Unit 4: Technologies in Accounting Information Flashcards

1
Q

Define Data Definition Language (DDL)

A

A programming language used to define the physical database to the DBMS. The definition includes the names and the relationship of all data elements, records, and files that constitute the database.

The DDL defines the database on three levels called views: the internal view, the conceptual view (schema), and the user view (subschema).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define Data Manipulation Language (DML)

A

The proprietary programming language, which a particular DBMS uses to retrieve, process, and store data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What occurs in the normalization process when an unnormalized table is brought to 1NF?

A

Repeating groups in the table tuple are removed

ex. If the primary key in a Sales Invoice table is “Invoice Num,” the table tuple containing each line item will include repeating data. Each line item would contain the same invoice number, order date, ship date, customer number, etc. To remove the repeating groups, that information is put into a Line Item Table where the primary key is “Invoice Num” + “Prod Num” and then removed from the Sales Invoice table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What occurs in the normalization process when a table is brought from 1NF to 2NF?

A

Partial Dependencies are removed

A Partial Dependency is present any time one or more nonkey attributes are dependent on only part of the primary key rather than the whole key

ex. A Line Item Table is created where the primary key is “Invoice Num” + “Prod Num” The Production Description and Unit Price are two attributes that are only dependent on “Prod Num” and not “Invoice Num.” To remove Partial Dependencies, the Product Description and Unit price data will be moved to an Inventory Table where the only primary key is “Product Num”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What occurs in the normalization process when a table is brought from 2NF to 3NF?

A

Transitive Dependencies are removed

ex. If the primary key in a Sales Invoice table is “Invoice Num”, that primary key can uniquely and wholly identify the Order Date and Ship Date. It does not uniquely identify the customer attributes such as Cust Name, Street Address, Telephone Number. These customer attributes are identified with Cust Num which is a non-key attribute. The customer attributes in this table are Transitive Dependencies and need to be removed and added to a new Customer Table where “Cust Num” is the primary key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the normalization process used for?

A

Removing anomalies from data tables that could cause update, insertion, and deletion anomalies

After normalization process, the table will meet two conditions:
-all non-key attributes in the table are dependent on the primary key
-all non-key attributes are independent of all other non-key attributes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a problem usually associated with the flat-file approach to data management?

A

Data Redundancy.

Excel spreadsheets are an example of a flat-file database. There is no simple way to determine if a particular data item is already in the spreadsheet, especially as the spreadsheet grows.

The only way to determine if data is available in the file is to sequentially read through the entire file from beginning to end, or until the desired data is encountered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which View (the internal view, the conceptual view (schema), and the user view (subschema)) is a description of the physical arrangement of records in the database?

A

Internal View

The internal view shows the way that the data is organized in the database. This is also known as the hierarchical view.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which View (the internal view, the conceptual view (schema), and the user view (subschema)) may provide many distinct views of the database?

A

User View

The user view (subschema) shows that segment of the database that the user can access. This access with vary by user as their requirements vary by business function.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What causes the update anomaly in unnormalized tables?

A

The update anomaly occurs because of data redundancy in unnormalized tables.

Because data can appear multiple times in an unnormalized database, it is difficult to ensure that all occurrences get updated when a change occurs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an ERP?

A

ERP systems are multiple module software packages that integrates key processes of the organization.

ERP systems support a smooth and seamless flow of information across the organization by providing a standardized environment for a firm’s business processes and a common operational database that supports communications.

Under the traditional model, each functional area or department has its own computer system optimized to the way it does its daily business. ERP combines all of these into a single, integrated system that accesses a single database to facilitate the sharing of information and to improve communications across the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the disadvantages to a traditional model that employs closed database architecture?

A

As with the flat-file approach, the data remain the property of the application. Thus, distinct, separate, and independent databases exist. There is a high degree of data redundancy.

When a customer places an order, the order begins a paper-based journey around the company, where it is keyed and rekeyed into the systems of several different departments. These redundant tasks cause delays and lost orders and promote data entry errors. During transit through various systems, the order status may be unknown at any point.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the two general groups of applications of ERP functionality?

A

Core Applications

Business Analysis Applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are Core Applications?

A

Core applications are those applications that operationally support the day-to-day activities of the business. If these applications fail, so does the business.

Ex. sales and distribution, business planning, production planning, shop floor control, logistics

AKA online transaction processing (OLTP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a data mart?

A

When a data warehouse is organized for a single department or function, it is often called a data mart. Rather than containing hundreds of gigabytes of data for the entire enterprise, a data mart may have only tens of gigabytes of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the five stages of the data warehousing process?

A

Modeling data for the data warehouse

Extracting data from operational databases

Cleansing extracted data

Transforming data into the warehouse model

Loading data into the data warehouse database

17
Q

What is the difference between private key and public key encryption techniques?

A

Private Key - Both the sender and the receiver use the same encryption key.

Public Key - Technique that uses two encryption keys: one for encoding the message, the other for decoding it.

18
Q

What is the difference between network-level firewall and application-level firewall?

A

Network-Level Firewall: System that provides basic screening of low-security messages (e.g., e-mail) and routes them to their destinations based on the source and destination addresses attached.

Application-Level Firewall: Provide high-level network security.

19
Q

What are Intelligent Control Agents?

A

Computer programs that embody auditor-defined heuristics that search electronic transactions for anomalies.

20
Q

What is Verisign?

A

Verisign is a for-profit organization that provides assurance regarding the security of transmitted data.

Its mission is to provide digital certificate solutions that enable trusted commerce and communications. Its products allow customers to transmit encrypted data and verify the source and destination of transmissions.

21
Q

What is a VAN?

A

In an EDI environment, a client’s trading parnter’s computer automatically generates electronic transactions, which are relayed across a value-added network (VAN), and the client’s computer processes the transactions without human intervention.

22
Q

What is a firewall?

A

A firewall is a system used to insulate an organization’s intranet from the Internet. It can be used to authenticate an outside user of the network, verify his or her level of access authority, and then direct the user to the program, data, or service requested. In addition to insulating the organization’s network from external networks, firewalls can also be used to protect LANs from unauthorized internal access.

23
Q

What are Seals of Assurance?

A

In response to consumer demand for evidence that a web-based business is trustworthy, a number of trusted third-party organizations are offering seals of assurance that businesses can display on their website home pages. To legitimately bear the seal, the company must show that it complies with certain business practices, capabilities, and controls. This best known six seal-granting organizations are - Better Business Bureau (BBB), TRUSTe, Verisign, Inc., International Computer Security Association (ICSA), AICPA/CICA WebTrust, and AICPA/CICA SysTrust.

24
Q

What is a digital signature?

A

A digital signature is derived from the digest of a document that has been encrypted with the sender’s private key. A digital signature is an electronic authentication technique that ensures the transmitted message originated with the authorized sender and that it was not tampered with after the signature was applied.

25
Q

What is continuous auditing?

A

Continuous auditing enables the auditor to review transactions at frequent intervals or as they occur. The growth of electronic commerce requires the auditors to rethink their traditional practices. Using intelligent electronic agents, transactions can be continuously monitored, and alarms can sound when an anomaly occurs.

26
Q

What is the International Computer Security Association?

A

The ICSA established its web certification program in 1996. ICSA certification addresses data security and privacy concerns. It does not deal with concerns about business policy and business processes. Organizations that qualify to display the ICSA seal have undergone an extensive review of firewall security from outside hackers. Organizations must be recertified annually and undergo at least two surprise checks each year.

27
Q

What is the AICPA/CICA WebTrust?

A

The AICPA and CICA established the WebTrust program in 1997. To display the AICPA/CICA WebTrust seal, the organization undergoes an examination according to the AICPA’s Standards for Attestation Engagements, No. 1, by a specially web-certified CPA or CA. The examination focuses on the areas of business practices (policies), transaction integrity (business process), and information protection (data security). The seal must be renewed every 90 days.

28
Q

What is the AICPA/CICA SysTrust?

A

In July 1999, the AICPA/CICA introduced an exposure draft describing a new assurance service called SysTrust. It is designed to increase management, customer, and trading partner confidence in systems that support entire businesses or specific processes. The assurance service involves the public accountant evaluating the system’s reliability against four essential criteria: availability, security, integrity, and maintainability.

The potential users of SysTrust are trading partners, creditors, shareholders, and others who rely on the integrity and capability of the system. For example, Virtual Company is considering outsourcing some of its vital functions to third-party organizations. Virtual needs assurance that the third-party systems are reliable and adequate to provide the contracted services. As part of the outsourcing contract, Virtual requires the servicing organizations to produce a clean SysTrust report every three months.

In theory, the SysTrust service will enable organizations to differentiate themselves from their competitors. Those organizations that undergo a SysTrust engagement will be perceived as competent service providers and trustworthy. They will be more attuned to the risks in their environment and equipped with the necessary controls to deal with the risks.

29
Q

What three types of data management problems are a result of data redundancy?

A

Data storage

Data Updating

Currency of Information

30
Q

What list shows the detail of vendor shipments and expected receipts of products and components needed for an order?

A

Materials requirements list

31
Q

What was designed to overcome a private key encryption security weakness?

A

The correct answer is “Public key.” Public key encryption uses two different keys: one for encoding messages and the other for decoding. Receivers never need to share private keys with senders, which reduces the likelihood the keys will fall into the hands of an intruder.

32
Q

Which third-party trust organization issues three classes of certificates?

A

The correct answer is “Verisign, Inc.” Verisign, Inc. issues three classes of certificates to individuals, businesses, and organizations.

33
Q

An organization uses a flat-file data management system. The shipping department receives notice that shipping costs are increasing by 10% effective immediately. Customers placing new orders are still billed with the old shipping costs.
Which problem is exemplified in this scenario?

A

The correct answer is “ Currency of information.” The shipping department must inform the billing department of any changes in shipping costs, or the bills will be issued based on outdated information.

34
Q

What attributes are used to describe data that are reliable for use according to the Safe Harbor Agreement?

A

Accurate, complete, and current

35
Q

Define the Safe Harbor Agreement’s onward transfer condition.

A

Unless they have the individual’s permission to do otherwise, organizations may share information only with those third parties that belong to the Safe Harbor Agreement or that follow its principles.

36
Q

How many surprise checks must an organization undergo annually to maintain the International Computer Security Association seal?

A

Two