risks

Question 24

performance measurement

Answer 24

includes tracking and monitoring strategy implementation, project completion, resource usage, process performance, and service delivery

Question 25

information criteria

Answer 25

ICE RACE
Integrity
Confidentiality
Efficiency

Reliability
Availability
Compliance
Effectiveness

Question 26

Integrity

Answer 26

accuracy, completeness, and validity

Question 27

Confidentiality

Answer 27

protection of sensitive info

Question 28

Efficiency

Answer 28

delivery of info through the optimal use of resources

Question 29

Reliability

Answer 29

represents and appropriate to entity

Question 30

Availability

Answer 30

providing current and future info as required, and safeguarding the assets

Question 31

Compliance

Answer 31

info must comply with policies, laws, regulations, and contractual arrangements

Question 32

Effectiveness

Answer 32

relevant or pertinent to a business, and delivered in a timely, correct, consistent, and useful manner

Question 33

IT resources

Answer 33

1. Applications - automated user systems and manual procedures
2. Information - raw input, processed data, output infor
3. Infrastructure - hardware, operating systems, networking, physical plant

Question 34

Domains and Processes of COBIT

Answer 34

PO AIDS ME
Plan and Organize
Acquire and Implement
Deliver and Support
Monitor and Evaluate

Question 35

General Controls

Answer 35

Designed to ensure that an organization’s control environment is stable and well-managed.

Question 36

Application Controls

Answer 36

prevent, detect, and correct transaction error and fraud and are application -specific, providing reasonable assurance as to system:
A. accuracy
B. completeness
C. validity
D. authorization

Question 37

Regulate integrity of input

Answer 37

1. data validation at field level
2. prenumbering forms
3. well defined source data preparation procedures