BEC 4

Question 1

Name and briefly describe the five major components that make up the information technology of an organization.

Answer 1

1. Hardware: Hardware is the actual physical computer or computer peripheral device.
2. Software: Software is the systems and programs that process data and turn that data into information.
3. Network: A network is made up of the communication media that allows multiple computers to share data and information simultaneously.
4. People: Many people have a role in IT, such as hardware technicians, network administrators, software developers, and end users.
5. Data: Data is raw facts.

Question 2

Describe the normal series of events in an accounting information system (AIS).

Answer 2

The series of events in an AIS is as follows:

1. The transaction data from source documents is entered into the AIS by an end user.
2. The original paper source documents are filed.
3. The transactions are recorded in the appropriate journal.
4. The transactions are posted to the general and subsidiary ledgers.
5. Trial balances are prepared.
6. Financial reports are generated.

Question 3

Name and briefly describe five different types of MIS reports.

Answer 3

1. Periodic Scheduled Reports: The traditional reports that display information in a predefined format and are made available on a regular basis to end users of the system.
2. Exception Reports: Reports produced when a specific condition or “exception” occurs.
3. Demand Reports: Specific reports that can be printed on demand.
4. Ad Hoc Reports: A report that does not currently exist but that can be created on demand without having to get a software developer involved.
5. Push Reports: A report that can actually be “pushed” or sent to a computer screen or computer desktop.

Question 4

What are the primary roles of business information systems?

Answer 4

The primary roles of business information systems are to:

1. Process detailed data.
2. Assist in making daily decisions.
3. Assist in developing business strategies.

Question 5

What are the various categories of business information systems?

Answer 5

The categories of business information systems are:

1. Transaction processing systems
2. Decision support systems
3. Management information systems
4. Executive information systems

Question 6

Describe the two types of processing used in a computerized environment.

Answer 6

Batch processing – periodic processing

Online, real-time (OLRT) processing (often referred to as “online processing”) – immediate processing

Question 7

What is a batch control total?

Answer 7

A batch control total (or batch total) is a manually calculated total that is compared-generated total as a means of testing the accuracy and completeness of the input and processing. Batch totals are used for numbers that are normally added, such as dollar amounts. Hash totals are used for numbers that are not normally added, such as account numbers.

Question 8

What is the distinction between centralized and distributed processing?

Answer 8

Centralized processing maintains data and performs data processing at one or more central locations. Decentralized processing occurs when computing power and processing are spread over many locations.

Question 9

What are the advantages and disadvantages of centralized processing?

Answer 9

Advantages of Centralized Processing
1. Data is secured better, once received.
2. Processing is consistent.
Disadvantages of Centralized Processing
1. The cost of transmitting large numbers of detailed transactions can be high.
2. There are increased processing power and data storage needs at the central location.
3. There is a reduction in local accountability.
4. Input/output bottlenecks may occur at high traffic times.
5. There may be a lack of ability to respond in a timely manner to information requests from remote locations.

Question 10

List and explain the steps in batch processing.

Answer 10

Batch processing is accomplished in two steps:

1. Create a Transaction File: The first step is to create the transaction file by manually (usually) keying the data (data entry), editing the data for completeness and accuracy, and making any necessary corrections.
2. Update the Master File: The second step is to update the master file by sorting the transaction file into the same order as the master file and then updating the relevant records in the master file from the transaction file.

Question 11

What is the major distinction between batch processing and online processing?

Answer 11

The major distinction between batch processing and online processing is that transactions in a batch processing system are processed in batches and not necessarily at the time those transactions are submitted. In online processing, transactions are processed as the transactions are entered.

Question 12

Identify functions that should be segregated in an IT department.

Answer 12

The duties of systems analysts, computer programmers, and computer operators should be segregated (although many companies combine systems analysts and computer programmers).

Question 13

What are the three types of programmed controls?

Answer 13

Programmed controls are:

1. Input controls
2. Processing controls
3. Output controls

Question 14

What are the five steps of the system development life cycle (SDLC)?

Answer 14

1. Systems analysis
2. Operations and maintenance
3. Implementation and conversion
4. Conceptual design
5. Physical design

Question 15

What are the three main functions of internal control objectives?

Answer 15

1. Preventive
2. Detective
3. Corrective

Question 16

What is the objective of executive systems (EIS)?

Answer 16

Executive information systems (executive support systems) provide senior executives with immediate and easy access to internal and external information to assist executives in monitoring business conditions. EIS assist in strategic, not daily, decision making.

Question 17

What is the decision support system (DSS)?

Answer 17

A decision support system is a computer-based information system that provides interactive support for managers during the decision-making process. A DSS is useful for developing information directed toward making particular decisions.

Question 18

What are transaction processing systems?

Answer 18

Transaction processing systems are the systems that process and record the routine, daily transactions necessary to conduct business.

Question 19

What is the objective of management information systems (MIS)?

Answer 19

To provide managerial and other end users with reports. These predefined management reports provide managers with the information they need to assist them in the business decision-making process.

Question 20

What are the five focus areas of the COBIT framework?

Answer 20

1. Strategic alignment
2. Value delivery
3. Resource management
4. Risk management
5. Performance measurement

Question 21

What are information criteria described by COBIT?

Hint: Remember the ICE RACE

Answer 21

Integrity
Confidentiality
Efficiency
Reliability
Availability
Compliance
Effectivenesss

Question 22

Why is it important to have segregation of duties between computer operators and computer programmers?

Answer 22

It is important that computer operators’ and computer programmers’ duties be segregated because a person performing both functions would have the opportunity to make unauthorized and undetected program changes.

Question 23

What characteristics of a computerized system might lead to a higher potential for errors and irregularities than in manual systems?

Answer 23

The characteristics of a computerized systems that might lead to a higher potential for errors and irregularities than in manual systems include the following:

1. The following for remote access increases the likelihood for unauthorized access.
2. Concentration of information means that once security is breached, the potential for damage is higher.
3. Decreased human involvement in processing results in a decreased opportunity for observation of errors.
4. Errors or fraud might occur in the design or maintenance of application programs.

Question 24

Why is it important to safeguard files and records?

Answer 24

Safeguarding of files and records is important because inadequate protection may result in loss or damage that might drive an organization out of business; hardware can always be replaced, but data often cannot be.

Question 25

What is encryption?

Answer 25

Encryption involves using a password or a digital key to scramble a readable (plaintext) message into an unreadable (ciphertext) message. The intended recipient of the message then uses either the same or another digital key (depending on the encryption method) to convert the ciphertext message back into plaintext.

Question 26

What characteristics should a password management policy address?

Answer 26

1. Password Length: The longer the better. Passwords should be greater than seven characters. Many organizations standardize on eight characters.
2. Password Complexity: Complex passwords feature three of the following four characteristics: uppercase characters, lowercase characters, numeric characters, and ASCII characters (e.g., !@#$%^&*?).
3. Password Age: The National Security Agency (NSA) recommends that passwords should be changed every 90 days. Administrative passwords should be changed more frequently.
4. Password Reuse: The NSA recommends that password resuse of the previous 24 passwords be restricted. The goal is to prevent users from alternating between their favorite two or three passwords.

Question 27

What are four types of policy?

Answer 27

1. Program-level policy
2. Program-specific policy
3. Issue-specific policy
4. System-specific policy

Question 28

Distinguish between digital signatures and e-signatures.

Answer 28

Digital signatures use asymmetric encryption to create legally binding electronic documents. Web-based e-signatures are an alternative mechanism for accomplishing the same objective. An e-signature is a cursive-style imprint of a person’s name that is applied to an electronic document.

Question 29

What defines an information security policy?

Answer 29

Information security policies state how an organization plans to protect its tangible and intangible information assets.

Question 30

How can the Internet be defined?

Answer 30

The Internet is an international network composed of servers around the world that communicate with each other.

Question 31

Identify the costs associated with implementing EDI.

Answer 31

1. Legal costs
2. Hardware costs
3. Costs of translation software
4. Costs of data transmission
5. Process reengineering and employee training costs for affected applications
6. Costs associated with security, monitoring, and control procedures.

Question 32

Define B2B transactions and identify the three different markets.

Answer 32

When a business sells its products or services to other businesses, it is called a Business-to-Business (B2B) transaction.

1. B2B e-Commerce: Many businesses buy, sell, or trade their products and services with other businesses.
2. Electronic Market: It is very common for B2B transactions to occur electronically via the Internet.
3. Direct Market: It also is very common for B2B transactions to occur electronically between businesses when there is a preexisting relationship.

Question 33

Identify some advantages of B2B e-Commerce.

Answer 33

1. Speed
2. Timing
3. Personalization
4. Security
5. Reliability

Question 34

Define electronic funds transfer (EFT) systems.

Answer 34

EFT systems are a major form of electronic payment for banking and retailing industries. EFT uses a variety of technologies to transact, process, and verify money transfers and credits between banks, businesses, and consumers. The Federal Reserve wire system is used very frequently in EFT to reduce the time and expense required to process checks and credit transactions.

Question 35

Define EDI.

Answer 35

EDI is the computer-to-computer exchange of business transaction documents.

Question 36

How are EDI transactions submitted, and what is mapping?

Answer 36

EDI transactions are submitted in a standard data format.

Mapping is the process of determining the correspondence between elements in a company’s terminology and elements in standard EDI terminology.

Question 37

What are the characteristics and features of EDI?

Answer 37

The characteristics and features of EDI are the following:

1. EDI allows the transmission of electronic documents between computer systems in different organizations.
2. EDI reduces handling costs and speed transaction processing.
3. EDI requires that all transactions be submitted in a standard data format.
4. EDI can be implemented using direct links, VANs, or over the Internet.

Question 38

What are some controls for an EDI system?

Answer 38

Controls for an EDI system might include:

1. Encryption of data.
2. Activity logs of failed transactions.
3. Network and sender/recipient acknowledgments.

Question 39

What is e-Commerce?

Answer 39

E-Commerce involves electronic consummation of exchange transactions. E-Commerce normally implies the use of the Internet.

Question 40

What are the risks in a business information system?

Answer 40

The risks in a business information system are:

1. Strategic risk
2. Operating risk
3. Financial risk
4. Information risk

Question 41

What are access controls?

Answer 41

Access controls limit access to documentation, data files, programs, and computer hardware to authorized personnel. Examples include locks, passwords, user identification codes, assignment of security levels, callbacks on dial-up systems, the setting of file attributes, and the use of firewalls.

Question 42

What is a firewall?

Answer 42

A firewall is a system, often both hardware and software, of user identification and authentication that prevents unauthorized users from gaining access to network resources.

Question 43

What is disaster recovery and what is the difference between a hot site and a cold site?

Answer 43

Disaster recovery consists of plans for continuing operations in the event of destruction of not only programs and data but also processing capability.

A hot site is an off-site location that is equipped to take over a company’s data processing. A cold site is an off-site location that has all of the electrical connections and other physical requirements for data processing but does not have the actual equipment.

Question 44

What are three types of backups?

Answer 44

1. Full backup
2. Incremental backup
3. Differential backup

Question 45

What are three types of disaster recovery?

Answer 45

1. Disaster recovery service
2. Internal disaster recovery
3. Multiple data center backups

Question 46

What are the three types of off-site location?

Answer 46

1. Cold site
2. Warm site
3. Hot site

Question 47

What is the disadvantage of a disaster recovery and business continuity plan?

Answer 47

The disadvantage is the cost and effort required to implement the plan.

Question 48

Identify the four main functions of a DBMS.

Answer 48

1. Database development
2. Database entry
3. Database maintenance
4. Application development

Question 49

Identify seven components of a LAN.

Answer 49

1. Node
2. Workstation
3. Server
4. Network Interface Card (NIC)
5. Transmission Media
6. Network Operating System (NOS)
7. Communications Device

Question 50

Identify the two types of networks that can be used to provide WAN communications services.

Answer 50

Value Added Network: Privately owned communication network that provides additional services beyond standard data transmission

Internet-Based Network: Uses Internet protocols and public communications channels to establish network communications

Question 51

List some of the features of a value added network (VAN).

Answer 51

A value added network:

• Is privately owned
• Provides additional services
• Provides good security
• Uses periodic (batch) processing
• May be expensive

Question 52

List some of the features of an internet-based network.

Answer 52

An Internet-based network:

• Uses public communications channels
• Transmits transactions immediately
• Is relatively affordable
• Increases the number of potential trading partners

Question 53

What is the difference between an intranet and an extranet?

Answer 53

An intranet connects geographically separate LANs within a company, whereas an extranet permits specified external parties to access the company’s network.

Question 54

What is the basic difference between a database and a database management system?

Answer 54

A database is an integrated collection of data records and data files. A database management system (DBMS) is the software that allows an organization to create, use, and maintain a database.

Question 55

What is a data warehouse and what is data mining?

Answer 55

A data warehouse is a collection of databases that store both operations and management data.

Data mining is the processing of data in a data warehouse to attempt to identify trends and patterns of business activity.

Question 56

What are some advantages of a DBMS?

Answer 56

Advantages of a DBMS include:

1. Data redundancy and inconsistency are reduced.
2. Data sharing exists.
3. Data independence exists.
4. Data standardization exists.
5. Data security is improved.
6. Data fields can be expanded without adverse effects on application programs.

Question 57

What is the basic difference between WANs and LANs?

Answer 57

The basic difference between WANs and LANs is distance. LANs normally are within a fairly limited distance, and WANs allow a much longer distance.

Question 58

What are some of the similarities and differences between the Internet, intranets, and extranets?

Answer 58

The Internet, intranets, and extranets all use Internet protocols and public communication networks rather that proprietary protocols and networks so that the same browsers can be used.

Intranets connect LANs within a company. Extranets allow a company’s customers and suppliers to access the company’s network.