AIS CHAPTER 13
Paper documents should be defaced, for example, by stamping them "paid." Electronic documents can be similarly "canceled" by setting a flag field to indicate that the document has already been processed.
.
parity checkign
A data transmission control in which the receiving device recalculates the parity bit to verify accuracy of transmitted data
Define checksum
A data transmission control that uses a hash of a file to verify accuracy.
Define hot site
A disaster recovery option that relies on access to a completely operational alternative data center not only prewired but also contains all necessary hardware and software.
Define cold site
A disaster recovery option that relies on access to an alternative facility prewired for necessary telephone and Internet access, but does not contain any computing equipment.
Define redundant arrays of independent drives (RAID)
A fault tolerance technique that records data on multiple disk drives instead of just one to reduce the risk of data loss.
Define business continuity plan
A plan that specifies how to resume all business processes in the event of a major calamity.
Define disaster recovery plan
A plan to restore an organization's IT capability in the event its data center is destroyed.
Define cross footing balance test
A processing control that verifies accuracy by comparing two alternative ways of calculating the same total.
Define zero balance tets
A processing control that verifies that the balance of a control account equals zero after all entries to it have been made.
Define hash total
A type of batch total generated by summing values for a field that would not usually be totaled.
Define financial total
A type of batch total that equals the sum of a field that contains monetary values. (ex: total dollar amount of all sales)
Define differential backup
A type of partial backup that involves copying all changes made since the last full backup. Thus, each new differential backup file contains the cumulative effects of all activity since the last full backu
Define incremental backup
A type of partial backup that involves copying only the data items that have changed since the last partial backup. This produces a set of incremental backup files, each containing the results of one day's transactions
Define uninterruptible power supply
An alternative power supply device that protects against the loss of power and fluctuations in the power level by using battery power to enable the system to operate long enough to back up critical data and safely shut down.
Define reasonableness test
An edit check of the logical correctness of relationships among data items.
Define size check
An edit check that ensures the input data will fit into the assigned field
Define limit check
An edit check that tests a numerical amount against a fixed value.
Define Range Check
An edit check that tests whether a data item falls within predetermined upper and lower limits.
Define field checks
An edit check that tests whether the characters in a field are of the correct field type (e.g., numeric data in numeric fields).
Define completeness check (or test)
An edit check that verifies that all data required have been entered
Define sign check
An edit check that verifies that the data in a field have the appropriate arithmetic sign.
Define validity check
An edit test that compares the ID code or account number in transaction data with similar data in the master file to verify that the account exists.
Define transpositon error
An error that results when numbers in two adjacent columns are inadvertently exchanged (for example, 64 is written as 46).
Define closed loop verification
An input validation method that uses data entered into the system to retrieve and display other related information so that the data entry person can verify the accuracy of the input data.
Define prompting
An online data entry completeness check that requests each required item of input data and then waits for an acceptable response before requesting the next required item
Define concurrent update controls
Controls that lock out users to protect individual records from errors that could occur if multiple users attempted to update the same record simultaneously.
External data reconciliation
Database totals should periodically be reconciled with data maintained outside the system. For example, the number of employee records in the payroll file can be compared with the total number of employees in the human resources database to detect attempts to add fictitious employees to the payroll database. Similarly, inventory on hand should be physically counted and compared to the quantity on hand recorded in the database. The results of the physical count should be used to update the recorded amounts and significant discrepancies should be investigated.
Define file labels
File labels need to be checked to ensure that the correct and most current files are being updated.
Example of range check
For example, a marketing promotion might be directed only to prospects with incomes between $50,000 and $99,999
Example of validity check
For example, if product number 65432 is entered on a sales order, the computer must verify that there is indeed a product 65432 in the inventory database.
example of hash total
For example, it is possible to sum up the invoice numbers in a batch of sales transactions but the result is meaningless; its only purpose is to serve as an input control.
Example of reasonableness test
For example, overtime hours should be zero for someone who has not worked the maximum number of regular hours in a pay period
Example of write protection mechanisms
For example, radio frequency identification (RFID) tags used to track inventory need to be write-protected so that unscrupulous customers cannot change the price of merchandise.
Example of completeness check
For example, sales transaction records should not be accepted for processing unless they include the customer's shipping and billing addresses
Example of limit check
For example, the regular hours-worked field in weekly payroll input must be less than or equal to 40 hours. Similarly, the hourly wage field should be greater than or equal to the minimum wage.
Example size check
For example, the value 458,976,253 will not fit in an eight-digit field.
Define check digit
ID numbers (such as inventory item number) can contain a check digit computed from the other digits For example, the system could assign each new inventory item a nine-digit number, then calculate a tenth digit from the original nine and append that calculated number to the original nine to form a 10-digit part number.
Define data matching
In certain cases, two or more items of data must be matched before an action can take place. ***For example, before paying a vendor, the system should verify that information on the vendor invoice matches information on both the purchase order and the receiving report.
Define real time mirroring
Maintaining complete copies of a database at two separate data centers and updating both copies in real time as each transaction occurs.
Data transmission controls
Organizations also need to implement controls designed to minimize the risk of data transmission errors. Whenever the receiving device detects a data transmission error, it requests the sending device to retransmit that data. Generally, this happens automatically, and the user is unaware that it has occurred. For example, the Transmission Control Protocol (TCP) discussed in chapter 11, assigns a sequence number to each packet and uses that information to verify that all packets have been received and to reassemble them in the correct order.
Reconciliation procedures
Periodically, all transactions and other system updates should be reconciled to control reports, file status/update reports, or other control mechanisms. In addition, general ledger accounts should be reconciled to subsidiary account totals on a regular basis. For example, the balance of the inventory control account in the general ledger should equal the sum of the item balances in the inventory database. The same is true for the accounts receivable, capital assets, and accounts payable control accounts.
Define check digit verification
Recalculating a check digit to verify that a data entry error has not been made.
Define fault tolerance
The capability of a system to continue performing when there is a hardware failure
Define batch totals
The sum of a numerical item for a batch of documents, calculated prior to processing the batch, when the data are entered, and subsequently compared with computer-generated totals after each processing step to verify that the data was processed correctly.
User review of output
Users should carefully examine system output to verify that it is reasonable and complete, and that they are the intended recipients.
Batch processing works more efficiently if the transactions are sorted so that the
accounts affected are in the same sequence as records are stored in the master file. For example, accurate batch processing of sales transactions to update customer account balances requires that the sales transactions file first be sorted by customer account number
Companies use turnaround documents to eliminate the need for
an external party to submit information that the organization already possesses, such as the customer's account number Instead, that data is preprinted in machine-readable format on the turnaround document. An example is a utility bill that a special scanning device reads when the bill is returned with a payment
Define parity bit
an extra digit added to the beginning of every character that can be used to check transmission accuracy.
Blockchain
blockchains provide a way to ensure that validated transactions and documents are not altered. Integrity is assured by hashing the contents of each block and then storing multiple copies of the entire chain on different devices.
2 other common data transmission controls are
checksums and parity bits
Cancellation does NOT mean
disposal
Batch totals should be recomputed as
each transaction record is processed, by comparing a running total calculated during processing to the corresponding batch total calculated during input and stored in the trailer record
Turnaround documents improves accuracy by
eliminating the potential for input errors when entering data manually
Full Backup
exact copy of the entire database. Full backups are time-consuming, so most organizations only do full backups weekly and supplement them with daily partial backups
Source documents that have been entered into the system should be canceled so they cannot be
inadvertently or fraudulently reentered into the system
Define transaction log
includes a detailed record of all transactions, including a unique transaction identifier, the date and time of entry, and who entered the transaction. If an online file is damaged, the transaction log can be used to reconstruct the file.
Data backup procedures are designed to deal with situations where
information is not accessible because the relevant files or databases have become corrupted as a result of hardware failure, software problems, or human error, but the information system itself is still functioning
Define header record
located at the beginning of each file and contains the file name, expiration date, and other identification data.
Prenumbering improves control by
making it possible to verify that no documents are missing
Define record count
number of records in a batch
Example of field check
or example, a check on a field that is supposed to contain only numeric values, such as a U.S. zip code, would indicate an error if it contained alphabetic characters.
Write protection mechanisms protect against the
overwriting or erasing of data files stored on magnetic media protect master files from accidentally being damaged
Define trailer record
s located at the end of the file; in transaction files it contains the batch totals calculated during input.
All source documents should be
sequentially prenumbered
odd parity
the parity bit is set so that an odd number of bits in the character have the value 1. For example, the digits 5 and 7 can be represented by the seven-bit patterns 0000101 and 0000111, respectively.
even parity
the parity bit is set so that each character has an even number of bits with the value 1
example of sign check
the quantity-ordered field should never be negative.
