Unit 19: Information Systems and Data Governance

Question 1

Describe a management information system.

Answer 1

A management information system (MIS) typically receives input from a transaction processing system, aggregates it, then reports it in a format useful to middle management in running the business. MISs are often classified by function or activity.

Question 2

Describe an accounting information system.

Answer 2

An accounting information system (AIS) is a subsystem of a management information system that processes routine, highly structured financial and transaction data relevant to financial as well as managerial accounting. An AIS is composed of the general ledger/financial reporting system, management reporting system, and transaction processing system.

Question 3

The five accounting cycles are

Answer 3

Sales to customers on credit and recognition of receivables
Collection of cash from customer receivables
Purchases on credit and recognition of payables
Payment (disbursement) of cash to satisfy trade payables (includes both expense and capitalized transactions)
Payment of employees for work performed and allocation of costs

Question 4

Describe the relationship between a database and a database management system.

Answer 4

A database is an organized collection of data in a computer system. A database management system is an integrated set of computer programs that (1) create the database; (2) maintain the elements; (3) safeguard the data from loss or destruction; and (4) make the data available to applications, programs, and inquiries.

Question 5

What is the role of the database administrator?

Answer 5

The database administrator (DBA) is the individual who has overall responsibility for developing and maintaining the database and for establishing controls to protect its integrity. The responsibility for creating, maintaining, securing, restricting access to, and redefining and restructuring the database belongs to the DBA.

Question 6

What is the difference between cardinality and referential integrity?

Answer 6

Cardinality refers to how close a given data element is to being unique. Referential integrity means that for a record to be entered in a given table, there must already be a record in some other table(s).

Question 7

Describe the audit trail in a computer-based environment.

Answer 7

In any computer-based environment, a complete trail useful for audit purposes might exist for only a short time or in only computer-readable form. In online and real-time systems, data are entered directly into the computer, eliminating portions of the audit trail traditionally provided by source documents.

Question 8

What is malware?

Answer 8

Malware is a term describing any program code that enters a computer system that has the potential to degrade that system.

Question 9

According to COBIT 2019, the six principles for a governance system are

Answer 9

Provide stakeholder value
Take a holistic approach
Utilize a dynamic governance system
Keep governance distinct from management
Tailor governance to enterprise needs
Achieve end-to-end enterprise coverage

Question 10

What are the seven phases of the data life cycle?

Answer 10

The phases of the data life cycle are
Data capture
Data maintenance
Data synthesis and analytics
Data usage
Data publication
Data archival
Data purging

Question 11

What is the best-known control and governance framework that addresses information technology?

Answer 11

COBIT is the best-known control and governance framework that addresses information technology.

Question 12

When is internal control considered effective?

Answer 12

A system of internal control is effective if it provides reasonable assurance of achieving an entity’s objectives relating to operations, reporting, and compliance. Such a system reduces the risk(s) of not achieving those objectives to an acceptable level.

Question 13

Describe the difference between present and functioning internal controls.

Answer 13

Present refers to whether the components and relevant principles exist in the design and implementation of the system of internal control. Functioning refers to whether the components and relevant principles continue to exist in the operation of the system of internal control.

Question 14

What are the roles and responsibilities of the board of directors regarding internal control?

Answer 14

The board is responsible for overseeing the system of internal control. It defines expectations about integrity, ethical values, transparency, and accountability through its authority to select and terminate the CEO.

Question 15

What are the roles and responsibilities of senior management regarding internal control?

Answer 15

Senior management
Sets the tone at the top and has primary responsibility for establishing proper ethical culture
Sets objectives
Has overall responsibility for designing, implementing, and operating an effective system of internal control

Question 16

Describe the inherent limitations of internal control.

Answer 16

Internal control has the following inherent limitations:
Established objectives must be suitable for internal control.
Human judgment is faulty, and controls may fail because of simple errors or mistakes.
Controls may fail due to breakdowns (e.g., employee misunderstanding, carelessness, or fatigue).
Management may inappropriately override internal controls, e.g., to fraudulently achieve revenue projections or hide liabilities.
Manual or automated controls can be circumvented by collusion.
External events are beyond an organization’s control.

Question 17

Describe the role of an external auditor with respect to internal control.

Answer 17

External auditors are independent accountants who have been required to consider the auditee’s system of internal control as part of their audit of the financial statements. The PCAOB also requires auditors of public companies to examine and report on internal control.