Unit 4 Test Flashcards
What is a characteristic of the flat-file approach to data management?
Management owns the data files. Users own the data files. The external auditors own the data files. The information technology (IT) department owns the data files.
Users own the data files.
The correct answer is “Users own the data files.” Exclusive data ownership is a characteristic of the flat-file system.
Which three types of data management problems are a result of data redundancy?
Data storage, data updating, and task-data dependency Task-data dependency, data updating, and currency of information Data storage, data updating, and currency of information Data storage, task-data dependency, and currency of information
Data storage, data updating, and currency of information
The correct answer is “Data storage, data updating, and currency of information.” Data storage, data updating, and currency of information problems are caused by data redundancy.
An organization uses a flat-file data management system.
Which problem is caused when customers change their address?
Data storage Information integration Data updating Task-data dependency
Data updating
The correct answer is “Data updating.” When customers change their address, the address needs to be updated in every file where it appears. The address may be stored across different departments, and it would need to be updated with each one of them.
Which flat-file system problem is solved by using a database approach?
Anomalies Internal views Task-data independence Usage reporting
Task-data independence
The correct answer is “Task-data independence.” Task-data independence is a problem of flat files that a database approach can solve.
What are order entry, manufacturing, procurement, accounts payable, payroll, and human resources examples of?
Key processes of inventory Key processes of management Key processes of an organization Key processes of an accounting department
Key processes of an organization
The correct answer is “Key processes of an organization.” Key processes of the organization include order entry, manufacturing, procurement, accounts payable, payroll, and human resources.
Why is there is a high degree of data redundancy in a closed database environment?
- Each department enters its data, which are then accessible and usable by all other departments and functional areas.
- One department enters the data for each department and functional area.
- Merged databases exist because the data have to be entered in each department and functional area.
- Distinct, separate, and independent databases exist because the data remain in the application.
Distinct, separate, and independent databases exist because the data remain in the application.
The correct answer is “Distinct, separate, and independent databases exist because the data remain in the application.” Each department and functional area has its own database.
Which list shows the details of vendor shipments and expected receipts of products and components needed for an order?
Inventory requisitions Materials requirements list Staff requests Exception report
Materials requirements list
The correct answer is “Materials requirements list.” The materials requirements list shows the details of vendor shipments and expected receipts of products and components needed for the order.
Which system represents multiple module software packages that evolved primarily from traditional manufacturing resource planning (MRP II) systems?
Flat file Data warehousing Online analytical processing (OLAP) Enterprise resource planning (ERP) system
Enterprise resource planning (ERP) system
The correct answer is “Enterprise resource planning (ERP) system.” ERPs evolved from in-house systems that were not able to successfully integrate with systems outside the organization.
What is used in a traditional system to provide proof that a transaction has occurred?
Digital signatures Digital certificates Signed invoices Penetration tests
Signed invoices
The correct answer is “Signed invoices.” Physical documents, sales agreements, and signed invoices are used to provide proof that a transaction has occurred in traditional systems.
What was designed to overcome a private key encryption security weakness?
Symmetric key Public key Cryptographic key Physical key
Public key
The correct answer is “Public key.” Public key encryption uses two different keys: one for encoding messages and the other for decoding. Receivers never need to share private keys with senders, which reduces the likelihood the keys will fall into the hands of an intruder.
Which third-party trust organization issues three classes of certificates?
Verisign, Inc. Better Business Bureau (BBB) American Institute of Certified Public Accountants (AICPA) International Computer Security Association (ICSA)
Verisign, Inc.
The correct answer is “Verisign, Inc.” Verisign, Inc. issues three classes of certificates to individuals, businesses, and organizations.
What exemplifies the use of continuous auditing?
Identifying patterns on dissimilar events Searching electronic transactions for anomalies Automatically alerting executive management Using accountant-defined heuristics
Searching electronic transactions for anomalies
The correct answer is “Searching electronic transactions for anomalies.” An intelligent control agent searches electronic transactions for anomalies.
What describes encryption?
Masking information with layers of security Conversion of data into a secret code Scrambling messages so they are illegible Redacting cleartext so it is not readable
Conversion of data into a secret code
The correct answer is “Conversion of data into a secret code.” Encryption is the conversion of data into a secret code for storage in databases and transmission over networks.
Which operation represents the steps for the encryption of data?
- Convert cleartext message, encrypt into ciphertext, decode back to cleartext message
- Code cleartext to ciphertext, send to pick-up location, recipient decodes ciphertext to cleartext
- Apply ciphertext on top of cleartext, transmit to recipient, recipient removes ciphertext to read cleartext
- Code ciphertext to cleartext, send to pick-up location, recipient decodes cleartext to ciphertext
Convert cleartext message, encrypt into ciphertext, decode back to cleartext message
The correct answer is “Convert cleartext message, encrypt into ciphertext, decode back to cleartext message”. The sender uses an encryption algorithm to convert the original message (called cleartext) into a coded equivalent (called ciphertext). At the receiving end, the ciphertext is decoded (decrypted) back into cleartext.
What is the role of a database management system (DBMS)?
Allows users to access any data available Empowers accountants to control data access Ensures the data match the user needs Provides controlled access to a database
Provides controlled access to a database
The correct answer is “ Provides controlled access to a database.” The DBMS provides controlled access to the database. It is programmed to know which data elements each user is authorized to access.
What describes an efficient information system?
Stores custom data for private needs Manages various data collection procedures Duplicates data multiple times Makes data available for multiple requests
Makes data available for multiple requests
The correct answer is “ Makes data available for multiple requests.” An efficient system makes the same data available for requests from different users.
An organization uses a flat-file data management system. The shipping department receives notice that shipping costs are increasing by 10% effective immediately. Customers placing new orders are still billed with the old shipping costs.
Which problem is exemplified in this scenario?
Data storage Task-data dependency Data standardization Currency of information
Currency of information
The correct answer is “ Currency of information.” The shipping department must inform the billing department of any changes in shipping costs, or the bills will be issued based on outdated information.
Which flat-file system problem is solved by using a database approach?
Usage reporting Task-data independence Anomalies Internal views
Task-data independence
The correct answer is “ Task-data independence.” Task-data independence is a problem of flat files that a database approach can solve.
What is a potential result of redundant tasks in a closed database environment?
Quick order turnaround Delays in orders Effortless order tracking Data entry proficiency
Delays in orders
The correct answer is “ Delays in orders.” Delays could be caused by redundant data entry.
While in-house, custom-designed systems dealt efficiently with their designated tasks, they did not provide strategic decision support at the enterprise level.
What is the reason that they lacked support?
- They lacked the integration needed for information transfer across organizational boundaries.
- They lacked the customization needed for information transfer across organizational boundaries
- They lacked the ability to exist on multiple platforms removing their ability to efficiently perform.
- They lacked the ability to address a specific operational problem.
They lacked the integration needed for information transfer across organizational boundaries.
The correct answer is “They lacked the integration needed for information transfer across organizational boundaries.” Customization made systems very organization specific. This specificity made combining with systems outside of the organization extremely difficult.
An organization could have more than one system in place; there could be an in-house system along with a newer commercial system.
How is the communication among many different systems made possible?
- By duplicating tasks throughout the different systems
- By isolating fragmented operations and removing them
- By providing special instructions to employees so they can access both systems
- By applying special software patches where needed
By applying special software patches where needed
The correct answer is “ By applying special software patches where needed.” Special software patches need to be applied.
An enterprise resource planning (ERP) system is more than simply an elaborate transaction processing system.
What else does an ERP system provide?
Real-time decision-making information List of past projects List of previous decisions Extended time to make decisions
Real-time decision-making information
The correct answer is “ Real-time decision-making information.” It is a decision support tool that supplies management with real-time information and permits timely decisions that are needed to improve performance and achieve competitive advantage.
What can be used to assess the adequacy of a client’s access controls?
Computing digests
Penetration testing
Social engineering
Continuous auditing
Penetration testing
The correct answer is “ Penetration testing.” Many firms are now performing penetration tests designed to assess access control by imitating known techniques that hackers use.
Which attributes are used to describe data that are reliable for use according to the Safe Harbor Agreement?
Precise, current, and complete Encrypted, accurate, and complete Accurate, complete, and current Formatted, accurate, and current
Accurate, complete, and current
The correct answer is “ Accurate, complete, and current.” Organizations need to ensure that the data they maintain are accurate, complete, and current, and thus reliable for use.
Which condition of the Safe Harbor Agreement addresses the privacy concern related to the purposes for which an organization collects and uses information?
Notice Enforcement Data Integrity Security
Notice
The correct answer is “ Notice.” An organization must provide individuals with clear notice of “the purposes for which it collects and uses information about them and the types of third parties to which it discloses the information.”
Which statement describes the condition of onward transfer?
- Sharing information with organizations that belong to or follow the Safe Harbor Agreement principles unless instructed otherwise
- Accepting information contingent on the Safe Harbor Agreement conditions and the individual’s approval
- Refusing information provided by organizations that do not follow the Safe Harbor Agreement principles unless it is encrypted
- Reporting violations of the Safe Harbor Agreement information exchange when not authorized by the individual
Sharing information with organizations that belong to or follow the Safe Harbor Agreement principles unless instructed otherwise
The correct answer is “ Sharing information with organizations that belong to or follow the Safe Harbor Agreement principles unless instructed otherwise.” Unless they have the individual’s permission to do otherwise, organizations may share information only with those third parties that belong to the Safe Harbor Agreement or that follow its principles.
Which standard does the Safe Harbor Agreement establish for information?
Size Format Transmittal Structure
Transmittal
The correct answer is “Transmittal.” The two-way agreement between the United States and the European Union establishes standards for information transmittal.
What exemplifies the use of continuous auditing?
Automatically alerting executive management Using accountant-defined heuristics Searching electronic transactions for anomalies Identifying patterns on dissimilar events
Searching electronic transactions for anomalies
The correct answer is “ Searching electronic transactions for anomalies.” An intelligent control agent searches electronic transactions for anomalies.
