IT Flashcards
Acquire and Implement
the process of identifying automated solutions
What is COBIT
The Control Objectives for Info and Related Technology. Int’t standard for identifying best practices in IT security and control.
Monitor and evaluate
Regularly assess IT processes.
The process of reviewing system response time logs.
Assessment over time.
Deliver and support
the process of security and continuous services
What is the purpose of COBIT?
common language for users, auditors, mgmt, and business process owners in identifying risks and structuring controls.
Aligns IT & Biz goals/strategies.
What are the components of the basic COBIT framework?
IT Resources Plan & Organize Acquire & Implement Deliver & Support Monitor & Evaluate
What is included in IT Resources
Data Applications Systems Technology Facilities People
Plan and organize
the process of developing tactics to realize the strategic vision for an info tech unit
Enterprise Resource Planning system
Provides transaction processing, mgmt support, and decision-making support in a single, integrated package. It attempts to eliminate many of the problems faced by orgs when they attempt to consolidate info from operations in multiple dept/divisions by integrating all data/processes into a unified system.
What are risks of cloud-based computing
Data Loss
Vendor security failure
System hacks
What is the ERP system designed to do?
to integrate data from all aspects of an org’s acitivities into a centralized data repository.
OLAP Online Analytical Processing System
provides data warehouse capabilities and data mining for the ERP system. Provides an integrated view of transactions in all parts of the system.
Online transaction processing system (OLTP)
Includes core biz functions: sales, production, purchasing, payroll, fin. reporting. Records the day to day operational transactions and enhances the visibility of these transactions throughout the system. Primarily concerned with collecting data and not analyzing it across the org.
PaaS (platform as a service)
use of the cloud to create (not access) software
IaaS (infrastructure as a service)
Use of the cloud to access virtual hardware
SaaS (software as a service)
Use of the cloud to access software
What are the risks of a cloud-based system
Data loss - all eggs in one basket.
system penetration
in the vendor you trust
What are the backup facility types?
cold site - no computers $
warm site - computers, no data $$
hot site - everything $$$
mirrored - fully redundant $$$$
What tasks are given top priority in DRP?
mission critical tasks - which includes, customer facing services
manufacturing
financials
What tasks are given the lowest priority in DRP?
Task critical
What type of recovery would help a company recover from a disaster and ensure a timely recovery?
Business continuity planning.
What info does one need to prepare a DRP?
Names and locations of key vendors
Current hardware configuration
Names of team members
Alternative processing location
Cold site
hardware and records are delivered AFTER the occurrence of a disaster.
What is a logical first step in developing a disaster relief plan?
Prepare a statement of responsibilities for the tasks included in the DRP
