Topology refers to the shape of a network, or the network's layout. 1. Bus 2. Star 3. Ring 4. Tree 5. Mesh

AUD 9 - Information Technology Flashcards by Mary Thomas

Benefits of IT (5)

MCCAT

Monitoring - electronic controls can be monitored by the computer software itself.
Consistency - computers process data the same way every time.
Circumvention - controls are difficult to circumvent when programmed properly & exceptions are unlikely to be permitted.
Analysis - data can be accessed for analytical procedures more conveniently (w/ proper software).
Timeliness - electronic processing & updating is normally more efficient.

How well did you know this?

Not at all

Perfectly

Risks of IT (6)

MCFOLA

Manual Intervention - knowleadgeable individuals can sometimes alter files by bypassing the appropriate programs.
Changes in Programs - severe consequences without detection are possible if unauthorized program changes occur.
Failure to Change - programs are sometimes not updated for new laws, rules, or activities.
Overreliance - without clear output, IT systems are often assumed to be working when they are not.
Loss of Data - catastropic data loss is possible if appropriate controls aren’t in place.
Access - destruction & alteration of large amounts of data are possible if unauthorized access occurs.

How well did you know this?

Not at all

Perfectly

What are the two IT risks of major concern to the auditor?

Unauthorized Access to a computer system can cause more damage to the accounting system as a whole than in a maunal system where it is difficult for one person to access all the different records of the system.
The Audit Trail is an electronically visible trail of evidence enabling one to trace info contained in statments or reports back to the original source.

How well did you know this?

Not at all

Perfectly

In what two ways may Data be processed?

Processing of Transaction (2)

Online Transaction Processing - means that the database is updated as soon as a transaction is received, keeps the business up-to-date the moment transactions are keyed or transmitted into the system.
Batch Processing - the accumulation of info about similar events or transactions so that they could be entered into the acctg system at one time.

Increases efficiency of processing transactions
Allows for greater control over input process
DELAYS the availability of info (time delay)

How well did you know this?

Not at all

Perfectly

The linking of computers (Network) may be done in what three different ways?

(Network Configurations)

LAN - communication network that serves several users within a specified geographical area.
VAN - links different companies’ computer files together.
WAN - a computer network connecting different remote locations that may range from short distances, building floors, or regions.

How well did you know this?

Not at all

Perfectly

Network Topology (5)

Topology refers to the shape of a network, or the network’s layout.

Bus
Star
Ring
Tree
Mesh

How well did you know this?

Not at all

Perfectly

Electronic Ecommerce

(E-Commerce)

The conduct of business, generally involving the buying & selling of products, including billing & payment, using electronic communication (EDI) between the computers of different entities such as suppliers & customers.

How well did you know this?

Not at all

Perfectly

What is Electronic Data Interchange (EDI)?

What are three special considerations related to EDI?

EDI is the electronic interchange of business information between suppliers & consumers using a standardized format.

Three special considerations related to EDI:

Strict Standards are needed for the form of data so that it will be understood by computers at both end.
Translation Software is needed by each computer on both ends so that it can convert data between the standard used for EDI & the form needed for processing internally.
Unauthorized Access considerations. Requires the use of encryptions & firewalls.

How well did you know this?

Not at all

Perfectly

Computer/Internet Risks

Virus

Trojan Horse

Worm

Hoax Virus

Killer Application

Phishing

Firewall

Virus - a program with the ability to reproduce by modifying other programs to include a copy of itself.

Trojan Horse - is a purposefully hidden malicious or damaging code within an authorized computer program.

Worm - a program that duplicates itself over a network so as to infect many computers with viruses.

Hoax Virus - a widely distributed e-mail message warning of a virus that doesn’t exist.

Killer Application - simply refers to a program that is extremely useful, & is not anything dangerous.

Phishing - is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private info that will be used for identity theft.

Firewall - a tool for establishing security which prevents unauthorized users from accessing data.

How well did you know this?

Not at all

Perfectly

Controls

What are the 2 broad types of Controls?

Controls - in an operation of computer systems, management must focus on two broad types of controls:

General Controls - these relates to the overall integrity of the system. Controls include policies, procedures, & practices established by management to provide reasonable assurance that specific objectives will be achieved.
Application Controls - these are specific to individual programs & uses of the system.

How well did you know this?

Not at all

Perfectly

General Controls

What are the 5 elements of General Control?

_{(Personnel,File Security,Contingency Planning,Computer Facilities,Acces Ctrls)}

General Controls - these relates to the overall integrity of the system. Controls include policies, procedures, & practices established by management to provide reasonable assurance that specific objectives will be achieved.

Personnel Policies
- Control Clerks & Librarians
  - Has Custody responsibilities
- Data Input Clerks & Computer Operators
  - Has Recording responsibilities
- System Analysts & Programmers
  - Has Authorization responsibilties
File Security
- Back Up
  - Grandfather/father/son retention system
- Lock Out
- Read-Only
Contingency Planning
- Hot Site (computers ready to go)
- Cold Site (no computer waiting)
- Mirrored Web Server - off site
- Documentation - if no segregation of duties
- Hardware Controls
  - Parity Check - counts the number of bits/characters
  - Echo Check - sends back to originator for check/confirmation of correct info
Computer Facilities - Fire/Insurance
Access Controls - biometrics

How well did you know this?

Not at all

Perfectly

Application Controls (Program Controls)

What are the 3 elements of Application Controls?

Application Controls - specific to individual programs & users

Inputs
- Field Checks -Data is validated to correvct length, character types, format (valid Lic#)
- Validity Check - Compared with acceptable entries (valid SS#)
- Limit Test - SS #s not greater than 9
- Check Digits - identification numbers based on formula
- Financial Total
- Record Conts
- Hash - A meaning less total
- Non financial Totals
- Edit Checks - Verify that each individual entry is appropriate & generates a list of rejected transactions.
Processing
- Systems & software documentation
- Error-checking compiler
- Test Data
- Change Control measures
- System Testing
- User Acceptance Testing
Output
- Distribution lists
- Shredders
- System testing

How well did you know this?

Not at all

Perfectly

Application Controls - Input

Data can be verified in what 4 ways?

Form of Data Verified (4)

Application Controls - specific to individual programs & users

Form of Data Verified:
- Field Checks - Data is validated to correvct length, character types, format (valid Lic#)
- Validity Check - Compared with acceptable entries (valid SS#)
- Limit Test - SS #s not greater than 9
- Check Digits - identification numbers based on formula

How well did you know this?

Not at all

Perfectly

Application Controls - Input

Control Totals (3)

Application Controls - specific to individual programs & users

Control Totals:
- Record Counts - number of items being input
- Financial Total - total of column of entries in currency
- Hash - A meaning less total

How well did you know this?

Not at all

Perfectly

Parity Check

vs.

Echo Check

Parity & Echo checks are a type of Hardware Control whichis considered a General Control of a company.

Parity Check - A hardware control that makes certain that each byte has either an odd or even number of bits in the “1” or “on” position, depending on whether the machine is designed as odd or even parity, respectively.

Echo Check - A hardware control that has one computer re-transmit data back to the computer from which it originated to make certain that the data received matches the data transmitted.

How well did you know this?

Not at all

Perfectly

Data Structure

_{Bit>Byte>Character>Field>Record>FIle>Database}

Study These Flashcards

Bit - A single switch is either 1 or 0

Byte - A group of 8 bits representing a character

Character - A letter, number, punctuation mark

Field - a group of related characters representing a unit of information (column)

Record - a collection of related info, many fields (rows)

File - a group of related records

Database - a collection of files

eXtensible Business Reporting Language (XBRL)

Study These Flashcards

XBRL - is a specification for publishing financial information in the XML format. It is designed to provide a standard set of XML tags for exchanging accounting information & financial informations between companies & analysts.

XBRL can handle data in different languages & accounting standards
The SEC mandated ALL public companies must file FS in XBRL.

What are the 5 Computer Assisted Audit Techniques (CAAT)?

TESTED

Study These Flashcards

Test Data (phony data)
Controlled Reprocessing
Integrated Test Facility/Test Data
Transaction Tagging
Parallel Simulation