Information Technology

Question 1

IC

Which IT personnel roles should always be segregated?

Answer 1

Operators

Programmers

Librarians

Question 2

IC

Systems Analyst duties

Note: Think IT Manager

Answer 2

Designs / purchases IT system

Flowcharts

Liaison Users and Programmers

Question 3

IC

Systems Administrator duties

Answer 3

Primary: Control database access.

Writes- Updates- Maintains- & Tests

Software, Systems and compilers

Question 4

IC

Duties a Systems Programmer should NOT have?

Answer 4

APPLICATION programming

Operator on the system.

Question 5

IC

Systems Operator duties

Answer 5

Schedules and Monitors Jobs

Runs IT Help Desk

Question 6

IC

Duties a System Operator should NOT have?

Answer 6

Should not be a Programmer on the system.

Question 7

IC

If it is not possible to segregate duties in an IT System-

what actions should be taken to compensate for internal control purposes?

Answer 7

Include Computer Logs.

Control Group should review the logs.

Question 8

SYSTEMS

Management Information System (MIS) purpose

Answer 8

provide past, present, future information

for planning, organizing, controlling operations.

Question 9

SYSTEMS

What is an Accounting Information System (AIS)?

Answer 9

A type of MIS that processes accounting transactions.

Question 10

SYSTEMS

Executive Information System (EIS) characteristics

Answer 10

Specialized for Company Executive needs

Assists with Strategy Only

No Decision-Making Capabilities

Question 11

SYSTEMS

Expert System (ES) characteristics

* type of AI

Answer 11

Computer uses reasoning methods to data

Structured

No human interpretation needed

Question 12

SYSTEMS

Decision Support System (DSS) characteristics

Answer 12

Computer combines models and data to resolve unstructured problems.

Gives Interactive Support

Human interpretation needed

Question 13

Ad Hoc computer report characteristics

Answer 13

User initiated

on demand

Question 14

IC - APPLICATION CONTROL

When are Exception reports generated?

Answer 14

When Edit Tests- Check Digits- or Self-Checking Digits identify a problem

Question 15

What is End-User Computing?

Answer 15

The User develops and executes their own application.

Question 16

E-COMMERCE

Risks

Answer 16

Security

Availability

Processing Integrity

Online Privacy

Confidentiality

Compromised data or theft.

Paper trail for auditors.

Question 17

E-COMMERCE

Benefit

Answer 17

Easier business transactions

Question 18

E-COMMERCE

EDI benefits

Answer 18

Uses globally-accepted standards

Quick

Accurate

Efficient

Question 19

What is a File Server?

Answer 19

Stores shared programs and documents.

Question 20

INTERNET

VAN (Value-Added Network) characteristics

Answer 20

Costly

Privately-owned Network

3rd Party Between 2 Companies Routes EDI Trx

Accepts wide range of Protocols

Question 21

LAN (Local Area Network)

purpose

Answer 21

It connects computers in close proximity.

Question 22

INTERNET

WAN purpose

Answer 22

It connects computers that are far apart.

Question 23

INTERNET

What is the purpose of a Firewall?

Answer 23

Prevents unauthorized access to a network.

Question 24

INTERNET

What are the characteristics of a virus?

Answer 24

Takes over a computer

Needs a host program to run

Question 25

INTERNET What are the characteristics of a computer worm?

Answer 25

Takes over multiple computers Doesn't need a host program to run

Question 26

What is RAM?

Answer 26

Internal memory in the computer used during immediate processing.

Question 27

What is a CPU?

Answer 27

Processes commands within a computer.

Question 28

Input devices?

Answer 28

Scanner Magnetic Ink Reader Magnetic Tape Reader EDI Point of Sale Scanner

Question 29

SOFTWARE What is Job Control Language?

Answer 29

It schedules and allocates system resources.

Question 30

What is the purpose of Automated Equipment Controls?

Answer 30

They prevent and detect hardware errors.

Question 31

Magnetic Disks characteristics?

Answer 31

Random Access - Finds data in random spots Faster data retrieval Uses Boundary Protection for data

Question 32

IC What are Parity Checks?

Answer 32

A control that detects internal data errors. A bit is added to each character- it checks to see if a bit was lost.

Question 33

IC What is an Echo Check?

Answer 33

Transmitted data is returned to the sender for verification (it echoes back to the sender)

Question 34

IC What is a Change Control?

Answer 34

It authorizes program changes and approves program test results. Code comparison program can compare controlled copy of s/w with in-use s/w

Question 35

What is a Gateway?

Answer 35

Connects one network to another Note: the Internet is connected by Gateways

Question 36

What is security software?

Answer 36

Software that controls access to IT systems. ..not anti-virus software

Question 37

Purpose of a Digital Signature?

Answer 37

It confirms a message has not been altered.

Question 38

Sys Dev What is the duty of a design engineer?

Answer 38

Determine language used for a specific computer on a computer-to-computer basis

Question 39

SOFTWARE How can source programs be recognized?

Answer 39

They are written in a language close to English.

Question 40

SOFTWARE Purpose of a Compiler?

Answer 40

Takes Source language (English) and converts to Object (Computer) Language

Question 41

INPUT VALIDATION What is a hash total?

Answer 41

An input control number a meaningless sum of values included in the input.

Question 42

PROCESSING How does Online Analytical Processing work?

Answer 42

It uses a Data Warehouse to support management decision making.

Question 43

PROCESSING What is Data Mining?

Answer 43

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse. Explain, confirm, explore relationships

Question 44

PROCESSING Purpose of online transaction processing?

Answer 44

To process a company's routine transactions.

Question 45

PROCESSING Characteristics of batch processing?

Answer 45

Data held- updates multiple files all at once Leaves a better audit trail Uses Grandfather-Father-Son backup (3 levels of backup kept in 3 locations)

Question 46

Processing control check?

Answer 46

Checks if data processing produced proper output

Question 47

INPUT VALIDATION Validity check

Answer 47

Checks to see if data in existing tables or files belongs in the set For example- is there a # in an alpha-only field or a letter in a numeric-only field

Question 48

INPUT VALIDATION Limit check?

Answer 48

Checks to see if numbers surpass a certain limit i.e. in an age field is the number greater than 110.

Question 49

INPUT VALIDATION Check digit?

Answer 49

An input control that adds an identification number to a set of digits – usually at the end

Question 50

INPUT VALIDATION Field check?

Answer 50

An input check that prevents invalid characters i.e. checks for alphabetic letters in a SSN field

Question 51

What is Data Mining?

Answer 51

Using artificial intelligence and pattern recognition to analyze data stores within a Data Warehouse.

Question 52

Cold Site?

Answer 52

If a main system goes down- a Cold Site will take time to get set up and running.

Question 53

DATA STRUCTURES What is the most common database language?

Answer 53

SQL - Standard Query Language DDL (definition) DML (manipulation) DCL (control)

Question 54

DATA STRUCTURE DDL What is a Data Definition Language?

Answer 54

Defines SQL Database Controls SQL Tables

Question 55

DATA STRUCTURE DML What is a Data Manipulation Language?

Answer 55

Queries SQL Database tables Maintain - update, insert, modify

Question 56

DATA STRUCTURE DCL What is a Data Control Language?

Answer 56

Controls Access to SQL Database

Question 57

DATA STRUCTURE Relational Database characteristics

Answer 57

Logical structure Uses rows and columns similar to spreadsheet

Question 58

DATA STRUCTURE Hierarchical Database characteristics

Answer 58

Has various levels Uses trees to store data

Question 59

DATA STRUCTURE Database advantages

Answer 59

Data is more accessible Data independence from Apps Reduced redundancy

Question 60

Sys Dev - Overall lifecycle

Answer 60

* Plan * Analysis * Design * Develop * Testing * Implement * Maintain

Question 61

DATA STRUCTURE Database disadvantages

Answer 61

Cost of installation Skilled personnel required to maintain

Question 62

DATA STRUCTURE Components of a database?

Answer 62

Desktop client Application Server Database Server Think: Your desktop computer runs applications and saves to a database

Question 63

What is the most common database language?

Answer 63

SQL - Standard Query Language

Question 64

Sys Dev - Planning

Answer 64

* Id problem * Define system based on strategic goals * Scope determination * Project Plan development * Initial feasibility

Question 65

Sys Dev - Analysis

Answer 65

Terms to understand: * Requirements * Model * Needs Assessment * Gap Analysis from current sys * System specification documents

Question 66

Sys Dev - Design

Answer 66

Technical blueprint

Question 67

Sys Dev - Development

Answer 67

Off-the-shelf or customized platform

Question 68

Sys Dev - Testing

Answer 68

Unit (code) System Integration User Acceptance

Question 69

Sys Dev - Implementation

Answer 69

Parallel Plunge Pilot Phased

Question 70

Sys Dev - Maintenance

Answer 70

Monitor Support Training Help Desk Authorized Changes

Question 71

SOFTWARE Operating System

Answer 71

Job Control Language for: Scheduling Resource allocation data retrieval

Question 72

SOFTWARE Multi - processing

Answer 72

simultaneous execution of tasks same system, multiple CPU

Question 73

SOFTWARE Multi - tasking

Answer 73

simultaneous processing of jobs

Question 74

SOFTWARE Types of Source Programs

Answer 74

Machine Language Assembly High-level: COBOL, Basic, OOP (Object Oriented) C++, Java

Question 75

SOFTWARE Desk checking

Answer 75

programmer review b4 run/debug

Question 76

SOFTWARE Loop

Answer 76

Repeating program instructions

Question 77

PROCESSING Data Warehouse

Answer 77

Periodic data dumps Subject oriented Integrated collection of data

Question 78

DATA STRUCTURE Data Modeling

Answer 78

Entity-relationship modeling Primary key - individ records Foreign key - link relational db AIS REA data model - resource: object w/ economic value - event: bus activity - agent: people/org

Question 79

DATA STRUCTURE Data Dictionary

Answer 79

data repository data directory stores meta-data

Question 80

INTERNET Languages

Answer 80

HTML XML - extensible markup \* XBRL (XML for EDGAR)

Question 81

ISACA COBIT Framework

Answer 81

COBIT Achieve objectives of: Governance and Mgt Enterprise IT Systematic integration with Biz strategies

Question 82

ISACA COBIT Principles (5)

Answer 82

1. Meet Stakeholder needs 2. Cover enterprise end-to-end 3. Apply single integrated framework 4. Enable holistic approach 5. Separate governance from management

Question 83

ISACA COBIT Enablers (7)

Answer 83

1. Processes 2. Org Structure 3. Culture 4. Policy - Principles 5. Information produced/used 6. Infrastructure 7. People competencies

Question 84

IC ICHAMB \*O\*

Answer 84

Org structure segregation of Development and Data processing

Question 85

IC General Control Activities

Answer 85

Developing new systems Changing existing Access to data / app Computer operations

Question 86

BUSINESS CONTINUITY Plan

Answer 86

Priorities Insurance Backup approach Individual Assignments Periodic Testing Documentation

Question 87

FLOWCHARTs

Answer 87

Program: logic within application System: application interactions Audit/Document: dept to dept flow Dataflow: data and functions (paper/elect)

Question 88

IC Controls are classified into

Answer 88

the preventative, detective, and corrective categories