info systems

Card Set Information

Author:
markburke
ID:
56844
Filename:
info systems
Updated:
2010-12-19 22:34:57
Tags:
Info Systems Burke
Folders:

Description:
Info Systems Burke
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user markburke on FreezingBlue Flashcards. What would you like to do?


  1. Accounts Receivable would appear in an REA diagram as an example of which kind of entity?
    • - Resource - Incorrect -Accounts Receivable is not a resource as defined in the REA model, but simply equals the difference between the sales and Receive Cash events.
    • -event - Incorrect - Accounts Receivable is not an event, but represents the diference between two events.
    • - agent( inocrrect. Agents are people or organizations)
    • - None of the above. ( correct. Accounts Receivable would not appear as an entity in an REA diagram because it represents the difference between two event.
  2. Which of the following is not likeyly to be depicted as an entity in the REA data model??
    Invoice - correct. Invoices are paper outputs of a database - they do not meet the definition of being either a resource, an event, or an agent and, therefore, are not modeled as an entity in a REA diagram.
  3. In most cases, the relationship between agent entities and event entities is
    1:N - Over time, agents usually participate in many events. Usually, for accountabitily purposes, an event is linked to only one specific internal agent and one specific external agent. Occasionally, a complex task may be linked to a team of internal agents, but this is not the norm.
  4. If customers pay for each sales transaction with a separate check and are not permitted to make installment payments on any sales, then the relationship between the Sale and Cash Receipt events would be modeled as being which of the following?
    1:1 - Each sales transaction is linked to only one payment ( no installments) and each payment is linked to only one sales transaction (separate checks)
  5. Which of the following most accurately models the sales of low cost, mass-produced items by a retail store?
    (Inventory) (chicken feet) (I) line (O) (chicken feet) (sale) - each sale must involve at least one item of inventory, but possibly many; conversely, each inventory item may not be linked to any sales transaction, but a given item could be linked to many sale events.
  6. Data modeling occurs during which stages of database design?
    system analysis and conceptual design
  7. A company has five different cash accounts. ( checking, money market, petty cash, payroll, and investments.) It deposits all payments received from customers into its checking account. Which of the following accurately depicts the relationship between the cash entity and the receive cash event?
    (cash) (II) line (O) ( chicken feet) ( receive cash) - This shows that some cash accounts may not be linked to any receive cash events, whereas others may be linked to many events. Conversely, this shows that each receive cash event must be linked to a cash account, and to only one cash account.
  8. EZ conctruction company builds residential houses. It sells only homes that it has built. Most of its homes are sold to individuals, but sometimes an investor may purchase several homes and hold them for subsequent resale. Which of the following is the correct way to model the relationship between Sales and Inventory for EZ Construction Company?
    (Sale) (I)(O) line (I) (chicken feet) ( Inventory)

    Each sale must must involve at lease one home from inventory but could involve many; conversely, each home may or may not be sold but can be sold at most one time.
  9. Which of the following statements about the REA data model is true?
    Every event must be linked to at least two agents
  10. A business operates by always collecting payments from customers in advance. Customers pay for the entire amount of the sale. It then orders the items from its suppliers and when they all arrive it ships the entire order to the customer. Which of the following describes the relationship between sales and cash receipts for this company?
    • (sale) (I)(O) line (II) (recieve cash)
    • This shows that each sale event must be linked to a prior receive cash event but that a receive cash event may not be linked to any sale event.
  11. Which of the following types of entities must become a separate table in a relational database?
    • - Resources
    • -Events
    • -Agents
    • D. All of the above - correct - all three types of entities become separate tables.
  12. How many tables are needed to implement an REA data model that has seven distinct entitites, three M:N relationships, and five 1:N relationships in a relational database?
    -10 there must be 10 tables, one for each distinct entity and one for each M:N relationship
  13. Which type of relationship cardinality must be implememnted in a relational database as a separate table?
    M:N relationship ( Correct. Only M:N retaionships must be implemented as separate tables in a relational database. Foreign keys can be used to implement 1:N and 1:1 relationships.
  14. Combining two REA diagrams by merging entities common to both will necessitate changes in cardinality pairs associated with the merged entity if it is an
    Event - The minimum cardinality may need to be changed when mergin events common to two REA diagrams, but not when merging resources or agents.
  15. Information traditionally found in journals is stored in which type of entity in an REA database?
    Event - Journals are transaction files. event entities store information about transactions. Therefore, information found in journals is stored in event tables.
  16. Which of the following tables would most likely have a concatenated primary key?
    inventory - sales - Although any entity may have concatenated key, few do except for M:N relationships, which must have concatenated primary keys.
  17. An REA diagram contaiuns four instances of the Employee entity. How many tables does this require in a relational database?
    1 - Multiple occurrences of the same entity in an REA diagram improve readability, but only one table is needed for each distinct entity.
  18. The primary key of a M:N relationship between the Receive Inventory and cash Disbursement Events would be
    both receiving report number and check number -M:N relationships have concatenated primary keys that consist of the primary key of each entity participating in that relationship.
  19. Which of the following statements is only true about an integrated REA data model?
    Every resource must be linked to at least one increment event and at least one decrement event. This is a unique feature of, and is the reason for, integrating multiple REA diagrams.
  20. In a relational database designed according to the REA data model, information traditionally stored in ledgers can be obtained by querying.
    • - resources
    • -events
    • -agents
    • - All of the above - To obtain the information traditionally found in a ledger involves querying not only resouce tables but also event and agent tables as well.
  21. Which of the following events represent the basic give to get economic exchange for a business that rents equipment and machinery?
    Rent Equipment, Return Rented Equipment and Receive Cash ( the give event - Rent equipment is linked to two get events: return rented equipment and receive cash
  22. Which resource in the HR/payroll cycle is seldom inplemented in a database?
    employee time - Correct. The employee time represents the right to use an employee's time----but time is a noninventoriable asset and is concumed when it is acquired, so this resource is seldom if ever implemented as a table in a database.
  23. Joes computers makes service calls to repair computer equipment. Some calls invovle only labor charges, others involve both labor and parts. Which of the following correctly models the relationship between the Service Calls event and Parts Inventory?
    (Parts Inventory) (chicken feet) (O) line (o) ( chicken feet) (Service calls)

    This shows that some parts may not be linked to any service call, but others could be linked to many service calls. It also shows that some service calls do not involve the use of any parts, although other service calls may involve the use of multiple parts
  24. Which entity constains information about the components used to manufatcure a particular product?
    Bill of materials - The bill of materials entity stores the list of components used to manufacture a given product
  25. Which of the following production cycle events involves the acquisition of a resouce(i.e. get event)
    Work in Process - The work in process event collects and aggregates all the costs associated with creating a finished product
  26. Acme manufacturing tracks information about cusotmer calls by sales representative. Although many calls involve demonstrations of products, some are purely to build relationships. What is the correct way to model the relationship between inventory and the Call on customer event?
    b. (Inventory)(chicken feet)(O) line (o) (chicken feet) ( call on customers) this shows that a call may not involve the demonstration of any products, although it could demonstrate multiple products. At the same time, it correctly shows that some products may not be linked to any sales calls, whereas others may be linked to many different sales calls.
  27. Which production cycle event collects data used to calculate payroll?
    Time worked - this event captures the acquisition of time from employees, in return for which they must be paid
  28. The give to get economic exchange associated with debt financing involves which two events?
    Issue Debt and disburse cash ( Issuing debt results in receipt of cash and subsequent repayments of that debt.)
  29. Acme manufacturing wants to track post-sales customer service by collecting information about each customer service call: who called, when the call happened, which customer service representative handled the call, how long the call lasted, which sales transaction prompted the call, and which inventory items were discussed,. The relationship between the Sales and Post sales service call events should most likely be modeled as which of the following?
    M:N - Some customers may make more than one service call related to a specific sales transaction and they may also discuss serval sales transactions during the same service call
  30. Which of the following is most likely to be modeled as being a 1:1 relationship?
    The relationship between sales and receive cash - although this may often be modeled as being 1:N or M:N, it is a 1:1 relationship for cash and carry type businesses, which do not extend credit.
  31. COSO identified five interrelated compoents of internal controls. Which of the following is not one of those five?
    Internal control policies - Internal control policies are not one of COSO's five components of internal control.
  32. In ther ERM model, COSO secified four types of objectives that management must meet to achieve company goals. Which of the following is not one of those types?
    responsibility objectives, - Responsibility objectives are not one of the objectives in COSO's ERM model
  33. Which of the follwoing statements is true?
    COSO's internal control integrated framework report has been widely accepted as the authoryity on internal contrls. ( The internal control integrated framework is the accepted authority on internal controls and is incorporated into policies, rules, and regulations that are used to control business activites.)
  34. All other tings being equal, which of the following is true?
    Preventive controls are superior to detective controls. - With respect to controls, it is always of utmost importance to prevent errors from occurring
  35. Which of the following statements about the control enviironment is false?
    Managments attitudes toward internal control and ethical behavior have little impact on employee beliefs or actions. This statement is false because managemnt attitude toward internal control is critical to the organization effectiveness and success.
  36. To achieve effective segragation of duties, certain functinos must be separated. Which of the following is the correct listing of the accounting related functions that must be segregated?
    Authorization, recording, and custody
  37. Which of the following is not an independent check?
    Re adding the total batch of invoices and comparing it with your first total - A person performing the same procedure twice using the same documents, such as re adding invoice batch totals, is not an independent check because it does not involve a second person,
  38. Which of the foloing is a control procedure relating to both the design and use of documents and records?
    sequentially prenumbering sales invoices - designing documents so control procedure relating to both thedesign and use of documents
  39. Which of the following is the correct order of the risk assesment steps discussed in this chapter?
    Identify threats, estimate risk, and exposure identify controls, and estimate costs and benefits.
  40. Your current system is deemed to be 90% reliable. A major threat has been identified with an impact of 3 million. Two control procedures exist to deal with the threat. Implementation of control A would cost 100k and reduce the likelihood to 6%. Implementation of control B would cost 140k and reduce the likelihood to 4 %. Implementation of both controls would cost 220k and reduce the likilihood to 2%. Given the data, and based solely on an economic analysis of costs and benefits, what should you do?
    Implement control B only. Control procedure B provides a net benefit of 40k. Procedure A and the comination of A and B only provide a benefit of 20k
  41. Which of the following statements is true?
    Information security is primarily a managment issure
  42. Firewalls are an example of
    preventive controls - firewalls are designed to prevent problems by filtering which packets are allowed to enter and leave a system
  43. The control procedure designed to verify a user's identity is called
    Authentication. Authentication is the process of verifying a user's identity
  44. A weakness that an attacker can take advantage of to either disable or take control of a system is called a
    vulnerability - which is any weakness that can be used to disable or take control of a system
  45. Which of the following techniques involves the creation and use of a pair of public and private keys?
    asymmetri encryption - which uses two keys: the public key is available to anyone, the private key is secret and know only to its owner. Either key can be used to encrypt, but only the other can used to decrypt that message
  46. Which of the following is a preventaive control?
    Training - Training users about security enhances the effectivness of security procedures and increases the likelihood that users will comply with security policies
  47. The approach to perimeter defense that involves examining only informationis the packet header of each individual IP packet is referred to as
    static packet filering - correct static packet filtering examines the headers of individual IP packets
  48. In order to create a digital signature
    the sender encrypts a hash using the senders private key - only the sender know the senders private key. Therefore if the recipient can successfully decrypt the has using the senders public key, that proves that the sender must have created and sent the hash.
  49. Which of the following is an authorization of control?
    compatibility test - a compatibility test uses an access control matrix to determine what actions an authenticated user is allowed to perform
  50. Modifying default configuations to improve security is called
    hardening
  51. Assuming the expected loss for the company is 1 billion with a standard deviation of the expected loss being 600 million after simulation, what is the approximate true error of the expected loss?
    49.71 million
  52. Novino Inc is inviting bids for developing a construction site it owns. If a bidder wishes to electronically send his or her bid confidentially to Novino, he or she is most likely to:
    Encrypt the document using Novinos public key
  53. if Novino wants to make sure that the electronic bid document from a bidder is coming from the same bidder only, the bidder is most likely to
    Encrypt the document using his or her own privet key
  54. If Novino wants to make sure that the electronic bid document from a bidder has not been altered in transist and the document is coming from the same bidder only, then the bidder is most likely
    Use a combination of encryption using his private key and hashing the bid document
  55. An automobile retailing company has 500 showrooms in california. it is in the process of making a decision on buying earthquake insurance to protect itself against catastrophic losses. The probability of the occurence of earthquake cannot be reliably estimated. The company has to therefor rely on simulation to estimate its expected loss from the earthquake. It prepares a schedule of maximum andminimum losses for each of its 500 showrooms and estimates the standard deviation of the loss to be around 700 million before simulation. The total maximum loss is 5 billion and the totalminimum loss is 500 million for the company. Using a 2% error in estimate how many simulation iterations should the company implement to reliably estimate its expected loss?
    1311 iterations
  56. If the earthquake insurance requires a payment of 100 million at the time of adoption and million at the end of the third and fourth years, the cost of insurance is: use a discount rate of
    386.87 million
  57. Which of the following is not an attribute of an XBRL element?
    Code type
  58. Tagging in XBRL refers to
    assigning customized identifiers to information in a financial statment
  59. A fraud techinque that allows the hacker to bypass system controls and gain access
    building a trap door
  60. A set of unauthorized computer instructions in a program
    trojan horse
  61. a ____ is similar to a _______ except that it is a program than a code
    worm, virus
  62. the unauthorizaed use of special system programs to bypass regular syttem controls and preform illegal act is called
    superzapping
  63. which of the following is id theft
    phreaking
  64. which on of the following dimensions provides key business procedures
    internal operations
  65. a type of edit check that would ensure that entries are made to existing general ledger is called a
    validity
  66. the edit check that verifies the ending balance of an account in fact fully reflects the begining balance and all debit and credit entries made thereafter is referred to as a
    run to run total
  67. an internal audito has embedded an audit module in the firms accounting system that selectivetly monitors transactions. Selected transactions are then processed and the results are compared with those obtained by the system. This is an example of collecting audit evidence using
    continuous and intermittent stimulation
  68. auditors have several techniques available to them to test computer processing controls. An audit routine that flags suspicious transaction is known as
    an audit hook
  69. the auditor uses _____to continuously monitor the system andcollect audit evidenc while live data are processed
    concurrent audit techniques
  70. when programers are working with program code, they often employ utilites that are also used in auditing. The occurancs of variables that are not used by the program are found using
    scanning routines
  71. an auditor examins documents related and disposal of a firms delivery van and manually calculates AD for comparison with acct records
    reperformance
  72. an increase in the effectivness of internal controls will have the effect of
    reducing control risk
  73. when it is suspected that a particular application program contains unauthorized codeof serious errors, a detailed analyis of the program logic may be necessary - auditor has severyal types of software packages available
    mapping program
  74. the system and the receiving unit calculate a summary statistic and compare it
    echo check
  75. while this type of backup takes longer, its restoration is simpler
    differential backup
  76. a facility that contains all the computing equipment the organization needs to perform its essential business activities
    hot site
  77. cancellation and storage of documents means that
    documents are defaced and stored
  78. this entails verying that the proper number of bits are set to the value 1 in each character received
    parity check
  79. this ensures that the correct and most current files are being updated
    file labels
  80. regarding program modifications which statement below is incorrect
    only material program changes should be thoroughly tested and documented
  81. how would auditors determine if unauthorized program changes have been made?
    using source code comparison
  82. it was 908 am when the network admin for squad tech was informed that the intrusinon detection system had identified an ongoing attempt to breach net security. By the time of the breach the hacker took files. Yje model of security is
    P>D+C
  83. a test file created by a website and sotored on a visitors hard disk
    cookie
  84. which of the following is an example of a detective control
    log analysis
  85. change management refers to
    controls designed to ensure that updates in information tech do not have negative consequences
  86. the coso control model has five crucial components, which of the following is not one of them
    compliance with fed state and local laws
  87. the rish that exists before management takes any steps to control the likelihood or impact of a
    inherent risk
  88. Chance in a thoust of a client being injured or killed. Lawsuits have a average cost of 600k 30k deductable. covers the. Bases on cost benefit analysis what is the most that the business hsould pay per client for the insurance
    600 1/1000
  89. auditors have several techniques available to them to test computer processing controls. an audit routine that flags suspicious transactions is known as
    an audit hook

What would you like to do?

Home > Flashcards > Print Preview