Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
37 Cards in this Set
- Front
- Back
|
what makes information useful? (7 things) |
relevant reliable complete timely understandable verifiable accessible |
|
|
5 business process cycles (Red Eyes Produce Hallucination Feelings) |
revenue expenditure production HR / payroll financing |
|
|
AIS definition |
collects, processes, stores, and reports data and information for better decision making |
|
|
6 components of an AIS |
people procedures data software IT infrastructure internal control & security |
|
|
primary activities in value chain |
inbound logistics operations outbound logistics marketing and sales service |
|
|
support activities in value chain |
firm infrastructure human resources technology purchasing |
|
|
data processing cycle (4 things) |
input output process storage |
|
|
general vs subsidiary ledgers |
general ledgers have summary level data
subsidiary ledgers have detailed data |
|
|
general vs specialized journals |
general journal have infrequent transactions
specialized journals have repetitive transactions |
|
|
entity - field - record - file - database definitions |
entity = something about which info is stored field = where data value is stored (cell in excel) record = a set of fields file = group of records database = group of files
|
|
|
4 data processing activities (CRUD) |
CREATE new records READ existing records UPDATE existing records DELETE records |
|
|
what does ERP stand for? |
Enterprise Resource Planning |
|
|
ERP definition |
integrates an organizations info into one system |
|
|
ERP advantages |
greater management visibility better access controls improved customer service |
|
|
ERP disadvantages |
cost time consuming complex resistance to change |
|
|
documentation definition |
set of documents and models that describe who, what, where, when, why, and how of systems |
|
|
4 basic elements of data flow diagrams (and their symbols) |
data source and destinations (square) data flow (arrow) data store (2 lines) transformation process (circle) |
|
|
context diagrams |
highest level DFD, most general shows inputs and output into system |
|
|
level zero diagram |
shows all major activity steps of a system |
|
|
flowcharts |
depict transaction processing and flow of data |
|
|
4 flowchart categories |
input/output processing storage misc. |
|
|
3 types of flowcharts |
document = flow of documents system = system inputs, processes, outputs program = logical system of program logic |
|
|
internal control definition |
system to provide reasonable assurance that objectives are met |
|
|
3 internal control functions |
preventive (most important) detective corrective |
|
|
what does COBIT stand for? |
Control Objectives for Information and related Tecnologies |
|
|
what does COSO stand for? |
Committee Of Sponsoring Organizations |
|
|
5 COSO model categories |
control environment control activities risk assessment information and communication monitoring |
|
|
what does ERM stand for? |
Enterprise Risk Management |
|
|
4 COSO - ERM objectives |
strategic = operational = reporting = compliance = |
|
|
inherent risk vs residual risk |
inherent risk exists before controls are made
residual risks remain even after controls are made |
|
|
4 responses to risk |
reduce accept share avoid |
|
|
3 accounting duties to segregate |
reporting authorization custody |
|
|
expected loss formula |
expected loss = likelihood x impact |
|
|
time based model |
P > D + C |
|
|
preventive controls |
training user access controls (authent.. vs author.) physical access controls (locks, guards) |
|
|
detective controls |
log analysis intrusion detection security testing managerial reports |
|
|
corrective controls |
CIRT = computer incident response team CISO = chief information security officer patch management = software updates |
