q001. - name and briefly describe the five major...

Q001.- Name and briefly describe the five major components thatcomprise the information technology of an organization.

A001.- 1. Hardware - 2. Network - 3. Software - 4. Data - 5. People

Q002.- Describe the normal series of events in an AccountingInformation System (AIS):

A002.- 1. Transaction data from source documents is entered intothe AIS by the end user. - 2. The original paper source documents are filed. - 3. These transitions are recorded in the appropriate journal. - 4. The transactions are posted in the general and subsidiaryledgers. - 5. TBs are prepared - 6. Financial reports are generated.

Q003.- Name and briefly describe five different types of MIS reports.

A003.- 1. Periodic Scheduled Reports - 2. Exception Reports - 3. Demand Reports - 4. Ad Hoc Reports - 5. Push Reports

Q004.- What are the various categories of the Business InformationSystems?

A004.- 1. Transactional processing systems. - 2. Knowledge systems. - 3. Mgmt information systems. - 4. Decision support systems. - 5. Executive information systems.

Q005.- What are the primary roles of teh Biz Info Systems (BIS)?

A005.- 1. Process detail data - 2. Assist in making daily decisions, and - 3. Assist in developing business strategies

Q006.- What are the reporting risks in a BIS?

A006.- 1) Strategic Risk - 2) Operating Risk - 3) Financial Risk - 4) Information Risk

Q007.- Identify functions that should be segregated in an ITdepartment.

A007.- The duties of systems analysts, computer programmers, andcomputer operators should be segregated.

Q008.- Identify the four functions of a DBMS:

A008.- 1. Database Development - 2. Database Query - 3. Database Maintenance - 4. Application Development

Q009.- Identify the seven components of a LAN.

A009.- 1. NODE - 2. Workstation - 3. Server - 4. Network Interface Card (NIC) - 5. Transmission Media - 6. Network Operating System (NOS) - 7. Communications Device.

Q010.- Identify the two types of networks that can be used toprovide WAN Communications services.

A010.- VAN - privately own communications networks that provideadditional services beyond standard data transmissions - Internet based networks - use internet protocols and publiccommunications channels to establish networkcommunications.

Q011.- List some of the features of the value added network.

A011.- VAN: - is privately owned - provides additional services - provides good security - uses periodic (batch) processing - may be expensive.

Q012.- List some of the features of an internet-based network.

A012.- An internet based network: - uses public communication channels - transmits transactions immediately - is relatively affordable - increases the number of potential trading partners.

Q013.- What is the difference between the intranet and theextranet?

A013.- An intranet connects geographically separate LANs within acompany, whereas an extranet permits specified externalparties to access the company's network.

Q014.- Describe two types of processing used in the computerizedenvironment.

A014.- Batch processing - processing - On-line, real-time (OLRT) processing - immediateprocessing

Q015.- Identify three types of computer software.

A015.- System software (programs that run the computer). - Programming languages (generate computer processinginstructions) - Application software (end user programs)

Q016.- What is a batch control total?

A016.- A batch control total is a manually calculated total that iscompared to a computer generated total as a means oftesting accuracy and completeness.

Q017.- What are the advantages and disadvantages of centralizedprocessing?

A017.- Advantages: - Data is secured better, once received. - Processing is consistent (decentralized systems may result ininconsistent processing among regional offices). - Disadvantages: - cost of transmitting large numbers of detailed transaction can be high - there are increasing processing power and data storage needs at thecentral location. - there is a reduction in local accountability - input/output bottlenecks may occur at high traffic times. - there may be a lack of ability to respond in a timely manner toinformation requests from remote locations

Q018.- Identify some differences and problems that one needs to beaware of when auditing in a computer environment ratherthan in a manual environment.

A018.- 1. Disappear Audit Trail - 2. Uniform Transaction Processing - 3. Computer Initiated Transactions - 4. Potential for Increased Errors and Irregularities - 5. Potential for Increased Supervision and Review.

Q019.- List and explain the steps in batch processing.

A019.- Batch processing is accomplished in two steps: - 1. Create a transaction file: the first step is to create atransaction file by manually (usually) keying the data (dataentry), editing the data for completeness and accuracy, andmaking any necessary corrections. - 2. Update the Master File: the second step is to update themaster file by sorting the transaction file into the same orderas the master file and then updating the relevant records inthe master file from the transaction file.

Q020.- What is the basic difference between a databasemanagement system and a database?

A020.- A database is an integrated collection of data records anddata files. A database management system (DBMS) is thesoftware that allows an organization to create, use, andmaintain a database.

Q021.- What is a data warehouse and what is data mining?

A021.- A data warehouse is a collection of databases that storeboth operations and management data. - Data mining is the processing of data in a data warehouseto attempt to identify trends and patterns of business activity.

Q022.- What are some advantages of a DBMS?

A022.- Advantages of a DBMS include: - 1. Data redundancy & inconsistency are reduced. - 2. Data sharing exits - 3. Data independence exists - 4. Data standardization exits - 5. Data security is improved, and - 6. Data fields can be expanded without adverse effects onapplication programs.

Q023.- What is the basic difference between WANs and LANs?

A023.- The basic difference between WANs and LANs is distance. - LANs normally are within a fairly limited distance, andWANs allow much longer distance.

Q024.- How can the internet be defined?

A024.- The internet is an international network composed ofservers around the world that communicate with each other.

Q025.- What are some of the similarities and differences betweenthe internet, intranets, and extranets?

A025.- The internet, intranets, and extranets all use internetprotocols and public communication networks rather thanproprietary protocols and networks so that the samebrowsers can be used. - Intranets connect LANs within a company. - Extranets allow a company's customers and suppliers toaccess the company's network.

Q026.- What are three types of programmed controls?

A026.- 1. input controls - 2. processing controls - 3. output controls

Q027.- What is the major distinction between batch processing andonline processing?

A027.- The major distinction between batch processing and onlineprocessing is that transactions in a bath processing systemare processed in batches and not necessarily at the timethose transactions are submitted. - In online processing, transactions are processed as thetransactions are entered.

Q028.- What is the distinction between centralized and distributedprocess?

A028.- Central processing maintains data and performs dataprocessing at one or more central locations. - Decentralized processing occurs when computing powerand processing are spread out over many locations.

Q029.- What characteristics of a computerized system might lead toa higher potential for errors and irregularities than in manualsystems?

A029.- The following: - 1. the opportunity for remote access increases thelikelihood for unauthorized access. - 2. concentration of information means that once security isbreached, the potential for damage is higher - 3. decreased human involvement in processing results in adecreased opportunity for observation of errors - 4. errors of fraud might occur in the design or maintenanceof application programs

Q030.- What are access controls?

A030.- Access controls limit access to program documentation,data files, programs, and computer hardware to authorizedpersonnel. - Examples include locks, passwords, user id codes,assignment of security levels, call backs on dial up systems,setting of file attributes, and use of firewalls.

Q031.- What is a firewall?

A031.- A firewall is a system of user identification and authorizationthat prevents unauthorized users form gaining access tonetwork controls.

Q032.- What is disaster recovery and what is the differencebetween a hot site and a cold site?

A032.- Disaster recovery consists of plans for continuingoperations in the event of destruction of not only programand data files but also processing capability. - A hot site is an off site location that is completely equippedto immediately take over a company's data processing. - A cold site is an off site location that has all the electricalconnections and other physical requirements for dataprocessing, but does not have the actual equipment.

Q033.- Identify the costs associated with implementing EDI.

A033.- 1. Legal Costs - 2. Hardware Costs - 3. Costs of translation software - 4. Costs of Data Transmission - 5. Process reengineering and employee training costs foraffected applications - 6. Costs associated with security, monitoring, and controlprocedures.

Q034.- Define B2B transactions and identify the three differentmarkets.

A034.- When a biz sells its products or services to other business,it is called a B2B transaction. - B2B E-commerce: many business buy, sell, trade theirproducts & services w/ other business. - Electronic Market: it is very common for B2B transactionsto occur electronically via the internet. - Direct Market: it is also very common for b2b transactionsto occur electronically between businesses where there is apre-existing relationship.

Q035.- Identify some advantages of B2B e-commerce.

A035.- -speed - timing - personalization - security - reliability

Q036.- Define electronic funds transfer (EFT).

A036.- EFT systems are a major form of electronic payment forbanking and retailing industries. - EFT uses a variety of technologies to transact, process, andverify money transfers and credits between banks,businesses, and consumers. - The FED wire system is used very frequently in EFT toreduce the time and expense required to process checks andcredit transactions.

Q037.- Define EDI

A037.- EDI is computer to computer exchange of businesstransactions documents.

Q038.- How are EDI transactions submitted, and what is mapping?

A038.- EDI transactions are submitted in a standard data format - Mapping is the process of deterring the correspondencebetween elements in a company's terminology and elementsin standard EDI terminology.

Q039.- What are the characteristics / features of EDI?

A039.- 1. EDI allows the transmission of electronic documentsbetween computer systems in different orgs. - 2. EDI reduces handling costs and speeds transactionprocessing. - 3. EDI requires that all transactions be submitted in astandard format. - 4. EDI can be implemented using direct links, VANs, or overthe internet.

Q040.- What are some controls for and EDI system?

A040.- -Encryption of data - Activity logs of failed transactions - Network and sender / recipient acknowledgments.

Q041.- What is e-commerce?

A041.- E-commerce involves electronic consummation of exchangetransactions. - E-commerce normally implies the use of the internet.

Q042.- What is B2B?

A042.- B2B is e-commerce between businesses.

Q043.- What is supply chain mgmt?

A043.- supply chain mgmt is the mgmt of an organization's supplychain including what, when, where, and how much for everysale.

Q044.- A program that converts a source program into instructioncodes that the central processing unit can execute is called

A044.- A language processor

Q045.- Central element of Management Information System MIS is

A045.- processing of data items is based on decision models.

Q046.- One reason to use RAID - array of inexpensive disks - is toensure that

A046.- if one drive fail, all data can still be reconstructed

Q047.- Critical software application programs should be stored onthe server in

A047.- Object code

Q048.- ____________ provides instructions to perform a task or job.It would tell the operating system how to schedule, allocateresources and retrieve data.

A048.- Job control language

Q049.- A program that converts PROCEDURE-ORIENTED languageto machine language is

A049.- A compiler

Q050.- A distributed/decentralized processing environment worksbest when

A050.- significant volumes of data are generated at many remotelocations and the user requires immediate access to the data.

Q051.- Specialized programs that perform routine and repetitivefunctions are called

A051.- Service programs

Q052.- Cyclical fluctuations, random variations, seasonal variationsand secular trend are all components of

A052.- time series analysis

Q053.- ID of users who have permission to access data elements indatabase is found in the

A053.- database schema

Q054.- Which method would provide the best data security for afirm that uses a wide area network WAN?

A054.- End-to-end encryption

Q055.- implementing locking procedure could lead to

A055.- Deadly embraces. - Data locking ensures consistent processing

Q056.- Exponential smoothing is a statistical method that is usefulas a sales forecasting technique. - Exponential smoothing weights current data heavier than

A056.- older data. It is used to smooth forecast variation.

Q057.- ___________ usually involves two or more computersfunctioning simultaneously and allows the sharing of acentral memory during processing

A057.- Multiprocessing

Q058.- ___________ allows multiple programs to be executed atexactly the same time

A058.- Multiprogramming

Q059.- In the systems development cycle, coding is part of the

A059.- detailed design phase

Q060.- The system development cycle consists of (5)

A060.- analysis, conceptual design, detailed design,implementation and operation.

Q061.- Which characteristic distinguishes electronic datainterchange (EDI) from other forms of electronic commerce?

A061.- EDI transactions are formatted using STANDARDS that areuniform worldwide

Q062.- Online access controls include :

A062.- authorized user code numbers - passwords - list of all files and programs and a record of the type ofaccess each user is entitled to have for each file and program

Q063.- A computer system flowchart provides the overall view ofthe inputs, processes and outputs of __________

A063.- an information system.

Q064.- When evaluating internal control of an entity that processessales transactions on the internet, an auditor would mostconcern about the:

A064.- potential for computer disruption in recording sales

Q065.- One of the risks in distributed system is

A065.- database INTEGRITY (unity, wholeness ) might not bepreserved during a network or computer failure

Q066.- Who is responsible for authorizing transactions and forcorrecting errors?

A066.- Users

Q067.- Who is responsible for preventing unauthourized physicaland logical access to the system?

A067.- Security management

Q068.- Routines that utilize the computer to check the validity andaccuracy of TRANSACTION data during input are called

A068.- edit programs - they reject those transactions whose datado not meet pre-established standards of data quality

Q069.- The computer operating system performs scheduling,resource allocation and date retrieval functions based on aset of instructions provided by the

A069.- JOB CONTROL LANGUAGE

Q070.- Librarian and production control are most likely to beincluded w/in

A070.- the Operation area of the system department

Q071.- A decision table indicates the

A071.- Alternative logic conditions and actions to be taken in aprogram

Q072.- Operating documentation includes

A072.- equipment configuration, program and data files, anddescription of conditions that may req. program interruption.

Q073.- Intranets ( private networks) are characterized by

A073.- higher security risk and lower costs

Q074.- Managing the IS function includes

A074.- charging user departments for computer services, projectdevelopment planning and responsibility accountingprinciples

Q075.- Validity check use when

A075.- the data is misspelled of transposed - has typing errors

Q076.- Optical character recognition OCR software

A076.- converts images of paper doc. as read by scanning deviceinto text computer files

Q077.- Shareware is

A077.- a program that can be freely copied and tested beforepurchase. - It does NOT transfer data

Q078.- Linked list is a file structure that

A078.- has a field that has the address of the next record

Q079.- Components of the data processing cycle?

A079.- Collection, refinement (classifying and/or batching),processing, maintenance (calculation and storage), output

Q080.- Authorization controls are implemented usingCOMPATIBILITY TESTS and ACCESS CONTROL MATRICES

A080.- COMPATIBILITY TESTS - determine if the user is authorizedto perform the desired action. - ACCESS CONTROL MATRICES - 1)is a list of authorizeduser ID and passwords and - 2) a list of all files, data and programs and the access eachuser has to them

Q081.- The implementation phase of an acct. software applicationwould include :

A081.- obtaining and installing hardware, documentating userprocedures, training users, and entering test data.

Q082.- A DBMS (database management system) are complexsoftware package which permits users to

A082.- access info. From data base. DBMS provides for access andidentification security, concurrent use of data and backupand recovery. - It DOES NOT run application programs.

Q083.- The TRANSFORMATION component of IS has which of threesubsystems?

A083.- Storage, arithmetic-logic, control subsystem.

Q084.- If a database has integrity,

A084.- this means that the database has only CONSISTENT data.

Q085.- The purpose of a cycle processing control is to mitigate therisk of :

A085.- missing or improper transactions

Q086.- REMOTE BACH processing avoids the need of having

A086.- a CPU at each user location

Q087.- Systems analysis is assigned to

A087.- SYSTEM ANALYST- who helps users to analyze their infoand design IS

Q088.- Computer operations are assigned to

A088.- Computer OPERATORS. Programmers should never haveaccess to computer operations

Q089.- Operating systems and compilers assigned to

A089.- SYSTEM PROGRAMMERS , who use the design developedby the analysts to develop an IS and write the computerprograms.

Q090.- 5 components of an IT system are:

A090.- people - procedures - data - software - IT infrastructure

Q091.- Help desks are usually a responsibility of ____________

A091.- computer operations

Q092.- How makes sure that : - a log is kept of all inputs, data processing operation, storeddata, and system output - source data have been properly approved - transactions are processed correctly - inputs and outputs are reconciled - records of input errors are maintained - data-related errors are sent to the users who originated thetransaction fro correction - there is adequate rotation of operator duties

A092.- Control group

Q093.- ____________ authorize and record transactions, usesystem output and are responsible for CORRECTINGERRORS.

A093.- Users

Q094.- An IS's _________ is a committee that establish overallpolicy and directions for an organization’s IS.

A094.- Steering committee

Q095.- Initiating input/output operations, allocating memory andresponding to interrupts is a functions of - ______________ - 2. Translating source code to object code is a functions of_________ - 3. Creating load module libraries is a functions of_________ - 4. Mapping virtual views onto base tables is a functions of_________

A095.- 1. operating system - 2. compilers and interpreters - 3 linkage editor - 4 database management system

Q096.- Knowledge-based systems use symbolic processing basedon ___________ - rules-of-thumb.

A096.- Heuristics

Q097.- A computer system that allows management to makeunstructured decisions concerning company futureis___________

A097.- A strategic information system

Q098.- _____________ connects dissimilar networks - _____________ connects network segments

A098.- Gateway - bridge

Q099.- A program that converts a source program into instructioncodes that CPU can execute is called

A099.- Language processor

Q100.- What is E-Business?

A100.- A more general term than e-commerce and refers to any useof information technology particularly networking andcommunications technology to perform business processesin electronic form.

Q101.- What is EDI?

A101.- Electronic Data Interchange: computer to computerexchange of business transaction documents in structuredformats that allow the direct processing of the data by thereceiving system.

Q102.- What are the costs of EDI?

A102.- 1. Legal costs - 2. Hardware costs - 3. Costs of translation software - 4. Costs of data transmission - 5. Process reengineering and employee training costs foraffected applications - 6. Costs associated with security, monitoring, and controlprocedures.

Q103.- Audit trails in EDI systems should include:

A103.- 1. activity logs of failed transactions - 2. network and sender/recipient acknowledgments

Q104.- Compare: Cost of EDI vs. E-Commerce

A104.- EDI- more expensive E-Commerce- less expensive

Q105.- Compare: security of EDI vs. E-Commerce

A105.- EDI- more secure E-commerce-less secure

Q106.- Compare: speed of EDI vs. E-Commerce

A106.- EDI-slower (batch) E-commerce-Faster (OLRT)

Q107.- Compare: network of EDI vs. E-commerce

A107.- EDI- VAN (private) E-commerce- Internet (public)

Q108.- What is the importance of B2B?

A108.- 1. speed - 2. timing - 3. personalization - 4. security - 5. reliability

Q109.- What are Enterprise Resource Planning Systems? (ERP)

A109.- A cross-functional enterprise system that integrates andautomates the many business processes that must worktogether in the manufacturing, logistics, distribution,accounting, finance, and HR functions of the business.Comprised of a number of modules (Peoplesoft)

Q110.- What four characteristics is Supply Chain Mgmt concernedwith?

A110.- 1. what - 2. when - 3. where - 4. how much

Q111.- What is a Customer Relationship Mgmt System (CRM)?

A111.- Provide sales force automation and customer services in anattempt to manage customer relationships.

Q112.- What are the objectives of CRM?

A112.- 1. increase customer satisfaction - 2. increase revenue/profitability

Q113.- What is an Electronic Funds Transfer (EFT)?

A113.- A form of electronic payment for banking and retailingindustries.

Q114.- What are Application Service Providers (ASP)?

A114.- Provide access to application programs on a rental basis.

Q115.- What are the advantages of ASP?

A115.- 1. lower costs (hardware, software, people) - 2. greater flexibility

Q116.- What are the disadvantages of ASP?

A116.- 1. Possible risks to security and privacy - 2. Possible poor support by the ASP

Q117.- What are the five components of Information Technology?

A117.- 1. Hardware - 2. Software - 3. Data - 4. Network - 5. People

Q118.- What is a Business Information System?

A118.- A computer system that can accurately record andsummarize business transactions.

Q119.- What are the five categories of Business InformationSystems?

A119.- 1. Transaction processing systems - 2. Knowledge systems - 3. Management Information Systems - 4. Decision Support Systems - 5. Executive Information Systems

Q120.- What are the three primary roles of Business InformationSystems?

A120.- 1. Process detailed data - 2. Assist in making daily decisions - 3. Assist in developing business strategies

Q121.- Define hardware.

A121.- The actual physical computer or computer peripheraldevice.

Q122.- Define software.

A122.- The systems and programs that process data and turn thatdata into information.

Q123.- Define network.

A123.- Made up of the communication media that allows multiplecomputers to share data and information simultaneously.

Q124.- Define people.

A124.- The various job titles and job descriptions associated withBIS.

Q125.- Define data.

A125.- Data is raw facts.

Q126.- Define production data.

A126.- Production data is live/real data.

Q127.- Define test data.

A127.- Staging/fake data for testing purposes.

Q128.- Define information.

A128.- Information is organized and processed data that ismeaningful to somebody.

Q129.- What are the five functions performed on data?

A129.- 1. collect - 2. process - 3. store - 4. transform - 5. distribute

Q130.- What is an Accounting Information System (AIS)?

A130.- A type of MIS - also partly a TPS and partly a KS.

Q131.- What are the objectives of an AIS?

A131.- 1. record valid transactions - 2. properly classify those transactions - 3. record transactions at proper values - 4. record transactions in proper accounting period - 5. properly present transactions and related info in thefinancial statements.

Q132.- What are Transaction Processing System (TPS)?

A132.- The systems that process and record the routine dailytransactions necessary to conduct the business.

Q133.- What are Decision Support Systems (DSS)?

A133.- A computer based information system that providesinteractive support for managers during the decision makingprocess. Sometimes called expert systems.

Q134.- What are Management Information Systems (MIS)?

A134.- Provides managerial and other end users withreports/information.

Q135.- What are Executive Information Systems (EIS)?

A135.- Provide senior executives with immediate and easy accessto internal and external information to assist the executives inmonitoring business conditions in general. Assist in strategic(long-term), not daily, decision making.

Q136.- What are the five types of reports?

A136.- 1. Periodic Scheduled Reports - 2. Exception Reports - 3. Demand Reports (pull reports) - 4. Ad Hoc Reports - 5. Push Reports

Q137.- What are Periodic Scheduled Reports?

A137.- Traditional reports that display information in a predefinedformat and are made available on a regular basis to end usersof the system.

Q138.- What are Exception Reports?

A138.- Produced when a specific condition or exceptions occurs -"Red Flag Reports"

Q139.- What are Demand Reports?

A139.- Information from MIS available on demand - "Pull Reports"

Q140.- What are Ad Hoc Reports?

A140.- A report that does not currently exist but that can be createdon demand, without having to get a SW developer orprogrammer involved.

Q141.- What is a Query?

A141.- A specific question made up of various criteria that the enduser can pose to the MIS and extract all transactions or otherinfo that meet those criteria.

Q142.- What are Push Reports?

A142.- Sent to a computer screen or desktop.

Q143.- What is the central processing unit (CPU)?

A143.- The control center of the computer system.

Q144.- What are the two principle components of a CPU?

A144.- 1. The Processor/chip - 2. Primary Storage

Q145.- What is the processor?

A145.- Interprets program instructions and coordinates input,output, and storage devices and performs arithmeticcalculations.

Q146.- What is primary storage?

A146.- Used to store program instructions and data until theprogram instructions can be executed.

Q147.- What are the two components of primary storage?

A147.- 1. random access memory (RAM) - 2. read-only memory (ROM)

Q148.- What is random access memory?

A148.- stores data temporarily while it is being processed.

Q149.- What is read-only memory?

A149.- Permanently store data needed to power the computer

Q150.- What are secondary storage devices? Examples?

A150.- A means to permanently store programs and data. - Ex: hard drives, CD-ROM, magnetic tapes.

Q151.- What are peripherals?

A151.- Devices that transfer data to or from the CPU but that do nottake part in the actual processing of the data.

Q152.- What are the two components of peripherals?

A152.- 1. input devices - 2. output devices

Q153.- What are input devices? Examples?

A153.- Supply data to be processed. - Ex: keyboards, mice, scanners, microphones.

Q154.- What are output devices? Examples?

A154.- Transfer data from the processing unit to various outputmedia. - Ex: printers, speakers, monitors.

Q155.- What is system software?

A155.- Programs that run the computer and support systemmanagement operations.

Q156.- What is an Operating System?

A156.- Provides the interface between the user and the hardware. - It defines what commands can be issued and how they areissued.

Q157.- What is a Database Mgmt System (DBMS)?

A157.- A separate computer program that allows an organization tocreate new database and use and work with the data in thedatabases after the databases have been created. - It also allows for maintenance.

Q158.- What is a bit?

A158.- A binary digit (0 or 1) with which all computer data is stored.

Q159.- What is a byte?

A159.- A byte is a group of normally 8 bits that can represent aletter or number. - Also called a character.

Q160.- What is a Field?

A160.- A group of bytes in which a specific data element such as anemployee number or name is stored - vertical column.

Q161.- What is a record?

A161.- A group of fields that represents the data that is beingstored for a particular entity such as customer or an accountreceivable - horizontal row.

Q162.- What is a file?

A162.- A collection of related records often arranged in some kindof sequence, such as a customer file made up of customerrecords and organized by customer number.

Q163.- What is a database?

A163.- An integrated collection of data records and data files. It iscomprised of nothing more than stored data.

Q164.- What is database development?

A164.- Procedure where a DBA uses the DBMS to create a new,empty database.

Q165.- What is a database query?

A165.- The process where end users can retrieve specific data orinfo from the database by running a query.

Q166.- What are the two components of database maintenance?

A166.- 1. Effectiveness-function properly - 2. Efficiency-working fast enough

Q167.- What are the five types of databases?

A167.- 1. operational databases - 2. analytical databases - 3. data warehouses - 4. distributed databases - 5. end-user databases

Q168.- What is a data warehouse?

A168.- Stores data from current and previous years often from bothoperational and mgmt databases - data mart.

Q169.- What are the advantages of a DBMS?

A169.- 1. reduction of data redundancy and inconsistency - 2. potential for data sharing - 3. data independence - 4. data standardization - 5. improved data security - 6. expanded data fields - 7. enhanced information timeliness, effectiveness, andavailability

Q170.- What are the disadvantages of a DBMS?

A170.- 1. cost - 2. highly trained personnel are necessary. - 3. increased chances of breakdowns. - 4. possible obscuring of the audit trail - 5. specialized backup and recovery procedures required.

Q171.- What are the two types of networks?

A171.- 1. Local Area Network (LAN) - 2. Wide Area Network (WAN)

Q172.- What is a local area network?

A172.- Permit shared resources (software, hardware, data) amongcomputers within a limited area.

Q173.- What is a node?

A173.- Any device connected to a network.

Q174.- What is a workstation?

A174.- A node (usually a PC) that is used by end users.

Q175.- What is a server?

A175.- A node dedicated to providing services or resources to therest of the network.

Q176.- What is a Network Interface Card (NIC)?

A176.- A circuit board installed on a node that allows the node toconnect with and communicate over the network - Ethernetcard.

Q177.- What is transmission media?

A177.- The physical path between nodes on a network.

Q178.- What is a network operating system (NOS)?

A178.- Manages communication over a network.

Q179.- What is a communications device/modem?

A179.- Provides remote access and provides a network with theability to communicate with others.

Q180.- What are the four network topologies?

A180.- 1. Bus Networks - 2. Ring Networks - 3. Start Networks - 4. Tree Networks

Q181.- What is a Bus network?

A181.- Use a common backbone to connect all of the devices onthe network.

Q182.- What is a Ring network?

A182.- Formed in a ring with each device connected to two otherdevices.

Q183.- What is a Star network?

A183.- Formed in a star with each device connected to a central"hub"

Q184.- What is a Tree network?

A184.- Connect multiple stars into a Bus.

Q185.- What is a Wide Area Network?

A185.- Allow national and international communications.

Q186.- What are two types of WANs?

A186.- 1. Value added networks (VAN) - 2. Internet based networks

Q187.- What are Value Added Networks?

A187.- Privately owned and managed communications networksthat provide additional services beyond standard datatransmission.

Q188.- What are four characteristics of VANs?

A188.- 1. private - 2. more secure - 3. expensive - 4. slow

Q189.- What are internet based networks?

A189.- Use Internet protocols and public communications channelsto establish network communications.

Q190.- What are four characteristics of internet based networks?

A190.- 1. public - 2. less secure - 3. inexpensive - 4. fast, online real time OLRT

Q191.- What is an Intranet?

A191.- Connects geographically separate LANS within a company(company's private web site just for employees)

Q192.- What is Extranet?

A192.- Permit others to have direct access to the company'snetwork - port/doorway thru firewall to company's intranet.

Q193.- What are transaction files?

A193.- In a computerized environment, journals are calledtransaction files.

Q194.- What are transaction files used for?

A194.- To update master files.

Q195.- What are master files?

A195.- In a computerized environment, ledgers are called masterfiles.

Q196.- What is a master file update?

A196.- In a manual system, transactions are posted from thejournal to the ledger. In a computerized system, transactionsare used to update balances in the master files.

Q197.- What are the two types of processing?

A197.- 1. Batch - 2. Online Real Time (OLRT)

Q198.- What is batch processing?

A198.- Input documents/transactions are collected and grouped bytype of transaction. These groups/batches are processedperiodically - may use either sequential storage devices orrandom access storage devices.

Q199.- What are the steps in batch processing?

A199.- 1. create a transaction file - 2. update the master file

Q200.- What is online real-time processing?

A200.- Transactions are entered and the master files updated as thetransactions are entered. OLRT systems require randomaccess storage devices.

Q201.- What is centralized processing?

A201.- Maintain all data and perform all data processing at a centrallocation.

Q202.- What is decentralized (distributed) processing?

A202.- Occurs when computing power, applications, and work isspread out or distributed over many locations.

Q203.- What are the two advantages of centralized processing?

A203.- 1. enhanced security - 2. consistent processing

Q204.- What are the five disadvantages of centralized processing?

A204.- 1. possible high cost - 2. increased need for processing power and data storage - 3. reduction in local accountability - 4. bottlenecks/traffic jams - 5. larger delay in response time

Q205.- What are the four main risks with respect to systems?

A205.- 1. strategic risk - 2. operating risk - 3. financial risk - 4. information risk

Q206.- What is strategic risk?

A206.- The risk of choosing inappropriate technology.

Q207.- What is operating risk?

A207.- The risk of doing the right things in the wrong way?

Q208.- What is financial risk?

A208.- The risk of having financial resources lost, wasted, orstolen.

Q209.- What is information risk?

A209.- The risk of loss of data integrity, incomplete transactions, orhackers.

Q210.- Risks can be divided into what three categories?

A210.- 1. errors - 2. intentional acts - 3. disasters

Q211.- What are errors?

A211.- Mistakes, lost or misplaced data, application or systemsoftware problems or other temporary equipment problems,transmission errors, and computer equipment lost or stolen.

Q212.- What are intentional acts?

A212.- Sabotage, embezzlements, viruses, denial of service attacks,and other types of computer fraud.

Q213.- What are disasters?

A213.- Fire, flood, earthquakes, high winds, terrorism, and ware.

Q214.- In general, what is risk?

A214.- The possibility of harm or loss.

Q215.- What is a threat?

A215.- Any eventuality that represents a danger to an asset or acapability linked to hostile intent.

Q216.- What are the four types of controls?

A216.- 1. general controls - 2. application controls - 3. physical controls - 4. segregation of duties

Q217.- What are file attributes?

A217.- Set to restrict writing, reading, and/or directory privileges fora file.

Q218.- What are firewalls?

A218.- A system, often both hardware and software, of user IDs andauthentication that prevents unauthorized users from gainingaccess to network resources; acting as a gatekeeper, itisolates a private network from a public network.

Q219.- What are five threats in a computerized environment?

A219.- 1. virus - 2. worm - 3. Trojan horse - 4. denial-of-service attack - 5. phishing

Q220.- What is disaster recovery?

A220.- Plans for continuing operations in the event of destructionof not only program and data files but also processingcapability.

Q221.- What are the five steps in disaster recovery?

A221.- 1. assess the risks - 2. identify mission-critical applications and data - 3. develop a plan for handling the mission-criticalapplications - 4. determine responsibilities of the personnel involved indisaster recovery - 5. test the disaster recovery plan

Q222.- What is a cold site?

A222.- An off-site location that has all the electrical connectionsand other physical requirements for data processing, but itdoes not have the actual equipment.

Q223.- What is a hot site?

A223.- An off-site location that is "completely" equipped to"immediately" take over the company's data processing.

Q224.- Define System Analyst.

A224.- Architect of the overall computer hardware specifications.

Q225.- What are the two types of Computer Programmers?

A225.- 1. Application programmer/software developer - 2. System programmer

Q226.- What is an application programmer?

A226.- Person responsible for writing/maintaining applicationprograms.

Q227.- What is a system programmer?

A227.- Person responsible for installing, supporting, monitoring,and maintaining the operating system.

Q228.- What are the three types of System Administrators?

A228.- 1. Database Administrator (DBA) - 2. Network Administrator - 3. Web Administrator

Q229.- What is a Database Administrator?

A229.- Person responsible for maintaining and supporting thedatabase software.

Q230.- What is a Network Administrator?

A230.- Person responsible for supporting computer networks.

Q231.- What is a Web Administrator?

A231.- Person responsible for information on a web site.

Q232.- What is a Hardware Technician?

A232.- Person who sets up and configures hardware andtroubleshoots any resulting hardware problems.

Q233.- What is an End User?

A233.- Any workers in an organization who enter data into a systemor who use the information processed by the system.

Q234.- What is segregation of duties?

A234.- Dividing responsibilities for different portions of atransaction (authorization, recording, and custody) amongseveral different people or departments. The objective is toprevent any one person from having total control over allaspects of the transaction.

Q235.- Should the duties of system analysts and computerprogrammers be segregated?

A235.- YES!

Q236.- Hardware?

A236.- Physical computer equip. Downtime is when computer isn’tfunctioning.

Q237.- What's CPU / mainframe?

A237.- Primary hardware component. - Actual processing data occurs in the CPU! - It contains primary storage, a control unit & an arithmetic /logic unit!

Q238.- What's RAM & ROM?

A238.- The primary storage contains the data & program steps thatare being processed by the CPU & is divided into RAM(random-access memory) & ROM (read-only memory)!

Q239.- What's the control unit?

A239.- Portion of the CPU that controls & directs the operations ofthe computer. - It interprets the instructions from the program & directs thecomputer system to perform them.

Q240.- What are peripheral equip?

A240.- Equipment that is NOT part of the CPU but that may beplaced under the control of the CPU, i.e., which may beaccessed directly by the CPU. - Input/Output devices & secondary storage devices areperipheral equip!

Q241.- What are examples of Input/Output devices?

A241.- 1. Barcode readers - 2. Keyboard - 3. Magnetic Ink Character Recognition - 4. Magnetic Tape Reader - 5. Modem - 6. Monitor / Screen - 7. Mouse / Trackball - 8. Optical character recognition scanner - 9. Printer

Q242.- Briefly explain what software is?

A242.- Software includes programs, routines, documentation,manuals, etc., that make it possible for the computer systemto operate & process data.

Q243.- What are examples of secondary storage?

A243.- 1. Disk, Diskette - 2. Magnetic Tape - 3. Offline Storage - 4. Online Storage - 5. Redundant Array of Independent disks - 6. Randomly accessible (direct access) - 7. Sequentially Accessible

Q244.- What's a program?

A244.- A program is a set of instructions that the computer followsto accomplish a task (e.g., A/R update program, inventorymanagement program, & payroll program). Programmaintenance refers to making changes in the program inorder to keep it current & functioning properly. ex. payrollupdate for soc sec changes.

Q245.- What are the 5 program languages?

A245.- MAPFO - 1. Machine Language - 2. Assembly Language - 3. Procedural Language - 4. Fourth-generation Lang - 5. Object-oriented programming

Q246.- What's a graphical user interface?

A246.- A GUI allows user access to software functions depictedthrough use of icons, scroll bars, frames, & other pictorialmeans, rather than line-by-line commands or requests.

Q247.- What's a patch?

A247.- Addition of a new part to a program.

Q248.- Explain briefly JCL, Multiprocessing & programming & VS.

A248.- Job Control Lang - A commend language that launchesapps, specifying priorities, program sizes, runningsequences, databases used, & files used. - Multiprocessing - 2 or more programs at same time & needsmore than one CPU! - Multiprogramming - A program is processed until sometype of input or output is needed. APPEARS if more than oneprogram is being processed concurrently using one CPU! - Virtual Storage - O/S divides a program into segments(called pages) & brings only sections of the program intomemory as needed.

Q249.- What's an operating system?

A249.- Manages the coordinating & scheduling of variousapplication programs & computer functions. The O/S is like atraffic controller for data btw peripheral equipment &application programs.

Q250.- What's pass (run)?

A250.- A complete cycle of input, processing, & output in theexecution of a program, typically an application program.

Q251.- What's heuristic?

A251.- In computing, the adjective heuristic signifies able tochange, it is used to describe a computer program that canmodify itself in response to the user. - ex. spell check or voice recognition software.

Q252.- Collaborative Computing Applications (Groupware,Shareware)?

A252.- A program that allows several people to have access to thesame info & attempts to track the authors of changes.

Q253.- Management information system?

A253.- An information system within an org that providesmanagement with the info needed for planning & control.

Q254.- Utility program?

A254.- Routine functions such as sorting & merging!

Q255.- What's Enterprise Resource Planning Software?

A255.- Complex, highly integrated, multimodule applications thatmanage a business' diff aspects, from traditional accountingto inventory management & advanced planning & forecasting.

Q256.- Library Program (library routine)?

A256.- Programs that frequently are used by several otherprograms. - They are kept within the system & "called up" whenevernecessary. - ex. generating random #'s

Q257.- Web Crawler?

A257.- A specialized program used to search the WWW for filesmeeting user criteria. - *Browser displays! - *Crawler searches!

Q258.- Topology?

A258.- Physical layout of a network! BTRS!

Q259.- Explain the 4 topologies.

A259.- BTRS! - Bus - Each device is connected to a line with disconnectedends. Communication on either side of a failed device isimpossible. - Tree - Devices connected to other devices in a hierarchicalmanner. Some have many connections & some don't. - Ring - Each device connected to 2 others source that itresembles a circle. If one device fails communication is stillpossible, however if a device btw 2 failed one's won't be ableto communicate. - Star - All connected to central device, all messages passthrough central one!

Q260.- Brief explanation of what networks are.

A260.- A network is an arrangement of computers to allow usersaccess to common data, hardware, &/or software. - An internet is a network of networks. - Intranet generally is restricted to employee access. - Extranet is password protected internet usually made forvendors & customers.

Q261.- What's a concentrator?

A261.- A device that combines multiple communication channelsinto one. - A concentrator differs from a multiplexor in that the totalbandwidth of inputs don't have to = total bandwidth ofoutputs!

Q262.- Multiplexor?

A262.- Total between of inputs must equal outputs. - It converts low speed into high speed transmissions & backagain for communication stuff!

Q263.- Proxy server?

A263.- An app or device that manages requests from webbrowsers. A proxy server caches (saves) a copy of pagesretrieved from a web server. - Future requests for the same page are supplied from thecache for shorter response time.

Q264.- Router?

A264.- Switch that transfers incoming messages to outgoing linksvia the most efficient route possible. - ex. over the internet!

Q265.- Firewall?

A265.- Software designed to prevent unauthorized access to databy separating one segment from another!

Q266.- Gateway?

A266.- Software or hardware that links 2 or more computernetworks.

Q267.- Web Browser?

A267.- Program used to find & display www files meeting usercriteria.

Q268.- Parallel vs Serial Transmissions.

A268.- P - all of the bits of a byte are transmitted at once alongparallel lines, with one bit on each line. Practical only forshort distances, public infrastructure is limited in capacity todo this. - S - each bit is transmitted at one time!

Q269.- What are transmission protocols?

A269.- Sets of rules used by the transmitting and receiving devicesso that they both interpret data identically. File transferprotocols is an example.

Q270.- Explain what packet switching is.

A270.- PS divides a message into packets which may betransmitted separately through diff paths. - Routing & control software assemble the packets torecreate the org message. - More efficient than circuit switching, but often involvessome delay.

Q271.- Explain what circuit switching is.

A271.- CS involves a dedicated channel for the duration of thetransmission. - Sender signals it will send message, receiveracknowledges, then whole message is sent.

Q272.- What's client-server architecture?

A272.- A network of workstations (clients) & another computer(server) that is shared among the clients. - 1. File Server - a server in two-tier architecture where mostprocessing occurs at clients & server mainly serves to storestuff. - 2. Database server - similar to a file server, except theserver stores the database management software & doessome processing. - 3. Three Tier (n-tier) Architecture - additional servers areadded to a two-tier so clients share the functions provided bythe servers. Typical servers include print servers, fax servers,application servers & web servers.

Q273.- What are the 4 network languages?

A273.- HHXX - 1. HTML - Hyper text markup language - the code used toformat files for internet display. - 2. HTTP - Hyper text transfer protocol - a set of rulesestablishing how data in files is coded, transferred & viewed. - 3. XML - extensive markup language - similar to HTML asformats info for use on the web but goes further identifyingthe nature of the info. - XBRL - Extensive business reporting language - protocolunder development that will provide interactive capabilities toSEC filings.

Q274.- IP# or address?

A274.- An internet protocol # is a unique # assigned to a computerin a network. A registered IP # is registered with a centraldatabase to eliminate duplication on the web. Since IP #'saren't easy to remember, unique domain names may beassigned to these #'s. A Uniform Resource Locator (URL) isanother name for a web address.

Q275.- What's prima facie credibility?

A275.- Something transmitted electronically from customer derivesits credibility primarily from the controls within the electronicenvironment.

Q276.- A sniffer is?

A276.- A tool that will report all the user names & passwords that itfinds, allowing the operator access to an unaware users emailor other accounts.

Q277.- What are the differences between a TH, virus, & virus hoax?

A277.- Trojan Horse - a seemingly legit program that operates in anunauthorized manner, usually causing damage. - Virus - replicates & attaches itself to other programs, can bejust an annoying message or malicious activity. - Virus Hoax - an email message with a false warning,originator tries to get it circulated as widely as possible.

Q278.- Digital Sig?

A278.- A dig sig is a guarantee that info has not been modified, likea tamper proof seal on a bottle of aspirin. Digital sigs areused for establishing secure website connections & verifyingthe validity, but NOT the privacy, of transmitted files. Also, adigital sig don't verify the receiving person or address.

Q279.- What's encryption?

A279.- Encryption is a mathematical process of coding data so thatin cant be read by unauthorized people. - Decryption is transforming an encrypted file into the filethat existed b4 the encryption. - A key is used to lock & unlock the data. - The key is the set of mathematical operations & any randominitial values that are used to encrypt & decrypt the data. - Algorithms describe the mathematical process vs. keywhich give the exact process.

Q280.- Explain symmetric encryption.

A280.- With symmetric (private key) encryption, the same algorithmis used for encryption & decryption. - Anyone who knows the method used to encrypt themessage can decrypt it. - Should be kept secret btw sender & recipient.

Q281.- Explain asymmetric encryption.

A281.- Think A-Pub!! - Public key (asymmetric) encryption is a system that uses apublic key that may be widely known & a private key that isintended to be dept secret & known only by the recipient ofthe encrypted messages. - The sender encrypts messages to each particular recipientpublic key. The recipient decrypts messages with their privatekey.

Q282.- What are "hot" & "cold" sites?

A282.- Back up places! - Hot - location where a functioning system is planned for usewith minimal prep in the event of a disaster at the primarylocation. - Cold - equipment & power is avail at a location, but requiresa lot of set up!

Q283.- What's a connectionless environment?

A283.- The internet (web) since a website can interact with manyusers simultaneously.

Q284.- What's back-end processing?

A284.- Sales reporting, order inquiry, inventory updating, shippingorder generation, etc.

Q285.- Hacker vs Cracker?

A285.- Hackers - computer enthusiast who's interested in learningthe nitty-gritty. - Crackers - (criminal hacker) - intentionally involved in unethical activity. - Script Kiddies - use tools in an automated fashion & causedamage w/o understanding what they doing.

Q286.- What are 7 kinds of hacker tools?

A286.- DPS TVSV - 1. Demon Dialers - 2. Port Scanners - 3. Scripts - 4. Trojan Horse - 5. Virus - 6. Sniffer - 7. Virus Hoax

Q287.- What's an ad hoc report?

A287.- Non-standardize report composed when the need arises.

Q288.- What are demon dialers?

A288.- Software tools that will dial through a series of phone #'sfinding modems then it will issue standard or defaultpasswords, username combos, or brute attack trying to breakinto the system.

Q289.- What are scripts?

A289.- Scripts will interrogate or investigate machines, finding outwhat accounts exist on the machine & whether a limit onpassword attempts is enabled.

Q290.- What are port scanners?

A290.- Port Scanners are tools that will scan a network & networkdevices, & produce, automatically, reports that say theseparticular services are available & open. - Thus, it's important to turn off services NOT being used &restrict services that are being used.

Q291.- 6 things a general IT system includes?

A291.- 1. Hardware - 2. Software - 3. Documentation - 4. Personnel - 5. Data - 6. Controls

Q292.- What's another word for automated controls?

A292.- Controls embedded in computer programs!

Q293.- What are the benefits of an IT environment?

A293.- 1. Consistently apply predefined bus rules & performcomplex calculations in processing large volumes of trans! - 2. Enhance timeliness, availability, & accuracy of info. - 3. Facilitate additional analysis of info. - 4. Enhance the ability to monitor the performance of theentity's activities & compliance with its policies & procedures. - 5. Reduce the risk that controls will be circumvented,especially if controls over changes to the IT system areeffective.

Q294.- What are the risks of an IT environment?

A294.- 1. Overreliance on info provided b the IT system. - 2. Unauthorized access to data. - 3. Unauthorized changes to computer programs. - 4. Failure to make necessary changes to computerprograms. - 5. Inappropriate manual intervention. - 6. Potential loss of data.

Q295.- What are the 6 trans processing systems?

A295.- 1. Inventory control - 2. Sales - 3. Purchasing - 4. Payroll - 5. Production - 6. General ledger

Q296.- What are 4 things to consider about an IT system?

A296.- 1. Documentation - many processes in IT system don't leaveevidence of performance automatically. - 2. Electronic info - files & records are in machine-readableform & can't be read w/o a computer. - 3. Knowledge - a user may need specialized knowledge touse the system. - 4. Difficulty of change - once implemented it's hard tochange an IT system.

Q297.- What are the 3 management reporting systems?

A297.- 1. F/S - 2. Data Mining - 3. Key Performance Indicators

Q298.- Explain the 3 types of data mining.

A298.- 1. Sieve - sift thru large amts of data quickly. Can be doneon entire pop's! - 2. Customer Profiling - ex. credit card co may flag & delaytrans that don't fit the customer profile. A store may noticeseveral unrelated items commonly are purchases at the sametime, a change in merchandise arrangement can result inincreased sales. - 3. Auditing - looking for fraud.

Q299.- Explain the structure of data.

A299.- Bit - binary digit (0 or 1, on or off) represents smallest unit ofdata. - Byte - group of bits that represents a single character - Field - group of related characters. ex. a name - Record - group of related fields. ex. customer file - Editing refers to the addition, deletion, &/or rearrangementof data. Input editing refers to editing b4 processing & outputediting refers to editing after processing.

Q300.- Master vs Transaction file?

A300.- Master - contains relatively perm data like customer name,address, credit limit, amount owed, etc. - Transaction - contain current temporary data. A transactionfile is used to update a master file. - For example, the day's charge sales would be accumulatedon a trans file that would be used to update the A/R masterfile during an update run.

Q301.- Explain database.

A301.- A structured set of interrelated files combined to eliminateredundancy of data items within the files & to establishlogical connections btw data items. - For ex, within personnel & payroll files, some of the data inthe two sets of records will be the same, in a databasesystem, these files would be combined to eliminate theredundant data.

Q302.- What's encode and decode?

A302.- Encoding (or encryption) is scrambling data to preventunauthorized use. - Decoding is converting data from an encoded state to itsoriginal form.

Q303.- What are the 5 phases of development & implementation?

A303.- Analysis - feasibility study - Design - Programming - coding and testing - Implementation - system is released to user - Monitoring

Q304.- In systems operation, what are the 4 processingmethodologies?

A304.- 1. Batch Processing - 2. Online Processing - 3. Real-time Processing - 4. Integrated System

Q305.- Diff btw batch & online processing?

A305.- B - transactions to be processed are accumulated in group(batches) b4 processing & are then processed as a batch. - OP - Trans are processed & the files are updated as thetrans occurs. ex. cash terminal may automatically updateinventory file when sale is made.

Q306.- What's real-time processing and what's an example?

A306.- An online system is operating in real time if the data isprocessed fast enough to get the response back in time toinfluence the process. - For ex, an airline reservation system is an OLRT systemsince the customer receives reservations after waiting only afew moments.

Q307.- Which functions within the IT dept should be segregated?

A307.- Control Group - Operators - Programmer - System Analyst - Librarian - COPSL

Q308.- What's an integrated system?

A308.- All files affected by a transaction are updated in one transprocessing run! - ex. a sales trans may update the sales summary file, the A/Rmaster file, & the inventory file during one processing run!

Q309.- What are the 3 outside processing arrangements?

A309.- 1. Block time - rent certain block of time from outside party. - 2. Time-sharing - a # of users share a computer system.Each may a access a CPU outside a client whenever. - 3. Service bureau - outside org that provides a wide rangeof data processing services for a fee.

Q310.- What do the C, O & S do in an IT dept?

A310.- Control Group - responsible for I/C within the IT dept! - Operators - Convert data into machine readable form! - Systems Analyst - Designs the overall system & preparesthe system flowchart.

Q311.- Who are the 6 people usually in a website team?

A311.- 1. Accountant / Auditor - Specialists who understand howbus processes work. - 2. Graphics designer - an artists who uses colors & imagesto design a site to complement the sites mission. - 3. Marketing Specialist - 4. Usability Specialist - 5. Webmaster - A programmer responsible for thefunctionality of a site. - 6. Writer - AMUGWW

Q312.- What are the 3 diff administrators & what do they each do?

A312.- Database administrator - responsible for maintaining 1 ormore databases & restricting access to authorized personnel. - Network Administrator - responsible for maintaining theefficiency & effectiveness of an internal network. - Web Administrator - responsible for maintaining externalnetwork interfaces (websites).

Q313.- What's program documentation?

A313.- Primarily used by systems analysts & programmers toprovide a control over program corrections & revisions.

Q314.- What are operations documentation?

A314.- Info provided to the computer operator. - IT can be used by the auditor to obtain an understanding ofthe functions performed by the operator & to determine howdata is processed.

Q315.- What are hardware controls?

A315.- They are controls that are built into the computer.

Q316.- Echo check vs Hardware Check?

A316.- Echo - CPU sends signal to activate input/output device, thedevice sends back signal to verify activation. - Hardware - computer checks to make sure the equipment isfunctioning properly.

Q317.- What is boundary protection?

A317.- Keeps several files or programs separate when they share acommon storage.

Q318.- File labels?

A318.- External - Human readable - Internal - Machine readable - Header - appears at beg of file & contains such info as thefile name, ID# & the tape reel #. - Trailer - at end of file, contains info like count of the recordsin the file & an end of file code.

Q319.- What's a file protection ring?

A319.- Guards against the inadvertent erasure of the info on thetape.

Q320.- What's computer editing?

A320.- Computers can be programmed to perform a wide range ofedit tests (edit checks) on records as they are being enteredin the system. - If a particular record does NOT meet the test, it isn’tprocessed.

Q321.- The 6 control types are?

A321.- PACCDS - Preventive - b4 an error occurs - Application - limited to a specific app, such as a control thatverifies that a soc sec # has only numerical input. - Corrective - after an error is found - Compliance - promote adherence to established policies - Detective - uncover errors after they happen - System or general - apply to the entire system, such as acontrol that verifies parity is maintained.

Q322.- Hot vs cold sites?

A322.- Hot - location where a functioning system is planned for usewith minimal prep in the event of a disaster at the primarylocation. - Cold - location where equipment & power is located &available but requires considerable effort to get an o/sfunctioning.

Q323.- What should continuity planning include?

A323.- 1. Notification procedures - 2. Recovery management - 3. Temp Operating Procedures - 4. Backup & recovery procedures

Q324.- Best way to scenario test disaster stuff?

A324.- Scenario Testing - The expense & lost productivity tosimulate a company wide disaster could be significant &unnecessary. - A dry run (or table-top testing) would discover manyweaknesses & allow contingency plans to be refined. Severallimited-scope disaster sims could pinpoint additionalweaknesses with minimal disruption to regular operations.

Q325.- Documentation Mnemonic?

A325.- OPSOUP - Operation documentation - Problem definition doc - Systems documentation - Operator documentation - User documentation - Program documentation

Q326.- Explain user documentation.

A326.- Description of the input required for processing an outputlisting. - Auditor's may use it to gain an understanding of thefunctions performed by the user & the general flow of info.

Q327.- What are decision tables?

A327.- Decision tables are one means of documentation. - They emphasize the relationships among conditions &actions, & present decision choices. Decision tables oftensupplement systems flowcharts.

Q328.- Explain operator documentation.

A328.- Documentation should be prepared that will indicate thejobs run & any operator interaction. - 1. Daily computer log - tells jobs run, the time & by who. - 2. Console log - a listing of all interactions btw the console& the cpu.

Q329.- What's systems documentation?

A329.- Provides sufficient info to trace accounting data from it'soriginal entry to system output. Includes: - 1. Desc of system - 2. System flowchart - 3. Input descriptions - 4. Output descriptions - 5. File descriptions - 6. Descriptions of controls - 7. Copies of authorizations & their effective dates forsystem changes.

Q330.- What's problem definition documentation?

A330.- Permits auditor to gain a general understanding of a systemw/o having to become involved in the details of the programs.

Q331.- What is the definition of Business Information Systems(BIS)?

A331.- DEFINITION is any combination of people, procedures, andcomputing equipment employed to pursue an organizationalobjective. - STAKEHOLDERS - get output from system. (can be outsideorganization)

Q332.- The Four Major Tasks of any Information System is?

A332.- The 4 elements are: - a. Input - b. Transformation - c. Output - d. Storage

Q333.- What is the definition of a Transaction Processing System(TPS)?

A333.- DEFINITION is it captures the fundamental data that reflectthe economic life of an organization.

Q334.- What is the definition of a Management Information System(MIS)?

A334.- DEFINITION is it typically receives information from a TPS,aggregates it, then reports it in a format useful to middlemanagement in running the business.

Q335.- What is a Data mart?

A335.- DEFINITION is it is a subset of an enterprise-wide datawarehouse.

Q336.- Data Mining - What is it? - What enables it?

A336.- DEFINITION is it is the search for unexpected relationshipsbetween data. - It is enabled by a Data Warehouse.

Q337.- What is a Decision Support System (DSS)?

A337.- DEFINITION is it is an interactive system that is useful insolving structured and semistructured problems, that is,those requiring a management decision maker to exercise hisor her insight and judgment.

Q338.- Does a DSS automate a decision?

A338.- No.

Q339.- What is an Expert System (ES)?

A339.- DEFINITION is it is an interactive system that attempts toimitate the reasoning of a human expert in a given field. - It is useful for addressing unstructured problems whenthere is a local shortage of human experts.

Q340.- What is Artificial Intelligence (AI)?

A340.- DEFINITION is it attempts to imitate human decision making,which hinges on a combination of knowledge and intuition. - It is more sophisticated than (ES). It is designed to perceive,reason, and understand.

Q341.- What is Business Intelligence (BI)?

A341.- DEFINITION is it is what gives upper management theinformation it needs to know where the organization is andhow to steer it in the intended direction. - It gives an executive immediate information about anorganization's critical success factors.

Q342.- What is Enterprise Resource Planning (ERP)?

A342.- DEFINITION is it is the latest phase in the development ofcomputerized systems for managing organization resources. - It is intended to integrate IS's all over the organization bycreating one database linked to all of an organization'sapplications.

Q343.- What is Office Automation Systems (OASs)

A343.- DEFINITION is it is the word processing, spreadsheet, digitaldocument storage, and desktop publishing applicationsfamiliar to most office workers, that are part of anyorganization's IS environment.

Q344.- Does it matter for a BIS if it is manual or computer-based?

A344.- The goals of BIS are the same. The risks are different.

Q345.- List typical IT Personnel titles

A345.- What are these? - a. DBA - b. Network Tech - c. Webmaster - d. Computer Operators - e. Librarians - f. System Programmers - g. Application Programmers - h. Help Desk

Q346.- What is the most common method for building new IS?

A346.- SDLC Approach.

Q347.- What is Systems Development Life-Cycle (SDLC)?

A347.- DEFINTION is it is highly structured and if properly followedit can be helping an organization deploy maintainable, well-documented systems with the functionality that was intended.

Q348.- What are the SDLC Steps?

A348.- Steps are: - a. Project Definition Phase - b. Feasibility Study - c. Cost Benefit Analysis - d. Project initiation Phase - e. Systems Analysis - f. Systems Design - g. Physical Database Design - h. Program Development - i. Procedure Development - j. Installation & Operation - k. System Maintenance

Q349.- What functions need to be segregated with IT?

A349.- List includes: - a. Information Security - b. Systems Development and Maintenance - c. Computer Operations - d. Data Administration - e. End Users

Q350.- What function does an IT Security Officer perform?

A350.- Function performed is: - Responsible for formulation and enforcing a formal ISpolicy for all employees and outside parties who access theorganization's systems.

Q351.- What is the purpose of Systems Development andMaintenance?

A351.- The purpose is due to the users of an organizationrequesting new systems created & changes andenhancements to existing systems.

Q352.- What is the function of Computer Operations?

A352.- The function is for the smooth running of medium & large-scale computers. - ex) Job scheduling and out production

Q353.- What is the function of Data Administration?

A353.- The function is the determination of how the organization'sdata should be stores and what relationships about the databest achieve the organization's business objectives.

Q354.- What is the purpose of a DBA?

A354.- Purpose is to keep the databases running efficiently

Q355.- Who or what function is an end user?

A355.- Function: - Data BELONGS to their department.

Q356.- What is INPUT

A356.- DEFINITION is that the system must acquire (capture) datafrom within or outside of the entity.

Q357.- What is TRANSFORMATION

A357.- DEFINITION is that raw materials (data) are converted intoknowledge useful for decision making (information).

Q358.- What is OUTPUT

A358.- DEFINITION is that the ultimate purpose of the system iscommunication for results to internal or external users.

Q359.- What is STORAGE

A359.- DEFINITION is that before, during, and after processing, datamust be temporarily or permanently stored in files ordatabases.

Q360.- What is a TRANSACTION?

A360.- DEFINITION is it is a single, discrete event that can becaptured by an information system.

Q361.- MIS are often classified by function or activity. What arecommon activities?

A361.- 1. Accounting - 2. Finance - 3. Manufacturing - 4. Logistics - 5. Marketing - 6. Human Resources

Q362.- For function ACCOUNTING, what are the activities?

A362.- Activities for function are: - General Ledger - Accounts Receivable - Accounts Payable - Fixed Assets Management - Tax Accounting

Q363.- For function FINANCE, what are the activities?

A363.- Activities for function are: - Capital budgeting - Operational budgeting - Cash Management

Q364.- For function MANUFACTURING, what are the activities?

A364.- Activities for function are: - Production Planning - Cost Control - Quality Control

Q365.- For function LOGISTICS, what are the activities?

A365.- Activities for the function are: - Inventory Management - Transportation Planning

Q366.- For function MARKETING, what are the activities?

A366.- Activities for the function are: - Sales Analysis - Forecasting

Q367.- For function HR, what are the activities?

A367.- Activities for the function are: - Projecting payroll - Projecting benefits obligations - Employment-level planning - Employee Evaluation tracking

Q368.- What is a STOVEPIPE SYSTEM?

A368.- DEFINITION is it is a single-focus system like most MIS thatare classified by function or activity.

Q369.- What is an INTEGRATED SYSTEM?

A369.- DEFINTION is it links multiple business activities across theenterprise.

Q370.- What do data warehouses require?

A370.- THEY require transaction records be converted to astandard format. They are very large repositories.

Q371.- What is ONLINE ANALYTICAL PROCESSING (OLAP)?

A371.- It is when data warehouses are accessed using analyticaland graphics tools.

Q372.- What is an important component of OLAP?

A372.- Component is drill down analysis.

Q373.- What is DRILL DOWN ANALYSIS?

A373.- DEFINITION is when the user is first presented with the dataat an aggregate level and then can display successive levelsof detail for a given date, region, product, etc. until finallyreaching the original transactions.

Q374.- What a QUERY-AND-REPORTING-SYSTEM?

A374.- A data warehouse. It gets input from various TPS. However,it does not carry on the operations of the enterprise. - DW's are optimized for retrieval and reporting. TPS is fordata entry.

Q375.- What are 3 components of the DSS?

A375.- Components are: - Database - Model - Dialog

Q376.- What is a MODEL?

A376.- DEFINITION, it is the set of equations, comparisons, graphs,conditions, assumptions into which the data will be fed.

Q377.- What is a DIALOG?

A377.- DEFINITION, it consists of the user interface which allowsthe user to specify the particular set of data to which themodel should be applied.

Q378.- What is a GROUP DSS?

A378.- DEFINITION, it aids in the collaborative solution ofunstructured problems. - Users in separate areas of the organization can specifyparameters pertinent to their functions.

Q379.- What are the components of an Expert System?

A379.- Components are: - Knowledge database - Inference engine - Dialog

Q380.- What is an ES KNOWLEDGE DATABASE?

A380.- DEFINITION, It consists of facts and the relationships amongthose facts.

Q381.- What is an ES INFERENCE ENGINE?

A381.- DEFINITION, It is often a series of if/then decisions.

Q382.- What is an ES DIALOG?

A382.- DEFINITION, It allows the user to input data relevant to thecurrent problem which are then filtered through the inferenceengine and used to query the knowledge database. - Optimal solution is suggested to the user - output.

Q383.- What are inference procedures based on?

A383.- The procedures are symbolic processing based onheuristics rather than algorithms.

Q384.- What is a HEURISTIC PROCEDURE?

A384.- DEFINITION, it is based on exploratory problem-solvingtechnique that uses self-education methods (feedbackevaluation) to improve performance. - Systems are interactive and provide explanations of theirproblem-solving behavior.

Q385.- What are FUZZY LOGIC SYSTEMS?

A385.- DEFINITION, is a form of AI that deals with imprecise dataand problems with multiple solutions.

Q386.- When are fuzzy logic systems useful?

A386.- They are useful in the design of industrial controls.

Q387.- What does fuzzy logic use?

A387.- It can use linguistic system variables rather than binarydecisions.

Q388.- What is fuzzy set theory?

A388.- It allows object to belong partly to multiple sets. It is usefulfor the vagueness of real world items where they belong to aset only to a degree.

Q389.- What do fuzzy rule based systems apply?

A389.- They apply methods to solve real-world problems where asystem is difficult to model and controlled by a humanoperator and ambiguity is common.

Q390.- Benefits of Fuzzy Logic Systems?

A390.- They are: - 1. Simplified, reduced development cycle. - 2. Ease of Implementation. - 3. User-friendly, efficient performance.

Q391.- What are NEURAL NETWORKS?

A391.- DEFINITION, A collection of processing elements workingtogether to process information much like the human brain,including learning from previous situations and generalizingconcepts.

Q392.- What are CASE-BASED REASONING SYSTEMS?

A392.- DEFINITION, use a process similar to that used by humansto learn from previous, similar situations.

Q393.- What are RULE-BASED EXPERT SYSTEMS?

A393.- DEFINITION, function on the basis of set rules to arrive at ananswer. - Cannot be changed by the system itself and must bechanged by an outside source aka programmer.

Q394.- What are INTELLIGENT AGENTS?

A394.- DEFINITION, programs that apply a built-in or learnedknowledge base to execute a specific, repetitive, andpredictable task.

Q395.- What is the purpose of BI - Business Intelligence?

A395.- It gives executives immediate information about criticalsuccess factors for the organization.

Q396.- What is a DIGITAL DASHBOARD?

A396.- DEFINITION, it can be displays of bar charts, graphs, otherformats etc. - grouped by a particular executive's needs.

Q397.- Traditional ERP system does what?

A397.- Subsystems share data and coordinate their activities. - These are BACK OFFICE functions (aka Internal to theorganization). - Comprehensively, this includes materials requirementplanning, manufacturing resource planning, supply chainmgt, and customer relationship mgt.

Q398.- What is ERP II?

A398.- DEFINITION, Current generation has added front officefunction to connect organization with customers, suppliers,owners, creditors, etc.. - Allows for supply chain mgt, customer relationship mgt,and partner relationship mgt.

Q399.- What is the major disadvantage of an ERP?

A399.- It is complex and extensive so it is costly and difficult toimplement. Only largest organizations can.

Q400.- What is Information Resource Management?

A400.- DEFINITION, includes the mgt of all the forms of IS (WP,Spreadsheet, digital docs, desktop publishing) and needs ofusers for the information holdings of the organization. (OAS)s

Q401.- What is the purpose of Financial Reporting systems?

A401.- 1. Generate information for external users (investors,regulators, creditors). - 2. Form of Financial Statements. - 3. Backward looking at historical data.

Q402.- General Steps of the Accounting Cycle - included in theaudit trail!

A402.- Cycle includes: - 1. Entry of source data and file documents (can beelectronic) - 2. Make entries in general and special journals. - 3. Post entry to GL and subsidiary ledgers accounts. - 4. Prepare Trial Balance - 5. Prepare Financial Statements for external reporting.

Q403.- What is the purpose of Management Reporting systems?

A403.- Purpose is: - 1. Internal focus on planning, control, and decision making. - 2. Forward looking - forecasting. - 3. Internal uses (no need for GAAP) - 4. Nonfinancial and financial data in flexible formats. - 5. Major element = cost accounting and budgeting.

Q404.- BIS risks - please list?

A404.- Include: - 1. System availability - 2. Volatile transaction trails. - 3. Decreased human involvement. - 4. Uniform processing of transactions, - 5. Unauthorized access. - 6. Data Vulnerability - 7. Reduced segregation of duties. - 8. Reduced individual authorization of transactions. - 9. Specialized knowledge.

Q405.- Main risk related to system failure

A405.- 1. Strategic Risk - 2. Operating Risk - 3. Financial Risk - 4. Information Risk - 5. Specific Risks

Q406.- Strategic Risk

A406.- Means risk of choosing inappropriate technology

Q407.- Operating Risk

A407.- Doing the right thing in the wrong way. Not running reportsin a given date...payroll report

Q408.- Financial Risk

A408.- Risk of having financial resources lost or stolen

Q409.- Information Risk

A409.- risk of loss of data integrity

Q410.- Specific Risks

A410.- Errors, intentional acts and disaster (fire, flood)

Q411.- Risk MGMT Definitions

A411.- Risk - possibility of harm or loss - Threat - represents danger to an asset or capability thatlinked to hostile intent - Vulnerability - characteristics of a design, implementationor operation that renders the system that susceptible to athreat - Safeguards and Controls - policies and procedures thateffectively applied reduce or min. vulnerability

Q412.- Risk Assessment

A412.- Risk can be assessed and some extent can be managed - Steps: - 1. Identify the risk - 2. Evaluate the probability of the occurrence and - 3. Evaluate the exposure of the potential loss - 4. Identify controls to guard against risks - 5. Cost and Benefit of the implementation

Q413.- Risk Evaluation and Types of Control

A413.- Controls are always evaluated on cost/benefit basis - 1. General Controls - 2. Application Controls - 3. Physical Controls - 4. Segregation of Duties

Q414.- General Controls

A414.- Controls over data center operations - System software acquisition and maintenance controls

Q415.- Application Controls

A415.- Apply to processing of individual transactions

Q416.- Physical Controls

A416.- Physical security of IT assets; facilities

Q417.- Segregation of Duties

A417.- segregate duties

Q418.- Access Controls

A418.- Limit access to program documentation, data files,programs and computer hardware;

Q419.- Physical Access

A419.- Restrict access through: - locked computer rooms - require ID cards and keys for entry - manual key locks on the equipment - Laptops are most stolen and hard to protect; sensitive datashould not be saved on it

Q420.- Electronic Access

A420.- 1. User ID codes - 2. Assignment and Maintenance of security levels - 3. Callbacks and Dial up system - 4. File attributes - 5. Firewalls - 6. Threats in comp. environment

Q421.- Electronic Access - User ID codes

A421.- common security couple with password; - backdoor - bypasses normal security requirements - shouldbe eliminated - Lockout when there are so many failed attempts to log in

Q422.- Callbacks and dial up systems

A422.- remote access users are called back; - the system calls the authorized caller and identify theperson

Q423.- File Attributes

A423.- Primitive control - set to restrict writing/editing files

Q424.- Firewalls

A424.- This is a system both hardware and software preventsunauthorized access to the network resources, acting asgatekeeper. - It isolates private network from public; also could be usedto improve network traffic - Firewalls deter and do not prevent - doesn't protect againstviruses - Traditionally it has been network only - Application firewalls - a new type firewall; designed toprotect specified application services from attack;Supplements network firewalls

Q425.- Firewall Methodologies

A425.- The main difference between types of firewalls is level atwhich firewalls examine the data packets - 1. Packet Filtering - examines data as they pass thru thegateway - 2. Circuit Level Gateways - only allows requested accessfrom the computers inside - 3. Application Level Gateways - slower and more securethan the other two. Examine in a sophisticated manner

Q426.- Threats in computerized environment

A426.- 1. Virus - piece of computer program that inserts itself intoother programs to propagate. It cannot run indie, requireshost program - 2. Worm - program than can run indie and propagates itselfover network; can't attach itself to other programs - 3. Trojan Horse - program appears to have useful functionbut contains hidden security risks; Doesn't replicate itself - 4. Denial of Service Attack - 1 computer bombards anothercomp with a flood of info intended to keep legitimate usersfrom accessing the target computer - 5. Phishing - sending of phony emails to try lure people intosites that ask financial info

Q427.- 1. Safeguarding Records and files

A427.- 1. Safeguarding Records and files - 2. Backup files - 3. Program modification controls - 4. Data encryption

Q428.- 2. Backup files

A428.- 1.Grandfather-father-son: - There is always 2 backup files that can create the destroyedfile. - 2. Backup all critical application data - 3. Backups of systems that do not shut down

Q429.- 3. Program modification

A429.- prevent changes by unauthorized personnel and alsocontrols that tracks program changes so that there is anexact record of what versions of what programs are runningin production at any specific point in time

Q430.- 4. Data encryption

A430.- digital cert - An attachment to an electronic message usedfor security purposes. - The most common use of a digital certificate is to verify thata user sending a message is who he or she claims to be, andto provide the receiver with the means to encode a reply.

Q431.- Disaster Recovery and Business Continuity

A431.- Disaster Recovery - consists of plans for continuingoperations in the event of destruction - Major players: - 1. Senior MGMT - 2. IT people and business areas - 3. External service provider - 4. Software and hardware vendors

Q432.- Steps in disaster recovery

A432.- 1. Assess the risks - 2. Identify mission critical applications and data - 3. Develop a plan - 4. Determine the responsibilities of the personnel involved - 5. Test the plan

Q433.- Types of disaster recovery

A433.- 1. Use a disaster recovery service - depending on the pricecan buy diff services - 2. Internal disaster recovery - costly but banks and brokershave duplicate facilities - 3. Multiple data center backups - use one data center as aback up - not very easy

Q434.- Cold Site

A434.- Off-site location that has all the electrical connections andother physical requirements for data processing but doesn'thave actual equipment. - 1. Ready in 1-3 days - 2. Cheapest form of off-site location - 3. Organizations use generic hardware that can be readilyavailable

Q435.- Hot Site

A435.- Off-site location that is readily available for data processing. - Backup copies of data could be stored there - a. Telecommunication network is the hardest to set up andrecover - b. Floor space and equipment - c. Personnel issues

Q436.- Hardware

A436.- Consists of: - 1.CPU - 2.Secondary Storage devices - 3.Peripherals - 4.Classes of processors

Q437.- Hardware - CPU

A437.- Consists of processor and primary storage. - Processor interprets program instructions and coordinatesinput and output and storage devices and performs arithmeticcalculations. - Primary storage used store program instructions and datauntil program instructions can be executed; For PC's thereare 2 kinds of primary storage which are ROM and RAM. - ROM - read only - permanently store data needed to powerthe computer - RAM - random access - stores data temporarily while it isbeing processed

Q438.- Hardware - Secondary Storage Devices

A438.- CD-ROM, floppy disk, flash drive; - RAID - redundant array of indie disks used for storage -combined inexpensive disk drives into array of disks toachieve performance, capacity that exceed one large disk

Q439.- Hardware - Peripherals

A439.- Input - keyboard, mouse, scanners, touch screens - Output - printer, monitor, speakers

Q440.- Hardware - Classes of processors

A440.- Those found in business environments are mainframe,midrange, mini comp, and PC

Q441.- Software

A441.- 1. System software - 2. Programming Languages - 3. Application Software

Q442.- System Software

A442.- consists of programs that run the computer and supportsystem management operations. - Ex: operating system and DBMS

Q443.- System Software - Operating System

A443.- 1. provides interface between user and the hardware. - 2. It defines what command can be issued and how they areissued - 3. Controls all input and output to main memory; Also couldinclude certain utility programs

Q444.- System Software - DBMS

A444.- For companies that employ mainframe and midrangecomputing system DBMS is very important software package; - DBMS is not database it is a tool. - DBMS is a separate computer program that allowsorganizations to create new databases and allowsmaintenance to be performed on the DBase.

Q445.- Data Storage Definitions

A445.- 1. Bit - binary digit of 0 and 1 - 2. Byte - 8 bits - that can represent a number or a letter - 3. Field - group of bytes - 4. Record - a group of fields that represents that data thatare being stored for an entity - 5.File - collection of related records

Q446.- System Software - Database

A446.- integrated collection of data records and files.

Q447.- Relational Technology

A447.- most successful DB are based on RT. Data is stored on 2dimensional tables that related to each other vis keys

Q448.- Normalization

A448.- process of separating data into logical tables. Beforerelational DB can be designed normalization has to occur

Q449.- Object Oriented DB

A449.- could be slower than relational because it stores images,drawings and videos

Q450.- Major uses of DBMS

A450.- 1. DB Development - uses it to create new DB - 2. DB Query - end users retrieve specific data (commonlyused query language is SQL). SQL consists of DDL, DML,DCL - 3. DB Maintenance - update DB to reflect new businessneeds and demands - 4. Application Development - computer programmer to usea programming language to turn a DB into softwareapplication

Q451.- Types of DBs

A451.- 1. Operational - store detailed data to support day to dayoperations - 2. Analytical - information extracted from operational DBand used by managers - 3. Data Warehouse - store data from current and previousyrs from operational and mgmt DB; Used for data mining(means identify trends); - Data mart = limited scope data warehouse - 4. Dist. DB - physically dist in some manner - 5. End user DB - developed by them on their workstations(emails downloads)

Q452.- ADV of DBMS

A452.- 1. Reduce data redundancy and Inconsistency - 2. Potential for data sharing - 3. Data Independence - means definition of the data isseparate from the programs that use the data - 4. Standardized Data - 5. Improved Security - 6. Expanded data fields - 7. Enhanced timeliness, effectiveness and availability

Q453.- Dis ADV of DBMS

A453.- 1. Cost - 2. Highly trained personnel - 3. Increased chances of breakdown - 4. Possible obscuring of audit trail (if the data is movedfrom one to the other) - 5. Specialized backup and recovery procedures - especiallyif it is distributed

Q454.- Software Programming Languages

A454.- 1. COBOL, Pascal, C++ allow programmers to writeprograms in source code. - 2. Fourth Generation languages - enable end users todevelop applications with little or no technical assistance. - 3. Object oriented - programming - combines the data and the specificprocedures that operate on that data into one thing = anobject. Intended to produce reusable code. Ex: Java and C++

Q455.- Application Software

A455.- Includes diverse group of systems and programs that an orguses to accomplish an objective. - Can be generic or customized. - Groupware/shareware - lets people to work on the same docand coordinate their activities.

Q456.- Network

A456.- Network is a interconnected group of interconnectedcomputers and terminals. - It consists of computers, terminals, communicationchannels, communication software

Q457.- Network - LAN

A457.- permit shared resources (software, hardware and data)among computers within a limited area. - Normally privately owned which means that they don't usetelephone lines or that they use private lines leased fromtelecommunications providers

Q458.- Components of LAN (and other networks)

A458.- 1. Node - 2. Workstation - 3. Server - 4.Network Interface Card - 5.Transmission media - 6. Network operating system - 7. Communications devices/modems - 8. Communication/Network Protocols - 9. Gateways and Routers - 10. Client server configurations - 11. Network topologies (bus, ring)

Q459.- Node

A459.- any device connected to a network

Q460.- Workstation

A460.- Node (PC) that is used by end users

Q461.- Server

A461.- node dedicated to providing services or resources to therest of the network (share printer). - Not directly accessed by individual users but only throughthe network software

Q462.- Network Interface Card (NIC)

A462.- circuit board installed on a node that allows the node toconnect with and communicate over the network

Q463.- Transmission Media

A463.- physical path between nodes on a network. It may be wiredor wireless; - LAN-usually have dedicated line

Q464.- Network Operating System (NOS)

A464.- manages communication over network; It could be peer topeer which means they all share in communicationmanagement or client /server system which means centralmachine serves as the mediator of communication on thenetwork; Ex: Microsoft Windows and Microsoft NT

Q465.- Communication Devices/Modem

A465.- provides remote access and provides a network with theability to communicate with others. Allow connection of twodissimilar networks.

Q466.- Communication/Network Protocols

A466.- In order to transmit information from one place to another atelecommunication network must perform series of functionsand they communicate by adhering a common set of ruleswhich is called network protocol - Ex: if people don't talk the same language similar

Q467.- Gateways/Routers

A467.- combination of hardware and software that connect differenttypes of networks by translating from one set of protocols toanother; - Router - is used to route packets of data through severalinterconnected LANs or to a WAN - Bridge - used to connect segments of a LAN which both usethe same set of network protocols (LANs are divided intosegments for a better performance)

Q468.- Client Server Configuration

A468.- Most LANs and WANs are set up as client/server. - Workstations are referred as clients and other processorsthat provide services to the workstations are called servers.

Q469.- Network Topologies

A469.- defines the physical configuration of the devices and thecables that connect them.

Q470.- Network Topologies -Bus

A470.- bus networks use a common backbone to connect all of thedevices on the network; - Signals are transmitted over the backbone in the form ofmessages that are transmitted to and received by all of thedevices in both directions from the transmitting device andonly intended one accepts the message and the others ignorethe message; - If anyone of them is down the whole network is down. - Only one can transmit at a time. - If two devices transmit at the same time the messagescollide so they would have to send again

Q471.- Network Topologies -Ring

A471.- Each device is connected to two other devices. - If anyone of them is down the entire network is down - It is almost obsolete - No colliding of messages on this network. The tokencontinually passes around the network;

Q472.- Network Topologies -Tree

A472.- connects multiple starts into a bus. each hub is connectedto a bus.

Q473.- Network Topologies -Star

A473.- each device is connected to a central hub; The hub controlsthe transmission; - If one of them is down it doesn't affect the rest; - Ex: many home networks are an example

Q474.- WAN

A474.- allow national and international communications. - Employs non-dedicated public communication channels astheir media; - The service could be provided by VAN, Internet based, Pointto Point

Q475.- Types of WAN

A475.- 1. Value added network (VAN) - 2. Internet Based - 3. Intranets and Extranets

Q476.- WAN - Value added network

A476.- Privately owned and managed networks that provideadditional services beyond standard data transmission (oftenused for EDI) - 1. VANs automatically detects errors, protocol conversion(parties don't have to use the same network protocols), andmessage storing and forwarding - 2. Good security b/c it is private - 3. Often batch transact and send them at night - 4. Charged fixed fee + per trans fee thus very expensive

Q477.- WAN - Internet based

A477.- uses internet protocols and public communicationschannels to establish network communications. - ADV of internet on EDI - 1. Fast transaction processing - 2. Cheaper - 3. Many trading partners b/c it is cheaper

Q478.- WAN- Intranets

A478.- connect geographically separate LANs within a company

Q479.- WAN-Extranets

A479.- permit company suppliers, customers and partners havedirect access to the company network

Q480.- Transaction Processing Terminology - Transaction files

A480.- in computerized environment journals are called transactionfiles. - Temp files used to update master file - If not needed for audit trail, it is periodically purged

Q481.- Transaction Processing Terminology - Master files

A481.- Ledgers are called master files. - Transaction files update balances in master file - Permanent file but could semi permanent - Grandfather - father-son filing might utilized; - Son- kept for next processing - Father - retained in case there is problem with theprocessing - Grandfather - retained off site for disaster recovery

Q482.- Transaction Processing Methods

A482.- 1. Batch Processing - 2. Online Real Time Processing

Q483.- Transaction Processing Methods - Batch Processing

A483.- Inputs are collected and grouped by the type of transaction.There is always a time delay. Often used in g/l or payrollsystem where data in the system doesn't need to be currentall the time. - Steps in batch processing: - 1. Create a transaction file - check data for completenessand accuracy - 2. Update the master file - by sorting the transaction filesand update relevant records - 3. Compare the manual totals with computer generatedtotals. Ex: DR and CR need equal...

Q484.- Transaction Processing Methods - Online Real TimeProcessing

A484.- Master files updated as transaction files are entered thus notime delay; - Often used in networked system to permit data to updatecommon set of master files over different geographic regions

Q485.- Online Processing

A485.- OLAP- online analytical processing - allows end users toretrieve data from a system and perform analysis using statand graphical tools

Q486.- Centralized Processing

A486.- Maintain all data and perform all data processing at a centrallocation; - Uses mainframe and large computing applications

Q487.- Centralized Processing ADV

A487.- 1. Enhanced data security - 2. Consistent Processing

Q488.- Centralized Processing Disadvantage

A488.- 1. Possible high cost - 2. Increased need for processing power and data storage - 3. Reduction in local accountability - 4. Bottlenecks - 5. Delayed response time

Q489.- Decentralized Processing

A489.- occurs when computing power, applications and workspread over many locations

Q490.- Primary Roles of Business Information Systems (BIS)

A490.- 1. Process detailed data - processing reservation... - 2. Assist in making daily decisions - helps managers tomake daily decisions by using MIS, DSS and Knowledgesystem - 3. Assist in developing Business Strategy - exec. infosystem performs this role.

Q491.- Components of BIS

A491.- 1. People - 2. Hardware - 3. Software - 4. Data - 5. Network

Q492.- Functions performed on data

A492.- 1. Collect - 2. Process - 3. Store - 4. Transform - 5. Distribute

Q493.- Accounting Information System (AIS)

A493.- AIS is a type of MIS, partly transaction processing systemand knowledge system

Q494.- Objective of AIS

A494.- 1. Record valid transactions - 2. Properly classify those transactions - 3. Record them in proper value - 4. Record them in the proper period - 5. Present properly on the Financials

Q495.- Sequence of Events in AIS

A495.- 1. Data entered to the system - 2. Store original paper source - 3. Record the transaction in the right journal - 4. Posted to G/L - 5. Prepare Trial Balance - 6. Financials are generated

Q496.- Transaction Processing System

A496.- systems that process and record the routine, dailytransactions necessary to conduct business. - Ex: hotel rsvp system

Q497.- Decision Support System = DSS (sometimes called expertsystem)

A497.- provides interactive support for managers during decisionmaking process. DSS is an extension of MIS and useful fordeveloping information directed toward making particulardecision

Q498.- MIS

A498.- All of the general characteristics of BIS apply but has morespecific function; supports decision making

Q499.- EIS

A499.- provides immediate, easy access to internal and externalinformation to assist the executives in monitoring businessconditions in general

Q500.- Types of Reports

A500.- 1. Periodic scheduled Reports - made available on regularbasis - 2. Exceptions Reports - available only when exceptionoccurs - 3. Demand Reports - 4. Ad Hoc Reports - run query - 5. Push Reports - google reader

Q501.- a set if rules for exchanging data between two computers iscall

A501.- protocol

Q502.- a computer that is running software that allows users toleave messages and access information of general interest

A502.- bulletin board

Q503.- message encryption software

A503.- increases system overhead because the machineinstructions necessary to encrypt and decrypt data constitutesystem overhead

Q504.- benefit of EDI

A504.- EDI (Electronic data interchange) - is improved business relationships

Q505.- risk related to end user computer systems as compared withmainframe

A505.- risks is that applications that are difficult to integrate withother information systems

Q506.- a risk that is higher when a electronic funds transfer EFTsystem is used is

A506.- unauthorized access and activity.

Q507.- a computer that is designed to provide software to othercomputers is a

A507.- server

Q508.- EDI transmissions

A508.- are ordinarily formatted using uniformed world widestandards

Q509.- compiler

A509.- procedure or problem oriented language is converted tomachine language through a compiler

Q510.- converter - interpreter - verifier

A510.- interpreter is used to make punch cards readable by people. - verifier is used to test key punch errors - converter changes program one from to another

Q511.- which of the following is most likely to increase the risk ofunauthorized user access - pg 402#20

A511.- greater online access to information systems.

Q512.- a commonly used measure of the activity in a master fileduring a specified time period is called

A512.- volatility: file volatility is the relative frequency with whichrecords are added, deleted or changed during a specifiedperiod.

Q513.- a byte is a grouping of bits required to define one unit ofdata such as a letter or interer.

A513.- IBM eight bits to a byte - ASC11 uses 7 bits to byte - chain of digits required to define one unit is a byte

Q514.- relational databases: the elements of data relate to onanother in a highly flexible way. - tables: are called relations - columns : are called attributes - rows : are called tuples

A514.- two features of rational data bases you must be familiar withare - 1 cardinality - 2 referential integrity

Q515.- Fields is the term for data elements in a record

A515.- ibm developed isam - indexed sequential access method which is an approach tofile organization - in which records are stored sequentially in a direct accessfile and organized by a primary key stored in an index record

Q516.- greatest advantage of database architecture

A516.- data redundancy can be reduced

Q517.- in a database system storage structures are created thatrender the application programs independent of the physicalor logical arrangement of the data

A517.- each data item has a standard definition, name, format - and related items are linked by a system of pointers

Q518.- the primary purpose of a database is to have a singlestorage location for each

A518.- data item

Q519.- referential integrity

A519.- conditions that constrain database records

Q520.- schema

A520.- is a particular data base design - consist of the layouts of tables and the constraints onentering new records

Q521.- data dictionary

A521.- contains the physical and logical characteristics of everydata element in a database

Q522.- data definition language defines the database structure andcontent, especially the schema( the description of the entiredatabase) - and - subschema(logical views of the database

A522.- the schema specifies characteristics such as the names ofdata elements contained in the data base and theirrelationships to each other

Q523.- data dictionary is a file in which in which the records relateto specific data items. - it contains definitions of data items - list of programs used to process - them

A523.- data must be batched before it is converted to machinereadable form

Q524.- completeness test checks that all data elements are enteredbefore processing. an employee in the rec department forgotto type in po number the best system control to detect this isa completeness test an interactive system would tell the recclerk to type in the po number

A524.- hash totals are total of numbers that don't have a definedmeaning for example you add the invoice numbers and total itto get a hash total.

Q525.- check digit number just get the idea - 4187604 - you take last digit 4 this is a check digit for some controlyou calculate - by multiplying the numbers to the left of four by somesequence your create - example 4187604 0*2+6*1+7*2+8*1+1*2+4*1 =34 the last digit become the check digit 4

A525.- edit check test transactions prior to processing

Q526.- System Analyst

A526.- 1. Internally Developed - SA designs overall application,decides what type of network needs. Traditionally works withend users to determine the requirements of the system anddesign based on that; Could be combined with programmerposition - 2. Purchased - learn the application and integrate the packetwith existing application by designing interfaces

Q527.- Computer Programmer

A527.- 1. Application Programmer/Software Developer - responsible forwriting/maintaining and testing of application package; Also createinstructions for how to use the application; - Shouldn't give them write/update access to data in production oruncontrolled/unrestricted access to application program change mgmtsystem - 2. System Programmer - responsible for installing, supporting,monitoring and maintaining operating system; they do not writeprograms; - they should not have write/update access to application program - it ishard to maintain b/c they have access to operating system and knowenough to bypass normal system security

Q528.- Computer Operator

A528.- responsible for scheduling processing jobs;running/monitoring/distributing scheduled reports - Most of these functions are automated;

Q529.- Control Clerk

A529.- In batch processing - they logged or scheduled input/outputand maintained correction or error logs - This position is obsolete now or automated

Q530.- IT Supervisor

A530.- Manages functions and responsibility of IT dept.

Q531.- File Librarian

A531.- store and protect programs and tapes from unauthorizeduses; Mostly automated and obsolete now

Q532.- Security Administrator

A532.- Assigns passwords and maintenance of passwords; - Usually responsible for overall security systems andsoftware

Q533.- System Administrators

A533.- 1. DBA - maintains and supports DB software; some of all ofthe security functions; plays more technical role than adminrole; Should not have write/update access in the productiondata - 2. Network Admin - supports computer network;troubleshoot and monitor network; sometimes called networkoperators, telecommunication analysts - 3. Web Admin - responsible for information on a website.

Q534.- Data Input Clerk

A534.- Prepares and verifies input data if this has not been passedonto end users

Q535.- Hardware Technician

A535.- Sets up and configures hardware and troubleshoots anyhardware problems

Q536.- Segregation of duty

A536.- - IT dept should not initiate or authorize any transactions; - it is harder to segregate duties in smaller organizations - Defined as dividing responsibilities for different portions oftransaction among several different people or depts.

Q537.- Separate duty within IT - System Analysts vs. Computer Programmers

A537.- System Analysts vs. Computer Programmers - if they notseparated one person would have too much control andpower; - System Analysts - designs overall computer system and incharge of hardware - Computer Programmers are in charge of software;application software;

Q538.- Separate duty within IT - Computer Operators vs Computer Programmers

A538.- if it is not separated they could make undetected andunauthorized program changes

Q539.- Separate duty within IT - Security Admins vs .Computer Operators vs ComputerProgrammers

A539.- If these are not separated then Sec Admin could give accessto himself and get all the power...

Q540.- LAN

A540.- LAN Definition - A communication system which is used to share hardware resources,programs and data files. It consists of the following: •the users •their workstations and applications •the network hardware which connects them •the network software which controls the system - A Local Area Network (LAN) can connect many types of computingdevices together such as microcomputers, minicomputers, mainframes,switches and routers. - A LAN defines the reach of a network, not the devices attached to it.Basically a LAN extends as far as the LAN cable.

Q541.- LAN Components

A541.- LAN Components ★ - The parts of a LAN are as follows: ★ •The File Server isthe heart and soul of the network. It houses the hard disk which is shared byeveryone and attached to it are printers which are also shared. ★ •Anymachine which contributes resources to the network “serves” the networkusers. Therefore, it is know as a server. Examples include print servers,communication servers (“gateways”) and tape servers. ★ •The NetworkOperating System (NOS) is the software which runs in the server and controlsthe network. ★ •The users sit at the workstations to do their work. These areregular computers attached to the network. The workstations run regulardesktop operating systems (Windows 98, 2000 Professional or XP) and inaddition, workstation software, which enables the workstations to talk to thenetwork. ★ •The physical connection to the network is made through a card,the Network Interface Card (NIC) which is installed inside every computer.Some networks also allow the cable to be attached to parallel or serial ports.

Q542.- E-Commerce

A542.- electronic consummation of exchange of transactions

Q543.- E-Business

A543.- More general term than e-commerce and refers to any use ofinformation technology in business.

Q544.- EDI

A544.- 1. One of the first types of e-commerce - 2. Computer to computer exchange of business transactiondocuments in structured formats that allow the directprocessing of the data by the receiving system. - 3. Been available since 1970s - 4. Reduced handling costs and increased processing speed

Q545.- EDI standard data format - Mapping

A545.- Means determining correspondence between data elementsin the org. terminology vs. standards in EDI terminology. - Once the mapping is done translation software can be used

Q546.- EDI Standards

A546.- US - ANSI X12 - EU - EDIFACT - XML becoming more visible - As of 2009[update], hundredsof XML-based languages have been developed,[3] includingRSS, Atom, SOAP, and XHTML. XML has become the defaultfile format for most office-productivity tools, includingMicrosoft Office, OpenOffice.org, AbiWord, and Apple's iWork

Q547.- Features of EDI

A547.- 1. Allows transmission of data between two trading partners - 2. Reduces handling costs and speeds up processing - 3. Requires all transaction to be in standard form - 4. Can be implemented using direct links, VANs or internet

Q548.- Uses of EDI

A548.- 1. used to permit trading partners to exchange info - 2. suppliers and buyers can use to speed up the process

Q549.- Cost of EDI

A549.- 1. Legal Cost - 2. Hardware - 3. Translation Software - 4. Data transmission cost - 5. Process reengineering and employee training cost - 6. Cost associated with security, monitoring and control

Q550.- EDI controls

A550.- - Preventive controls are crucial b/c the transactions areprocessed automatically with less human involvement - Data encryption should be preformed by physically securehardware b/c software encryption may be subject tounauthorized tampering from remote locations - Audit trails should include: - activity logs of failed transactions - network and sender/recipient acknowledgement

Q551.- EDI Risks

A551.- The greatest risk is the unauthorized access to theorganizations system

Q552.- EDI vs. E-Commerce

A552.- EDI: - 1. Expensive - 2. Slow - 3. More secure - 4. Uses private network (VAN) - E-commerce: - 1. Cheaper - 2. Less secure - 3. Fast - 4. uses internet (public) network

Q553.- B2B

A553.- Businesses sell to other businesses

Q554.- Electronic Market

A554.- B2B use internet to transact and there is no preexistingrelationship

Q555.- Direct Market

A555.- B2B occur electronically between businesses where there ispreexisting relationship

Q556.- B2B - E Commerce Advantages

A556.- 1. Speed - 2. Timing - 3. Personalization - when they return to the website, theyguide where they interested - 4. Security - private info is encrypted and if it doesn't gothrough the info is useless for the person trying to interfere - 5. Reliability - no opportunity for human errors - 6. Factors to consider - selection of the business model;channel conflicts (stealing from existing sales); legal issuesand security

Q557.- Components of B2B

A557.- 1. Internet - 2. Firewall - 3. Product catalog online - 4. Systems for inventory, order processing and fulfillmentsystem - 5. CR payment acceptance and method

Q558.- B2C vs. B2B

A558.- B2C - is less complex b/c there is less participants and haveonly one side of systems working to complete the trans; PMTis harder - B2B - is more complex b/c multiple departments and peopleinvolved; payment method is easier

Q559.- ERP

A559.- Cross functional enterprise system that integrates andautomates the many business processes that must worktogether in the manufacturing, logistics, distribution,accounting, finance, and HR; - Can work independently or as an integrated system to allowdata and info to be shared among all the diff departments; - It doesn't offer any planning tools; considered back officesystem.

Q560.- ERP - Functions

A560.- 1. Store info in a central place so everybody can get into it - 2. ERP systems act as the framework for integrating andimproving an organization’s ability to monitor and track sales,customer service and other bus. functions. - 3. Provides vital cross function info quickly to managers toassist decision making

Q561.- Supply Chain MGMT

A561.- Concerned with 4 important characteristics of every sale:what, when, where and how much; - Integration of business processes from the customer to theoriginal supplier and includes purchasing, material handling,production planning and control, logistics and warehousing,inv control, and product dist and delivery

Q562.- SCM Objectives

A562.- 1. Planning - forecasting, pricing and inventory mgmt - 2. Sourcing - procurement, cr and collections - 3. Making - designing, production scheduling and facilitymgmt - 4. Delivery - order mgmt and delivery scheduling

Q563.- CRM = Customer Relationship Mgmt System

A563.- Provides sales force automation in an attempt to managecustomer relationship. - Record and manage customer contacts - Manage salespeople - Forecast sales and sales targets

Q564.- CRM Objectives

A564.- Objectives are to increase customer satisfaction and thusincrease revenue and profitability. - Attempts to do this by appearing to market to eachcustomer individually. - 20% of the customer bring 80% of the revenue - 5-10 times harder to obtain new customer than retainexisting - Reduce sales and customer support costs - Identify the best customer and serve them more - drop theworst customer

Q565.- Categories of CRM System

A565.- a. Analytical - creates and exploits knowledge of current andfuture customers to drive bus. decisions - b. Operational - automation of customer contact points.

Q566.- EFT

A566.- Form of e-PMT. EFT uses variety of technologies to transact,process and verify money transfers and CR between banks,businesses and consumers. - Ex: Fedwire, ACH

Q567.- ASP

A567.- ADV: - 1. lower cost hardware and software and people standpoint - 2. greater flexibility - DISADV: - possible risks of security - privacy of the org. data - possible poor support by the ASP

Q568.- Computer Assisted Audit Techniques

A568.- 1. Transaction Tagging - 2. Embedded Audit Modules - 3. Test Deck (Data) - 4. Integrated test facility - 5.Parallel simulation

Q569.- Transaction Tagging

A569.- Means e - tag a transaction and follow it through the client'ssystem. Allows the auditor to test both the computerizedprocessing and manual handling of the transaction

Q570.- Embedded Audit Modules

A570.- Are sections of the application program code that collecttransaction data for the auditor

Q571.- Test Deck

A571.- Technique that uses an application program to process a setof test data, the results are already known. - The client's system is used to process auditor's data off-line - The test deck contains invalid conditions in which theauditor is interested in. The ADV of this technique is live datais not involved

Q572.- Integrated test facility

A572.- Similar to test data approach except that the test data iscomingled with live data. The client's system process theinput online. - The test data must separated from live data by processingthe test data to dummy accounts. The client personnel is notinformed about this

Q573.- Parallel Simulation

A573.- re-performance - The auditor re-processes some or all of the client's live dataand compares it to the client's file. Differences indicate thatthere have been changes to the program

Q574.- Generalized Audit Software Packages

A574.- Tasks performed: - examining transactions for control compliance - selecting items meeting specified criteria - recalculation amt and totals - reconciling data from two different files - performing stat analysis on transactions

Q575.- Generalized Audit Software Packages - ADV

A575.- 1. Enables auditors to select and test more transactions - 2. requires little technical knowledge - 3. reduce audit time w/out sacrificing quality

Q576.- Primary Roles of Business Information System

A576.- a. Process detailed data- transaction recording systemsprocesses the data necessary to conduct the business - b. Assist in making daily decisions - c. Assist in developing business strategies

Q577.- Hierarchy of Roles

A577.- Business information systems are designed to track thehierarchy/structure of the organization. More detailed = lower level Less detailed, broad = higher level

Q578.- Functional Perspective

A578.- In this perspective, Bus Info System could be divided intoHR, Finance, Legal and etc

Q579.- Components of Business Information System

A579.- 1. Hardware - 2. Software - 3. Network - 4. People - 5. Data (& Information)

Q580.- Information

A580.- is processed data that tells much more detailed story aboutan organization than just raw data.

Q581.- Accounting Info System

A581.- A well designed accounting info system will create audittrail. - Ex: Input (invoice) - Journal - Ledger-Trial Bal-Output(Financials) = Store original invoice

Q582.- Objectives of AIS

A582.- record valid transactions, properly classify transactions,record the transaction at their proper values, properaccounting period, and properly present the info on financials

Q583.- Decision Support System - (DSS)

A583.- is a computer based system that provides interactivesupport for managers during the decision making process. - This is an extension of MIS and useful for developinginformation directed toward making particular decision. - Often divided into Data Driven and Model Driven - Sometimes called Expert System. - Ex: underwriting system

Q584.- Management Info System - (MIS)

A584.- More of a reporting type of system; - Provides with reports for the end users

Q585.- Exec. Information System (EIS) or Exec. Support System

A585.- Gives senior mgmt easy and immediate access to internaland external info to assist them in monitoring businessconditions. - Assists in strategic decision making (not daily)

Q586.- Periodic Scheduled Reports

A586.- Traditional reports that display info in a predifined formatand made available on regular basis. (monthly financials)

Q587.- Exceptions Reports

A587.- produced when specific condition occurs. - Specific criteria established and any entity meets thecriteria are reported - (CR limit report)

Q588.- Demand Reports = Response Reports

A588.- Some info from MIS is available on demand. Manager canprint...

Q589.- AD HOC Reports (query)

A589.- Attractive and well designed features of MIS is the ability toprint demand ad hoc report.

Q590.- Push Reporting

A590.- Info can be pushed or sent to computer screen or desktop

Q591.- Computer Programmer - Application Programmer = SoftwareDeveloper=Software Engineer

A591.- responsible for writing and maintaining applicationprograms; - test programs and write up manuals; - Should not be given Write/Update access to dataproduction or unrestricted and uncontrolled access toapplication program change MGMT systems

Q592.- Computer Programmer - System Programmer =SystemAdmin

A592.- Responsible for installing, supporting, monitoring andmaintaining the operating system - often related to hardware; - Should not be given any Write/Update rights in the systeminput. Shouldn't have access to application program changeMGMT systems but it is hard to enforce b/c they know enoughto go around it...

Q593.- Computer Operator - almost obsolete

A593.- responsible for processing jobs, running and monitoringscheduled production jobs. - Almost obsolete job...

Q594.- Control Clerk - obsolete

A594.- In the old days-this person made sure the batches wereprocessed correctly by logging input and output-correctionlogs...

Q595.- File Librarian - most replaced by automation

A595.- protect programs and tapes from damage and unauthorizeduse

Q596.- Security Admin

A596.- Responsible for assignment and maintenance of passwords

Q597.- System Admin - Database Admin (DBA)

A597.- Maintains and supports database software. - Might perform some of the security functions... - Should not be write/update function

Q598.- Network Admin

A598.- supports computer networks. - Network performance monitoring and troubleshooting isespecially important

Q599.- Web Admin

A599.- responsible for information on a web site.

Q600.- Peripherals

A600.- These are devices that transfer data TO or FROM the CPU.Includes input and output devices... - Input - supply the data to be processed=keyboard, mice,micro, scanners - Output devices - transfer data from processing unit tovarious output media = speakers, printers...

Q601.- Classes of processors

A601.- Mainframes, mid range and mini computers; PCs

Q602.- Processing power

A602.- Often described in terms of MIPS (mill of inst. persec)...there are many other factors that determine the overallprocessing power. - For many applications, the speed of the input and outputdevices can be just as important

Q603.- Multiprocessing

A603.- Means coordinated processing of programs by more thanone processor. multiprocessing is more appropriate todescribe the use of multiple hardware CPUs

Q604.- Multiprogramming

A604.- is several parts of a program running at the same time on asingle processor.

Q605.- Parallel processing

A605.- simultaneous use of more than one computer to execute aprogram which 1st has to be divided into parts that can beexecuted separately...

Q606.- Operating system

A606.- is an interface between hardware and user; - It defines what commands can be issued and how they areissued; Also controls all input and output to main memory. - Ex: Windows, Linux, Unix

Q607.- Database MGMT System (DBMS)

A607.- It is a tool not a database. - DBMS is a set of computer programs that controls thecreation, maintenance, and the use of the database of anorganization and its end users. - Ex: Access, Oracle

Q608.- Bit

A608.- It is a binary digit (0 or 1) with which all computer data isstored

Q609.- Byte

A609.- Byte is a basic unit of measurement of information storagein computer science; is a group of normally 8 bits that canrepresent a number or a letter; - Sometimes called characters

Q610.- Field

A610.- Group of bytes in which a specific data element such as anemployee # or name is stored

Q611.- Record

A611.- Group of fields that represents the data that is being stored.Such as customer or A/R

Q612.- File

A612.- Collection of related records often arranged in some manner

Q613.- Database

A613.- Is a integrated collection of data records and files. - Most often centralizes and reduces redundancy of data.

Q614.- Batch Processing

A614.- A data entry technique in which items to be processed arecollected into groups of similar items and periodicallysubmitted to data entry. - Batch processing is efficient and relatively inexpensive ,but the processing lag time it introduces means that systemdata is not always current.

Q615.- Control Group

A615.- Independent department with Information Systemsresponsible for logging in all input to the system, monitoringdata processing procedures, & distributing output.

Q616.- Control Totals

A616.- Manually calculated totals of significant data fields in thedocuments of a batch; counts of the number of lines and/ordocuments in a batch. - control totals are reconciled to computer calculated totalsand are used to ensure accuracy and completeness of dataentry.

Q617.- Corrective Controls

A617.- Paired with detective controls, they attempt to reverse theeffects of the error or irregularity which has been detected. - Examples include maintenance of backup files, disasterrecovery plans & insurance.

Q618.- Database Management System (DBMS)

A618.- The program that manages the interface between applicationprograms such as accounts receivable update, payroll timecard processing.

Q619.- Decision Tables

A619.- A type of documentation that depicts logical relationships ofa processing system by identifying the decision points &processing alternatives.

Q620.- Detective Controls

A620.- "After the fact" controls designed to detect an error after ithas occurred (though preferably before it is used to updatethe database or appears in reports). - Examples: data entry edits (field checks, limit tests, etc) &reconciliation of batch control totals.

Q621.- Documentation

A621.- Descriptions of a program's input, processing, & outputprovided in overview (system documentation) & in detail(programming documentation) as well as instructions forrunning the program (run manuals, operationsdocumentation) & for reconciling the processing results (userdocumentation); - presented in a combination of flowcharts, decision tables &narrative.

Q622.- Encryption

A622.- The process of coding data so that it cannot be understoodwithout the correct decryption algorithm.

Q623.- External Labels

A623.- A tag placed on data storage media (floppy disks, magnetictape, CD's, etc) designed to prevent inadvertent use of thewrong file.

Q624.- File Server

A624.- In a Local Area Network, a computer that providescentralized access to program & data files.

Q625.- Firewall

A625.- A firewall consists of hardware, software, or both that helpdetect security problems and enforce security policies on acomputer system. - A firewall is like a door with a lock for a computer.

Q626.- Grandfather-Father-Son File Security Control

A626.- A technique used to maintain redundant backup copies(three "generations") of data files; - backup files are used to recover from systems failures inwhich data files are destroyed.

Q627.- Hash Totals

A627.- In batch processing, the summation of a field in sourcedocuments that has no inherent meaning (eg. in a payrollsystem, the sum of employees' social security numbers) butwhich can be used to control for accuracy & completeness ofdata entry & processing.

Q628.- Internal Labor (Header & Trailer Labels)

A628.- Descriptive information stored at the beginning & end of afile that identifies the file, the number of records in the file, &provides data enabling detection of processing errors.

Q629.- Preventive Controls

A629.- "Before the fact" controls designed to stop an error orirregularity from occurring. - Examples of preventive controls include locks on building& doors, password protected access to files, & segregation ofduties.

Q630.- Random Access

A630.- Data storage devices that permit direct access to anindividual data item. Magnetic disks (hard disks & floppydisks), CD-ROMs, & DVD disks all provide random access. - Contrast with magnetic tape which provides only sequentialaccess.

Q631.- Trojan Horse

A631.- A malicious program that is hidden inside a seeminglybenign file.

Q632.- Workstations (Terminals)

A632.- computers or terminals ("computers" without processingcapabilities; can only send & receive information) on anetwork on which users can perform work. - Contrast with a server, which only provides resources forthe network & is not available (normally) to individual users.

q001. - name and briefly describe the five major...

Documents

bec pannell

bec media_prezentare_word_camp_bg_2

bec mathematics

bec vantage practice test 1englishonlineclub.com/pdf/bec...

bec-sna report#2: bec-sna categorisation of indian imports

bec 6200wzl series 4g/lte cellular ... - bec...

bec higher

bec 6300vnl

bec @ jila

bec 8920ac

bec (reading)

bec bagalkot

date: 21 may 2015 our ref: sk-15-2057-q001-a tully de'ath...

bec business

bec guidebook

bec challenge

bec brochure

bec science

oxebridge q001 ver 1.2 final - en official

becsd.com bec