4C - Controls That Respond to Risks Associated with IT. questions from review

There are four levers of control that resolve the conflict between controls and creativity. Which of the following best describes a boundary system?

- A boundary system promotes ethical behavior by setting limits on employee empowerment. An example of this is allowing employees to meet customer needs. In a diagnostic control system, management fine-tunes outputs and processes in relation to the organizational goals. In an interactive control system, data is generated for analysis and discussion by stakeholders inside the organization. A belief system is exemplified in an organization where employees comprehend the direction management wants the company to take.

Which of the following input controls is a numeric value computed to provide assurance that the original value has not been altered in construction or transmission?

- A check digit is a specific type of input control, consisting of a single digit at the end of an identification code that is computed from the other digits in a field. If the identification code is mis-keyed, a formula or algorithm will reveal that the check digit is not correct, and the field will not accept the entry. - Hash totals are nonsense totals; for example, the sum of the digits of an invoice number. A hash total is similar to a control total and is used to verify processing (or output) compared to input. It is not an input control. - A parity check (bit) is an extra bit added to a string of bits as a hardware control. It is a control over the accuracy of data transmission, but since it is a hardware control, it is not an input control. In encryption, data is processed through a formula that substitutes other characters for the original characters. Data may be encrypted so that it can be transmitted between computers to prevent interception of the data or to store data so that others cannot read it. Since encryption does not attempt to show the original value has not been altered, this answer choice is incorrect.

Which of the following situations would most likely provide the best way to secure data integrity for a personal computer environment?

- All computers linked to a Local area network (LAN). Data integrity relates to using data for its intended purpose. A local area network would promote data integrity by making data available only to those users having a legitimate reason for access. Centralized access controls would help promote data integrity.

Your firm has recently converted its purchasing cycle from a manual process to an online computer system. Which of the following is a probable result associated with conversion to the new automated system?

- Conversion to automated data processing usually reduces the existing segregation of duties because the computer combines many functions which previously could have been performed by separate persons. Thus, an individual with access to the various computer functions could perform incompatible duties. Conversion to automated data processing usually reduces processing errors, has little or no effect on the types of risk to which the firm is exposed, and usually reduces processing time.

A company has a significant e-commerce presence and self-hosts its website. To assure continuity in the event of a natural disaster, the firm should adopt which of the following strategies?

- Establish an off-site mirrored web server A natural disaster could destroy the onsite web server as well as any backup server at the same location. A disaster could also destroy communications channels to that site. A second identical server (a mirror) with separate communications channels located remotely would facilitate continuity in a disaster. A backup is a copy of computer data so it may be used to restore the original after a data loss event (data deletion or corruption). The answer choices "back up the server database daily" and "store records off-site" are incorrect because they do not include a second server with off-site operating capability or backup communications channels. These choices allow the firm to reconstruct damaged data but do not enable the firm to continue operations immediately after the disaster. RAID is a data storage technology that combines multiple disk drive components into a logical unit for the purposes of data redundancy and performance improvement. "Purchase and implement RAID technology" is incorrect because it does not include a second server or backup communications channels.

An enterprise resource planning (ERP) system has which of the following advantages over multiple independent functional systems?

- Increased responsiveness and flexibility while aiding in the decision-making process

Which of the following best describes a hot site?

- Location that is equipped with a redundant hardware and software configuration A hot site is a completely operational data processing facility that is designed to meet the user's requirements and can be made available to the user for disaster recovery on short notice. Such a site includes both redundant hardware and software that are configured specifically to meet the user's needs.

Which of the following controls is least likely to be closely associated with assuring the accuracy and completeness of data in computer-processed master files?

- Logical access controls Access controls such as passwords and access logs serve to prevent improper access to and use of programs and files. They do not relate specifically to accuracy and completeness of data.

Which of the following is not a standard procedure in reviewing and reconciling data when following output controls?

- Monitor the data communicator network to assess weaknesses that need improvement is a data transmission control, not an output control. Output controls include users reviewing data control for accuracy, data control reviewing all output for accuracy, and data control comparing output control totals to input control totals.

Contingency planning alternatives can vary by computer processing environment. A company is least likely to use a reciprocal processing agreement for:

- Online teleprocessing would generally not involve a reciprocal processing agreement. Reciprocal processing agreements are often used for small systems, large batch operations, and small batch operations.

Some companies have been the target of terrorist attacks in recent years. The best approach to avoid having a data center be selected as a terrorist's target is to:

- The best approach to avoid having the data center identified as a terrorist's target is to establish as low a profile as possible for the data center, e.g., by refraining from (1) identifying the building on the outside as a data center, (2) showcasing the data center through glass windows, of (3) advertising the important role the data center plays in operations. Ensuring that the disaster recovery plans are fully tested and hardening the electrical and communications systems so that they could withstand some kinds of attacks would not contribute to avoiding being selected as a terrorist's target. Monitoring the locations and activities of known terrorists, even if permitted by law, would not by itself help the company avoid having the data center selected as a terrorist's target.

Aware of the threat of physical disasters to make the LANs unavailable, the implementation team wrote a disaster recovery plan that documented procedures for data and program backup and recovery, power backup, emergency equipment acquisition, and hot site services. The disaster recovery plan requires:

- The disaster recovery plan described will require frequent updating because of the ever-changing nature of typical local area networks. Each change in the configuration of the LAN will require corresponding modification of the disaster recovery plan.

Which of the following functions should prevent a programmer from altering a program and then using that program in a production run?

- The information system librarian should not allow a programmer to enter an untested and unauthorized revised program into the live production schedule.

Each day, after all processing is finished, a bank performs a backup of its online deposit files and retains it for seven days. Copies of each day's transaction files are not retained. This approach is:

- The practice is risky in that restoring from the most recent backup file would omit transactions occurring since the backup was taken. The practice of not retaining daily transaction data is unsound in that the bank has only end-of-the day totals, and it loses a day's transactions for each backup that is unreadable. The practice of not retaining daily transaction data certainly minimizes complexity but at the expense of losing transaction data if the online file must be restored from the backup. Checkpoint/restart information is not needed since the backups are taken at midnight after all processing is finished for the day.

Your firm has recently converted its purchasing cycle from a manual process to an online computer system. Which of the following is a probable result associated with conversion to the new automated system?

- Traditional duties are less segregated.

It is important to maintain proper segregation of duties in a computer environment. Which of the following access setups is appropriate?

- Users have update access for production data Users need to update data through applications programs. Application programmers should not be able to change production programs. They should submit changes to the change control unit. Application programmers should never have update access to production data. Users have no need to change production programs.

With respect to backup procedures for master files that are magnetic tape as opposed to master files on magnetic disk:

- a separate backup run is required for disk while the prior master on magnetic tape serves as a backup. Disk-oriented systems typically employ destructive updating (i.e., new (updated) master records are written over the old master records, thereby destroying them). Consequently, disk-oriented systems require separate backup procedures. Whereas, tape-oriented systems generate a new master file tape as an output from the updating run, leaving the old master file tape and the transaction file tape for use as backup.

A checkpoint/restart procedure is primarily designed to recover from:

- hardware failures. The term "checkpoint-restart procedure" refers to the periodic copying of the results of a program prior to its actual completion (e.g., at 15 minute intervals). The copy is written to secondary storage for use in restarting a program, should there be an interruption in the operation of the hardware devices. Restart is initiated from the most current (recent) checkpoint, rather than at the beginning of the program.

A preventive control is one that is designed to discover and eliminate problems before they occur. Examples of preventive controls include:

- hiring well-qualified personnel and training them well, - segregating employee duties, and - controlling physical access to facilities and information.

To minimize risks associated with passwords, the following protocols should be followed except:

- program the system to display passwords as they are entered for user verification. To minimize risks associated with passwords, program the system to not display passwords as they are entered; only allow authorized devices access to communicate with the system and access the data the user is authorized to use; terminate system access if a valid password is not entered within three attempts; change passwords frequently; immediately cancel terminated users' passwords; create automatic logoffs after a certain number of minutes of inactivity; and use a smart card that continuously generates a new and unique password.

Edit checks in a computerized accounting system:

- should be performed on transactions prior to updating a master file. Edit checks are a type of input (application or procedural) control. These checks are run by the computer (from programmed edit routines) to check the validity, accuracy, and reasonableness of the data which has been input from source documents. Thus, edit checks should be performed on transactions prior to updating a master file (not prior to output distribution) to minimize the introduction of error in both the initial recording of data and in the conversion into machine-readable form. Edit checks do not need to be installed for the system to be operational.

In spite of management's insistence on following procedures, there have been occasions, usually associated with emergencies, in which a program in the test library was used for the company's operations. A risk of using test library programs in emergency situations is that:

- the programs may not be further tested before being placed into production permanently. The temptation is to place the test library program into production if it appeared to run satisfactorily. Test library programs can be assumed to be prepared by authorized personnel. The integrity of the production library is not threatened because no changes were made to the production library. Test library programs are run in such circumstances because the personnel involved believe that using them is better than using the prior programs or no programs at all.

To maintain effective segregation of duties within the information technology function, an application programmer should have which of the following responsibilities?

-Code approved changes to a payroll program In highly integrated systems, a person with unrestricted access to the computer, its programs, and live data might be able to perpetuate and conceal fraud. Functions such as changing systems software, finding and correcting data-entry errors, and maintaining programming code and documentation are segregated to prevent fraud. For example, an applications programmer uses designs developed by analysts to develop the information system and write the code for a computer program.

An online database management system for sales and receivables was recently expanded to include credit approval transactions. An evaluation of controls was not performed prior to implementation. To prevent unauthorized access to specific data elements, the database management system should contain which of the following controls?

-Password specifications for each data file or element

Which of the following is not a violation of segregation of duties within the IT function?

A computer operator must obtain files and programs from the data librarian when processing transactions. Programmers and analysts should not have access to live programs and data or to the computer operations facility during data processing.

A company's web server has been overwhelmed with a sudden surge of false requests that caused the server to crash. The company has most likely been the target of:

A denial-of-service attack is an attempt to make a machine or network resource unavailable by saturating the target server with requests so it cannot respond to legitimate traffic because of server overload. Spoofing involves e-mail with an incorrect address of the sender so as to fool the recipient into providing sensitive information either in a return e-mail or by a link to a web page designed to look like the legitimate page, but which provides information to the perpetrator. Piggybacking is the interception of legitimate communications between a computer system and the user, then modifying them or substituting new messages. Eavesdropping is monitoring transmissions to acquire unauthorized information.

A digital signature is used primarily to determine that a message is:

A digital signature allows the creator of a message to digitally "sign" the data and provides proof of authorization. Because a digital signature cannot be altered, it allows the recipient to determine that a message has been unaltered in transmission.

A company's accounts payable clerk obtained the payroll supervisor's computer password. The clerk then used the password to obtain unauthorized access to the company's payroll files. Any of the following can be used to prevent such unauthorized access to the payroll files, except:

A digital signature uniquely identifies the sender of an electronic message, similar to how a handwritten signature identifies the signer of a paper document. It does not verify the identity of the private key's owner or prevent someone from using the digital signature without access. A smart card continuously generates new and unique passwords, helping to minimize the risk of unauthorized access. Since no single authentication method is foolproof, multifactor authentication, such as requiring a smart card and a password, provides much stronger authentication than either method alone. Multimodal authentication (such as verifying fingerprint and finger vein patterns) also provides enhanced access protection.

Compatibility tests are sometimes employed to determine whether an acceptable user is allowed to proceed. In order to perform compatibility tests, the system must maintain an access control matrix. The one item that is not part of an access control matrix is a:

A limit on transaction totals and frequency is not part of the access control matrix. An access control matrix consists of: - a list of all authorized user code numbers and passwords, - a list of all files and programs maintained on the system, and - a record of the type of access to which each user is entitled.

Which of the following technological elements of computer-based information systems has the least effect in driving the changes that are currently occurring in the workplace?

Although advances in disaster recovery systems may ease addressing the risks of disasters, such advances probably have little effect on the changes seen currently occurring in the workplace. These changes are most affected by advances in computer technology, computer applications, and computer availability.

Processing data through the use of simulated files provides an auditor with information about the operating effectiveness of control policies and procedures. One of the techniques involved in this approach makes use of:

An integrated test facility allows an auditor to introduce test data (simulated files) into an actual processing run to test the processing of that data. This provides evidence about operating effectiveness of the software. "Controlled reprocessing" is incorrect because reprocessing the same data again with the same software provides no new information. "Input validation" is incorrect because input validation is a control that improves the accuracy of data entry, but does not provide information about control effectiveness. "Program code checking" is incorrect because manual program code checking in a complex system is a difficult task, sometimes impossible, which is more efficiently done by using test data in an integrated test facility.

Which of the following types of control plans is particular to a specific process or subsystem, rather than related to the timing of its occurrence?

Application controls refer to the transactions and data relating to each computer-based application system and are, therefore, specific to each process. Preventive, corrective, and detective controls are terms that apply to particular types of controls that may appear in any application, and so are incorrect answer choices. Corrective controls remedy problems discovered through detective controls. They include procedures to identify the cause of a problem, correct errors arising from the problem, and modify the system so that future errors may be minimized or eliminated. A detective control is a control that provides an alert after an unwanted event. A detective control is designed to catch an error and provide the feedback necessary so corrective action may be taken.

Which of the following security controls might prevent unauthorized access to sensitive data via an unattended data terminal directly connected to a mainframe?

Automatic log-off of inactive users would help to prevent unauthorized access to sensitive data displayed on an unattended terminal. This could create a problem, however, if the time interval for non-use log-off was set too short. Using a screen saver is not a solution. Simply moving the mouse or keyboard would restore the sensitive data. The use of a password would not prevent viewing of sensitive data already displayed on the monitor. Encryption of data files would not prevent viewing of data displayed on a monitor.

To prevent interruptions in information systems operation, which of the following controls are typically included in an organization's disaster recovery plan?

Backup and downtime controls are essential in a disaster recovery plan in order to allow for uninterrupted operation.

Which of the following computerized control procedures would be most effective in ensuring that data uploaded from personal computers to a mainframe are complete and that no additional data are added?

Batch control totals, including control totals and hash totals, is the best procedure because the batch control totals for the data transferred can be reconciled with the batch control totals in the existing file. This provides information on the completion of the data transfer. Although self-checking digits are an effective control to ensure that a correct part has been identified, passwords help ensure that only authorized personnel make the transfer, and field-level edit controls are effective data-entry control procedures, the objective here is to ensure that data transfer is complete.

A customer notified a company that the customer's account did not reflect the most recent monthly payment. The company investigated the issue and determined that a clerk had mistakenly applied the customer's payments to a different customer's account. Which of the following controls would help to prevent such an error?

Closed-loop verification tests to make sure account numbers match account descriptions, so that the correct general ledger account is accessed; these checks can be used to make sure that the proper account is being credited. A checksum is a digit representing the sum of the correct digits in a piece of stored or transmitted digital data and is used to detect errors in the stored/transmitted data. Field checks to make sure amount fields in a journal entry contain only numeric data. Completeness tests make sure all pertinent journal entry data is entered.

Data access security related to applications may be enforced through all the following, except:

Data access security related to applications cannot be enforced through utility software functions. Utility programs are one of the more serious "holes" in data access security since some of them can actually bypass normal access controls. Data access security related to applications may be enforced through user identification and authentication functions incorporated in the application. Although there is a migration of control of this type away from applications to other software, most of these controls still reside in application software. Data access security related to applications may be enforced through user identification and authentication functions in access control software. Access control software has as one of its primary objectives improving data access security for all data on the system. Data access security related to applications may be enforced through security functions provided by a database management system. In fact, most database management systems provide for improved data access security while they are running.

Which of the following is an encryption feature that can be used to authenticate the originator of a document and ensure that the message is intact and has not been tampered with?

Digital signatures authenticate the identity of the other party sending a message and the validity of the electronic transmission. A digital signature is a digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message is really who that person claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes.

Which of the following configurations of elements represents the most complete disaster recovery plan?

Disaster plans must include all of the following factors: - A backup for programs and data - An alternative processing site - Off-site storage of backup - Identification of critical applications - A method for testing the plan

Which of the following is considered an application input control?

Edit checks are accuracy checks performed by an edit program that test input data to make sure it is accurate and valid. It is an application control when included as part of an application program. A run control total is part of processing, not a control over input. A distribution log is a control over output, not input. An exception report (such as an error listing) can be part of processing as well as an input control.

A data and program backup procedure in which files are electronically transferred to a remote location is called:

Electronic vaulting is the process of electronically transmitting and storing backups of programs and data at a remote data storage facility.

Encryption protection is least likely to be used in which of the following situations?

Encryption protection is least likely to be used when transactions are transmitted over local area networks. Such protection makes it difficult for intercepted transmissions to be understood or modified. Encoding is important when confidential data are transmitted between geographically separated locations that can be electronically monitored. Although LANs may need encryption protection, the type of data and the described communication media make the other options appear more vulnerable. Encryption is often used when wire transfers are made between banks, confidential data are sent by satellite transmission, and financial data are sent over dedicated leased lines.

How can access to offline programs be controlled?

Establishing physical library controls is designed to restrict access to offline programs. - Use of internal labels for all programs is a control intended for program identification to preclude the use of the wrong program. - Control totals are used to assure that all transactions are processed. - Maintaining a duplicate set of programs is a procedure to insure against loss or destruction of original programs.

As part of the Sales Order Entry function within the revenue cycle, threats and controls to inventory availability must be assessed. Which of the following is not a control to inventory availability?

Excess inventory is a threat, not a control, to inventory availability. It brings additional carrying costs and may require significant markdowns. Controls over inventory availability include making periodical physical inventory accounts and creating accurate systems for sales forecasting and inventory control.

General controls in an information system include each of the following, except:

General controls do not include logic tests, which are considered application controls (i.e., controls that are embedded in business processes and transactional applications, designed to support the control objectives of completeness, accuracy, and validity). General controls ensure that an organization's overall control environment is secure and well managed, and are usually implemented, managed, and monitored by IT. These controls are embedded throughout all systems and IT policies, and represent the "foundation" upon which all application and business processes are built. General control examples include the system development life cycle (SDLC); application development security, both physical and system; system maintenance; backup and disaster recovery; and appropriate segregation of duties.

Hiring high-quality personnel and training them appropriately Hiring quality personnel is a preventive control. Quality personnel should prevent errors from occurring.

Having a second person recalculate calculations is a detective control. Establishing and practicing a disaster recovery plan is a corrective control. Procedures to ensure that errors are corrected properly are corrective controls.

A company switches all processing to an alternate site, and staff members report to the alternate site to verify that they are able to connect to all major systems and perform all core business processes from the alternate site. Which of the following best identifies the activities performed by the staff?

Having an alternate processing site is an example of disaster recovery planning since it allows processing to continue on the alternate site if something should happen to the main processing system. A disaster recovery plan is used to smoothly and quickly restore data processing capacity when there is a disaster. The other answer choices are incorrect: A closed loop refers to a mechanism whereby one party verifies the purported identity of another party by requiring them to supply a copy of a token transmitted to that identity. It is a form of authentication rather than disaster recovery. Authentication validation is a process of ensuring that proper parties are allowed to access the system. It is not related to disaster recovery. Segregation control testing is a policy to prevent individuals from accessing software or data without the collusion of another party. It is not related to disaster recovery.

Creating a CERT (computer emergency response team) is considered a corrective control. Which of the following is not a responsibility for a CERT?

Hiring an outside company with expertise in computer emergency issues may be needed, but the first line of the defense is the CERT. Organizations should have technical specialists to solve security problems, and senior operations management to make critical corrections in a timely manner.

In traditional information systems, computer operators are generally responsible for backing up software and data files on a regular basis. In distributed or cooperative systems, ensuring that adequate backups are taken is the responsibility of:

In distributed or cooperative systems, the responsibility for ensuring that adequate backups are taken is the responsibility of user management because the systems are under the control of users. In distributed environments, there will be no systems programmers comparable to those at central sites for traditional systems, there may be no data entry clerks because users are typically performing their own data entry, and there are no tape librarians.

Because of the sensitivity of its data, an online system for developing estimates and generating proposals was implemented with several layers of access control. Control over users' initial log-in is a function of the:

Initial log-in to a system is a function of the operating system-level access control software. An integrated test facility is an audit approach to validating processing. Database subschema authorizations control access to specific views of fields in a database. Access to applications and their data is a function of application level software.

Which of the following is an objective of logical security controls for information systems?

Logical security controls for information systems are used to restrict access to specific data and resources. - Input controls ensure complete and accurate recording of data. - Processing controls ensure complete and accurate processing of data. - Output controls provide an audit trail of results of processing.

In general, mainframe computer production programs and data are adequately protected against unauthorized access. Certain utility software may, however, have privileged access to software and data. To compensate for the risk of unauthorized use of privileged software, Information Systems (IS) management can:

Management can limit the use of privileged software as a means of reducing the risk of unauthorized use of that software. By limiting use, it will be easier to assume that the privileged software use was authorized and legitimate. If the privileged software is not installed, it cannot be used by anyone. Privileged software (the real versions, not test versions) is needed for some functions. Placing sensitive programs and data on isolated machines has the practical effect of making those programs and data unusable for their intended purpose(s).

All of the following are classifications of controls used to make systems more secure except:

Nonphysical access controls are not one of the five classifications of controls used to make systems more secure. The five classifications of controls used to make systems more secure are segregation of duties, physical access controls, logical access controls, personal computers and client/server network protection, and internet and telecommunications controls.

Online access controls are critical for the successful operation of today's computer systems. To assist in maintaining control over such access, many systems use tests that are maintained through an internal access control matrix which consists of:

Online access controls are absolutely essential in controlling access to and operation of modern computer systems. These controls include: user code numbers that restrict access to only authorized users, passwords that create a second barrier for access after user code numbers, and lists of files and programs along with lists of the type and extent of access a user is entitled to have to those files and programs.

Which of the following statements regarding security of electronic mail is correct?

Passwords are effective in preventing casual access to another's electronic mail. Passwords are effective against the casual intruder. Messages on the internet are not encrypted. It is the sender and receiver's responsibility to encrypt confidential information. If someone gains access to the server, they can download the file of messages and gain access to the messages without working with any security log. Discretionary access does not completely eliminate the need for passwords.

Which of the following is not a database protection mechanism for data processing and storage controls?

Reconciling systems updates to control reports as a reconciliation procedure should be done on a regular basis, but it is not a data protection mechanism. Database protection mechanisms include a data dictionary to make sure that data is defined and used consistently, procedures for assessing and updating the database, and concurrent update controls to prevent multiple-user issues.

Which of the following is necessary to determine what would constitute a disaster for an organization?

Risk analysis is necessary to determine an organization's definition of a disaster. System backup analysis, vendor supply agreement analysis, and contingent facility contract analysis are contingency planning strategies to react to a disaster.

To ensure the completeness of update in an online system, separate totals are accumulated for all transactions processed throughout the day. The computer then agrees these totals to the total of items accepted for processing. This is an example of:

Run-to-run controls for an online system are able to accumulate separate totals for all transactions processed during the day and then agree the totals to the total of items accepted for processing. -Computer matching compares transaction data to referenced fields or records. -Computer sequence checks identify changes or breaks in a numerical sequence. -One-for-one checking generally requires manual comparisons of input data elements to processing results.

A corrective control solves problems after they are discovered. Which of the following is the best example of a corrective control?

Storing backup copies of files is a corrective control because it offers a solution once an event has caused issues to arise with the original files. Bank reconciliations and monthly trial balances are detective controls and segregating employees is a preventive control.

Managers at a consumer products company purchased personal computer (PC) software only from recognized vendors and prohibited employees from installing non-authorized software on their PCs. To minimize the likelihood of computer viruses infecting any of its systems, the company should also:

The best way for the company to minimize the likelihood of computer viruses infecting its systems would be to test all new software on a stand-alone PC before installing it on networked computers in the system.

A total interruption of processing throughout a distributed information technology system can be minimized through the use of:

The capability to continue processing at all sites except a non functioning one is called fail-soft protection, an advantage of distributed systems. - Exception reporting can be used to control correctness and timeliness of updates but cannot minimize the impact of an interruption. - Backup procedures are intended to prevent the recovery process from introducing any erroneous changes into the system after computer failure. Data file security is intended to prevent unauthorized changes to data files.

The use of message encryption software:

The machine instructions necessary to encrypt and decrypt data constitute system overhead, which means that processing may be slowed down. No encryption approach absolutely guarantees the secrecy of data in transmission although encryption approaches are considered to be less amenable to being broken than others. Keys may be distributed manually, but they may also be distributed electronically via secure key transporters. Using encryption software does not reduce the need for periodic password changes because passwords are the typical means of validating users' access to unencrypted data.

A new accounts receivable clerk, working for a wholesaler, noticed that a customer had apparently changed addresses. The clerk had accessed the customer's computer file and revised all addresses. One week later the customer complained that goods were being sent to the wrong address. The primary control to prevent this occurrence is:

The primary control to prevent someone from accessing the customer's computer file and revising all addresses is database security. Proper security would prevent changes by an accounts receivable clerk.

An equipment manufacturer maintains dial-up ports into its order entry system for the convenience of its customers worldwide so they may order parts as they need them. The manufacturer promises 48-hour delivery anywhere in the world for 95% of these parts orders. Due to the cost and sensitive nature of certain electronic parts, the manufacturer needs to maintain secure access to its order entry system. The best technique for monitoring the security of access is:

The system should monitor unsuccessful attempts to use the order entry system since repeated attempts could suggest someone is trying random or patterned character sequences in order to identify a password. Integrated test facility (ITF) is a technique by which an auditor selects transactions and processing functions and applies them to a fictitious entity during a normal processing cycle, along with regular transactions. ITF has no ability to determine whether the data themselves are legitimate. Tracing follows the path of a transaction during processing but is inadequate to determine whether a transaction is legitimate. Transaction selection uses an independent computer program to monitor and select transactions for internal audit review. Like tracing, it fails to determine whether a transaction is legitimate.

In the organization of the information systems function, the most important segregation of duties is:

Those responsible for programming a system, the programmers as well as the systems analysts, are able to modify programs and files and should therefore have no ability to access the programs, files or the equipment that handles them. Because of the ability to change a program or file, a great potential for irregularities exists. Therefore, the most important separation of duties in an information system is the separation of programming from processing.

A company employing an online computer system has CRT terminals located in all operating departments for inquiry and updating purposes. Many of the company's employees have access to and are required to use the CRT terminals. A control the company would incorporate to prevent an employee from making an unauthorized change to computer records unrelated to that employee's job would be to:

Use of a compatibility test for users would assure that an employee used a CRT only for purposes related to that employee's job description. For example, an accounts receivable clerk would not be allowed access to inventory or fixed asset records since those records would not be compatible with the duties of an accounts receivable clerk.

In a continuous improvement environment, automated monitoring of controls is:

While automated monitoring of controls is helpful in creating an environment of continuous improvement, it is not necessary. Manual monitoring of controls can also help identify areas of process or control inefficiencies or ineffectiveness.

Greater reliance of management on information systems increases the exposure to:

business interruption. As management relies more on information systems for crucial functions, system failures have the potential to interrupt business.

Backup computer and telecommunication facilities can be arranged by all of the following, except:

establishing reciprocal agreements with other companies that have compatible features. Computer backups and telecommunications facilities are key to any business. Having contingency plans allows for a company to get "online" as quickly as possible by establishing reciprocal agreements and a cold site and/or hot site. Backup computer and telecommunications facilities can be arranged by: - investing in duplicate/redundant (not nonredundant) hardware, software, or data storage devices for critical applications; - establishing reciprocal agreements with other companies that have compatible facilities so each company can use the other's computers if an emergency occurs; - signing a contract for a contingent site (a hot site is configured to meet user requirements; - a cold site having everything needed to quickly install a computer (power, air conditioning, and support systems); and/or - establishing a fail-soft distributing processing capacity so other company facilities can take over if one location is damaged or destroyed.