BEC 4

Question 1

Name and briefly describe the 5 major components that make up the info technology of an organization.

Answer 1

1. Hardware: actual physical computer/computer peripheral device
2. Software: systems and programs that process data and turn that data into info
3. Network: made up of the communication media that allows multiple computers to share data and info simultaneously
4. People: many people have a role in IT, such as hardware technicians, network administrators, software developers, and end users
5. Data: raw facs

Question 2

What are the 5 functions performed on data in a business information system?

Answer 2

1. Collect
2. Process
3. Store
4. Transform
5. Distribute

Question 3

Describe the normal series of events in an accounting information system (AIS).

Answer 3

1. Transaction data from source documents is entered into the AIS by the end user
2. The original paper source documents are filed
3. The transactions are recorded in the appropriate journal
4. The transactions are posted to the general and subsidiary ledgers
5. Trial balances are prepared
6. Adjustments, accurals, and corrections are entered
7. Financial reports are generated

Question 4

Name and briefly describe six different types of MIS reports

Answer 4

1. Periodic schedules reports: traditional reports that display info in a predefined format and are made available on a regular basis to end users of the system
2. Exception reports: reports produced when a specific condition or “exception” occurs
3. Demand reports: specific reports that can be printed on demand
4. Ad hoc reports: report that does not currently exist but that can be created on demand without having to get a software developer involved
5. Push reports: report that can actually be “pushed” or sent to a computer screen or computer desktop
6. Dashboard reports: report used by a company to present summary info necessary for management action

Question 5

What are the primary roles of business information systems?

Answer 5

1. Process detailed data
2. Assist in making daily decisions
3. Assist in developing business strategies
4. Take orders from customers

Question 6

Describe the two types of processing used in a computerized environment

Answer 6

Batch processing - periodic processing

Online, real-time (OLRT) processing (often referred to as “online processing”) - immediate processing

Question 7

What is a batch control total and how does it differ from a hash total?

Answer 7

Batch control total (or batch total) is a manually calculated total that is compared to a computer-generated total as a means of testing the accuracy and completeness of the input and processing.

Batch totals are used for numbers that are normally added, such as dollar amounts.

Hash totals are used for numbers that are not normally added, such as account numbers.

Question 8

What is the distinction between centralized and decentralized (distributed) processing?

Answer 8

Centralized processing maintains data and performs data processing at one or more central locations.

Decentralized processing occurs when computer power and processing are spread over many locations

Question 9

What are the advantages and disadvantages of centralized processing?

Answer 9

Advantages:
1. Data is secured better, once received
2. Processing is consistent

Disadvantages:
1. Cost of transmitting large numbers of detailed transactions can be high
2. Increased processing power and data storage needs at the central location
3. Reduction in local accountability
4. Input/output bottlenecks may occur at high traffic times
5. Lack of ability to respond in a timely manner to information requests from remote locations
6. Entire organization may be vulnerable to problems incurred at a single location

Question 10

List and explain the steps in batch processing

Answer 10

Accomplished in 2 steps:
1. Create a transaction file: by manually (usually) keying the data (data entry), editing the data for completeness and accuracy, and making any necessary corrections

2. Update the master file: by sorting the transaction file into the same order as the master file and then updating the relevant records in the master file from the transaction file

Question 11

What is the major distinction between batch processing and online processing?

Answer 11

Transaction in batch processing system are processed in batches and not necessarily at the time those transactions are submitted.

In online processing, transactions are processed as the transactions are entered.

Question 12

What are the various categories of business information systems?

Answer 12

1. Transaction processing systems
2. Decision support systems
3. Management information systems
4. Executive information systems

Question 13

Identify functions that should be segregated in an IT department

Answer 13

Duties of systems analysts, computer programmers, and computer operators should be segregated (although many companies combine systems analysts and computer programmers)

Question 14

What are 3 types of programmed controls?

Answer 14

1. Input controls
2. Processing controls
3. Output controls

Question 15

What are the 6 steps of the system development life cycle (SDLC)?

Answer 15

1. System analysis
2. Conceptual and physical design
3. Implementation and conversion
4. Training
5. Testing
6. Operations and maintenance

Question 16

What is the objective of executive information systems (EIS)?

Answer 16

Provide senior executives with immediate and easy access to internal and external information to assist executives in monitoring business conditions.

EIS assist in strategic, not daily, decision making

Question 17

What is the decision support system (DSS)?

Answer 17

Computer-based information system that provides interactive support for managers during the decision-making process.

DSS is useful for developing information directed toward making particular decisions

Question 18

What are transaction processing systems?

Answer 18

Systems that process and record the routine, daily transactions necessary to conduct business

Question 19

What is the objective of management information system (MIS)?

Answer 19

Provide managerial and other end users with reports. These predefined management reports provide managers with the information they need to assist them in the business decision-making process

Question 20

What are the 5 focus areas of the COBIT framework?

Answer 20

1. Strategic alignment
2. Value delivery
3. Resource management
4. Risk management
5. Performance measurement

Question 21

What are information criteria described by COBIT?

(Remember the ICE RACE)

Answer 21

• (I)ntegrity
• (C)onfidentiality
• (E)fficiency
• (R)eliability
• (A)vailability
• (C)ompliance
• (E)ffectiveness

Question 22

Identify the four domains and related process of the COBIT framework

Answer 22

• Plan and organize (direct)
• Acquire and implement (solution)
• Deliver and support (service)
• Monitor and evaluate (ensure direction followed)

Question 23

Why is it important to have segregation of duties between computer operators and computer programmers?

Answer 23

Because a person performing both functions would have the opportunity to make unauthorized and undetected program changes

Question 24

Why is it important to safeguard files and records?

Answer 24

Inadequate protection may result in loss or damage that might drive an organization out of business; hardware can always be replaced, but data often cannot be

Question 25

What is encryption?

Answer 25

Using a password or a digital key to scramble a readable (plaintext) message into an unreadable (ciphertext message). The intended recipient of the message then uses either the same or another digital key (depending on the encyrption method) to conver the ciphertext message back into plaintext

Question 26

What characteristics should a password management policy address?

Answer 26

1. Password length: longer the better. Should be greater than seven characters. Many organizations standardize on eight characters
2. Password complexity: features 3 of the following 4 characteristics: uppercase, lowercase, numeric, and ASCII characters (e.g., ! @ # $ % ^ & * or ?)
3. Password age: National Security Agency (NSA) recommends that passwords be changed every 90 days. Administrative passwords should be changed more frequently
4. Password reuse: The NSA recommends that password reuse of the previous 24 passwords be restricted. The goal is to prevent users from alternating between their favorite two or three passwords.

Question 27

What are the 4 types of computer securities policies?

Answer 27

1. Program-level policy
2. Program-framework policy
3. Issue-specific policy
4. System-specific policy

Question 28

Distinguish between digital signatures and e-signatures

Answer 28

Digital signatures - use asymmetric encryption to create legally binding electronic documents.

Web-based e-signatures are an alternative mechanism for accomplishing same objective.

An e-signature is a cursive-style imprint of a person’s name that is applied to an electronic document and is also considered legally binding.

Question 29

What defines an information security policy?

Answer 29

States how an organization plans to protect its tangible and intangible information assets

Question 30

How can the Internet be defined?

Answer 30

International network composed of servers around the world that communicate with each other

Question 31

Identify the costs associated with implementing EDI

Answer 31

1. Legal costs
2. Hardware costs
3. Costs of translation software
4. Costs of data transmission
5. Process reengineering and employee training costs for affected applications
6. Costs associated with security, monitoring, and control procedures

Question 32

Define B2B transactions and identify the 3 different markets

Answer 32

B2B transaction = When a business sells its products/services to other businesses

1. B2B e-commerce: many businesses buy, sell, or trade their products and services with other businesses.
2. Electronic market: very common for B2B transactions to occur electronically via the Internet
3. Direct market: also very common for B2B transactions to occur electronically between businesses when there is a preexisting relationship

Question 33

Identify some advantages of B2B e-commerce

Answer 33

1. Speed
2. Time
3. Personalization
4. Security
5. Reliability

Question 34

Define electronic funds tranfer (EFT) systems

Answer 34

Major form of electronic payment for banking and retailing industries.

Uses a variety of technologies to transact, process, and verify money transfers and credits between banks, businesses, and consumers.

The Federal Reserve wire system is used very frequently in EFT to reduce the time and expense required to process checks and credit transactions

Question 35

Define EDI

Answer 35

Computer-to-computer exchange of business transaction documents in structured formats that allows for direct processing of the data by the receiving system

Question 36

How are EDI transactions submitted, and what is mapping?

Answer 36

Submitted in a standard data format

Mapping is the process of determining the correspondence between elements in a company’s terminology and elements in standard EDI terminology

Question 37

What are the features of EDI?

Answer 37

1. Allows transmission of elecronic documents between computer systems in different organizations
2. Reduces handling costs and speeds transaction processing
3. Requires that all transactions be submitted in a standard data format
4. Can be implemented using direct links, VANs, or over the Internet

Question 38

What are some controls for an EDI system?

Answer 38

1. Encryption of data
2. Activity logs of failed transaction
3. Network and sender/recipient acknowledgments

Question 39

What is e-commerce?

Answer 39

Involves electronic consummation of exchange transactions.

Normally implies the use of the Internet but a private network can also be used

Question 40

How does EDI differ from e-commerce on a cost, security, speed, and network basis?

Answer 40

• Cost: EDI is more expensive than e-commerce
• Security: EDI is more secure than e-commerce
• Speed: E-commerce is faster than EDI
• Network: EDI uses VAN (private) and e-commerce uses the Internet (public)

Question 41

Define and describe the purpose of business processing reengineering (BPR).

Answer 41

Analysis and design of business processes and information systems to achieve significant performance improvements.

Purpose is to simplify the system, make it more effective, and improve entity’s quality & service

Question 42

Define and describe the purpose of enterprise resource planning (ERP).

Answer 42

Cross-functional enterprise system that integrates and automates the many business processes and systems that must work together in various functions (e.g., manufacturing, distribution, human resources) of a business

Question 43

Supply chain management is concerned with what 4 characteristics of every sale?

Answer 43

• Goods received should match goods ordered (What)
• Goods should be delivered by the date promised (When)
• Goods should be delivered to the location requested (Where)
• Goods’ cost should be the lowest price (How much)

Question 44

Compare and contract HTML, HTTP, and URL

Answer 44

• Hypertext markup language (HTML) is a tag-based formatting language used for Web Pages
• Hypertext transfer protocol (HTTP) is the communications protocol used to transfer Web pages on the World Wide Web
• Uniform resource locator (URL) is the technical name for a Web address, which direct users to a specific location on the Web

Question 45

What are the risks in a business information system?

Answer 45

1. Strategic risk
2. Operating risk
3. Financial risk
4. Information risk

Question 46

Name the 5 threats in a computerized environment

Answer 46

1. Virus
2. Worm
3. Trojan horse
4. Denial-of-service attack
5. Phishing

Question 47

What are access controls?

Answer 47

Limit access to documentation, data files, programs, and computer hardware to authorized personnel.

Ex: locks, passwords, users identification codes, assignment of security levels, callbacks on dial-up systems, the setting of file attributes, and the use of firewalls

Question 48

What is a firewall?

Answer 48

System, often both hardware and software, of user identification and authentification that prevents unauthorized users from gaining access to network resources

Question 49

What is disaster recovery and what is the difference between a hot site and a cold site?

Answer 49

Disaster recovery consists of plans for continuing operations in the event of destruction of not only programs and data but also processing capability

A hot site is an off-site location that is equipped to take over a company’s data processing.

A cold site is an off-site location that has all of the electrical connections and other physical requirements for data processing but does not have the actual equipment

Question 50

What are 3 types of backups to perform to recover lost data?

Answer 50

1. Full backup
2. Incremental backup
3. Differential backup

Question 51

What are 3 types of disaster recovery?

Answer 51

1. Disaster recovery service
2. Internal disaster recovery
3. Multiple data center backups

Question 52

What are the 3 types of off-site location?

Answer 52

1. Cold site
2. Warm site
3. Hot site

Question 53

What is the disadvantages of a disaster recovery and business continuity plan?

Answer 53

Cost and effort required to implement the plan

Question 54

Identify the 4 main functions of a DBMS

Answer 54

1. Database development
2. Database query
3. Database maintenance
4. Application development

Question 55

Identify 9 components of a LAN

Answer 55

1. Node
2. Workstation
3. Server
4. Network Interface Card (NIC)
5. Transmission media
6. Network Operating System (NOS)
7. Communications Device
8. Communication/Network Protocols
9. Gateways and Routers

Question 56

Identify the 2 types of networks that can be used to provide WAN communications services

Answer 56

Value added network: Privately owned communication network that provides additional services beyond standard data transmission

Internet-based network: Uses Internet protocols and public communications channels to establish network communications

Question 57

List some of the features of a value added network (VAN)

Answer 57

• Privately owned
• Provides additional services
• Provides good security
• Uses periodic (batch) processing
• May be expensive

Question 58

List some of the features of an Internet-based network

Answer 58

• Uses public communications channels
• Transmits transactions immediately
• Relatively affordable
• Increases the number of potential trading partners

Question 59

What is the difference between an intranet and an extranet?

Answer 59

Intranet - connects geographically separate LANs within a company

Extranet - permits specified external parties to access the company’s network

Question 60

What is the basic difference between a database and a database management system?

Answer 60

Database - integrated collection of data records and data files

Database management system (DBMS) - software that allows an organization to create, use, and maintain a database

Question 61

What is a data warehouse and what is data mining?

Answer 61

Data warehouse - collection of databases that store both operations and management data

Data mining - processing of data in a data warehouse to attempt to identify trends and patterns of business activity

Question 62

What are some advantages of a DBMS?

Answer 62

1. Data redundancy and inconsistency are reduced
2. Data sharing exists
3. Data independence exists
4. Data standardization exists
5. Data security is improved
6. Data fields can be expanded without adverse effects on application programs
7. Timeliness, effectiveness, and availability of information is enhanced

Question 63

What is the basic difference between WANs and LANs?

Answer 63

Distance

LANs normally are within a fairly limited distance, and WANs allow a much longer distance

Question 64

What are some of the similarities and differences between the Internet, intranets, and extranets?

Answer 64

All use Internet protocols and public communication networks rather than proprietary protocols and networks so that the same browsers can be used.

Intranets connect LANs within a company.
Extranets allow a company’s customers and suppliers to access the company’s network.