BEC 6 Flashcards
the primary objective of data security controls
to ensure that storage media are subject to authorization prior to access, change, or destruction
why must ensure segregation of duties of system analysts and computer programmers
SA design an information system to meet user needs where as CP use that design to write computer programs to create the IS. if the same person is in charge of hardware and software, that person can easily bypass security systems without anyone knowing and steal organizational information or assets.
why must ensure segregation of duties of computer operators and computer programmers
if the same person in charge, that person can make unauthorized and undetected program changes.
why must ensure segregation of duties of security administrator with computer programmers and operators
Security admin is in charge of restricting access to systems, applications, or databases to the appropriate personnel. if same person in charge of security admin with either CP or computer operator, the person could give him or herself or anyone access to areas that they are not authorized to enter.
characteristics of just in time system
Just-in-time has the goal to minimize the level of inventory carried. Typical characteristics include lot sizes equal to one, insignificant set-up times and costs, and balanced and level workloads. In a just-in-time environment, the flow of goods is controlled by a “pull” approach, where an item is produced only when it is needed down the line, and not a “push-through” system.
it usually results in a reduction in the number of suppliers. Because a company that adopts J-I-T is very dependent on supplier performance, usually fewer suppliers are used and a very close working relationship is developed with existing suppliers.
what would be most beneficial to use JIT system
inventory carrying costs increasing and costs per purchase order decreasing
five areas of focus for IT governance
strategic alignment, value delivery, resource management, risk management, performance measures
formula of calculating the expected monetary value of risk event
= costs to correct risk event * estimated risk probability + cost of risk event not occurring * remaining estimated risk probability
what is Kaizen?
one type of lean manufacturing: Kaizen, or continuous improvement, occurs at the manufacturing stage where the ongoing search for cost reductions takes the form of analysis of production processes to ensure that resource uses stay within target costs.
data admin vs database admin
the data admin is in charge of design and control of the data in the data dictionary. A database administrator is responsible for the actual database software, while a data administrator is responsible for the definition, planning, and control of the data within a database or databases. The function of a database administrator is more technical, and the function of a data administrator is more administrative.
What is EDI (electronic data interchange)
EDI (electronic data interchange) is the exchange of business transaction documents from one computer to another. Because this exchange is significantly faster than paper exchanges, inventory can be reordered (and ultimately received) much faster than with traditional ordering systems. As a result, an inventory stock out becomes much less of a risk. but It is not a tool used specifically for collaboration between humans.
gap analysis
Gap analysis determines the difference between industry best practices and current company practices. It focuses on quality as it identifies areas that need improvement to meet industry best practices.
absolute conformance
Absolute conformance represents perfect compliance with pre-established levels of quality.
lean manufacturing
The main objective in lean manufacturing is waste reduction. Although customer requirements and demand-pull serve as the basis for the approach, quality is not the preeminent concept.
TQM
Total quality management is driven by customer satisfaction and continuous product improvement.
