Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 8: Controlling Information Systems: Introduction to Pervasive Controls

Full screen (f)
exit full mode
Question
As an IT resource, applications are automated systems and manual procedures that process information.
Use Space or
up arrow
down arrow
to flip the card.
Question
Within the data center, the data librarian function grants access to programs, data, and documentation to authorized personnel only.
Question
As used in the text, the information systems organization (function) is synonymous with the accounting function.
Question
As an IT resource, information includes data in all their forms that are input, processed and output by information systems.
Question
The chief information officer (CIO) prioritizes and selects IT projects and resources.
Question
The functions of the security officer commonly include assigning passwords and working with human resources to ensure proper interview practices are conducted during the hiring process.
Question
The function composed of people, procedures, and equipment that is typically called the information systems department, IS department, or the IT department is the information systems organization.
Question
A small organization that does not have enough personnel to adequately segregate duties must rely on alternative controls, commonly called resource controls.
Question
The IS function with the principal responsibilities of insuring the security of all information systems function resources is data control.
Question
The IS function with the responsibility of guiding the IT organization in establishing and meeting user information requirements is the IT steering committee.
Question
The system of controls used in this text consists of the control environment, pervasive control plans, IT general controls, and business process (and application) control plans.
Question
The policy of requiring an employee to alternate jobs periodically is known as forced vacations.
Question
Individual departments coordinate the organizational and IT strategic planning processes and reviews and approves the strategic IT plan.
Question
Segregation of duties consists of separating the four functions of authorizing events, executing events, recording events, and safeguarding the resources resulting from consummating the events.
Question
IT governance leads to better organizational performance such as profitability.
Question
The IS function of systems development provides efficient and effective operation of the computer equipment by performing tasks such as mounting tapes and disks, loading printer paper, and responding to computer messages.
Question
Combining the functions of authorizing and executing events is a violation of the organizational control plan known as segregation of duties.
Question
Embezzlement is a fraud committed by two or more individuals or departments.
Question
The IS function of quality assurance conducts reviews to ensure the attainment of IT customer requirements.
Question
Within the data center, the data control group is responsible for routing all work into and out of the data center, correcting errors, and monitoring error correction.
Question
Program documentation provides a description of an application computer program and usually includes the program's purpose, program flowcharts, and source code listings.
Question
According to COSO, most organizations are adequately monitoring operations.
Question
Biometric identification systems identify authorized personnel through some unique physical trait such as fingers, hands, voice, eyes, face, or writing dynamics.
Question
Systems documentation provides an overall description of the application, including the system's purpose; an overview of system procedures; and sample source documents, outputs, and reports.
Question
Data encryption is a process that codes data to make it readable to human eye.
Question
The user manual gives detailed instructions to computer operators and to data control about a particular application.
Question
A fidelity bond indemnifies a company in case it suffers losses from defalcations committed by its employees.
Question
Antivirus is a technique to protect one network from another "untrusted" network.
Question
In a logic bomb attack, a Web site is overwhelmed by an intentional onslaught of thousands of simultaneous messages, making it impossible for the attacked site to engage in its normal activities.
Question
Forced vacations is a policy of requiring an employee to take leave from the job and substituting another employee in his or her place.
Question
Business continuity planning is the process that identifies events that may threaten an organization and provide a framework whereby the organization will continue to operate or resume operations with a minimum of disruption.
Question
The most common biometric devices perform retinal eye scans.
Question
Continuity is the process of using backup measures to restore lost data and resume operations.
Question
The disaster backup and recovery technique known as electronic vaulting is a service whereby data changes are automatically transmitted over the Internet on a continuous basis to an off-site server maintained by a third party.
Question
Training materials help users learn their jobs and perform consistently in those jobs.
Question
The operations run manual describes user procedures for an application and assists the user in preparing inputs and using outputs.
Question
A facility usually comprised of air-conditioned space with a raised floor, telephone connections, and computer ports, into which a subscriber can move equipment, is called a hot site.
Question
With continuous data protection (CDP) all data changes are data stamped and saved to secondary systems as the changes are happening.
Question
Program change controls provide assurance that all modifications to programs are authorized and that the changes are completed, tested, and properly implemented.
Question
The disaster recovery strategy known as a cold site is a fully equipped data center that is made available to client companies for a monthly subscriber fee.
Question
Periodic cleaning, testing, and adjusting of computer equipment is referred to as preventative maintenance.
Question
An intrusion-detection systems (IDS) logs and monitors who is on or trying to access the network.
Question
COBIT was developed to:

A)provide guidance to managers, users, and auditors on the best practices for the management of information technology
B)identify specific control plans that should be implemented to reduce the occurrence of fraud
C)specify the components of an information system that should be installed in an e-commerce environment
D)suggest the type of information that should be made available for management decision making
Question
The department or function that develops and operates an organization's information systems is often called the:

A)information systems organization
B)computer operations department
C)Controller's office
D)computer technology branch
Question
In an information systems organization, all of the following functions might logically report to the data center manager except:

A)data control
B)computer operations
C)data librarian
D)quality assurance
Question
Access control software ensures that only authorized users gain access to a system through a process
of identification and authentication.
Question
The use of IT resources for enterprise systems and e-business

A)magnifies the importance of protecting the resources both within and outside of the organization from risks
B)magnifies the importance of protecting the resources both within but not outside the of the organization from risks
C)makes it easier to provide internal control risk when IT resources are interlinked
D)none of the above
Question
Application controls restrict access to data, programs, and documentation.
Question
____ can consist of many computers and related equipment connected together via a network.

A)PCs
B)Servers
C)LAN
D)Firewall
Question
In an information systems organization structure, the three functions that might logically report directly to the CIO would be:

A)systems development, technical services, and data center
B)systems development, database administration, and data center
C)systems development, technical services, and data librarian
D)applications programming, technical services, and data center
Question
Computer hacking and cracking is the intentional, unauthorized access to an organization's computer system, accomplished by bypassing the system's access security controls.
Question
Pervasive control plans:

A)are unrelated to applications control plans
B)are a subset of applications control plans
C)influence the effectiveness of applications control plans
D)increase the efficiency of applications control plans
Question
Which of the following IT resources includes hardware, operating systems, DBMSs, and networking?

A)Information
B)Applications
C)Infrastructure
D)People
Question
Top 10 security and privacy concerns reported by managers from 63 countries include all the following except:

A)disaster recovery/business continuity
B)the Internet
C)data backup
D)overall information security strategy
Question
Top 10 management concerns about IT's capability to support an organization's vision and strategy include all except the following:

A)IT and business alignment
B)security and privacy
C)the Internet
D)retaining IT professionals
Question
In an information systems organization, which of the following reporting relationships makes the least sense?

A)the data center manager reports to the CIO.
B)the systems development manager reports to the data center manager.
C)database administration reports to the technical services manager.
D)the data librarian reports to the data center manager.
Question
Threat monitoring is a technique to protect one network from another "untrusted" network.
Question
Automated systems and manual procedures that process information are called this IT resource:

A)Information
B)Applications
C)Infrastructure
D)People
Question
Data in all their forms that are input, processed, and output by information system are called this IT resource:

A)Information
B)Applications
C)Infrastructure
D)People
Question
Intrusion-prevention systems (IPS) actively block unauthorized traffic using rules specified by the organization.
Question
A warehouse supervisor prepares a sales order listing items to be shipped to a customer and then signs it authorizing the removal of the items from the warehouse.The supervisor is performing which functions?

A)authorizing events and safeguarding of resources
B)executing and recording events
C)authorizing and executing events
D)authorizing and recording events
Question
A key control concern is that certain people within an organization have easy access to applications programs and data files.The people are:

A)data librarians
B)systems programmers
C)systems development
D)data center managers
Question
In an information systems organizational structure, the function of ____ is the central point from which to control data and is a central point of vulnerability.

A)data control
B)data entry
C)data librarian
D)database administration
Question
The control concern that there will be a high risk of data conversion errors relates primarily to which of the following information systems functions?

A)data control
B)data entry
C)data librarian
D)database administration
Question
Which of the following has the responsibility of efficient and effective operation of IT?

A)steering committee
B)security officer
C)CIO
D)systems development manager
Question
The segregation of duties control plan consists of separating all of the following event-processing functions except:

A)planning events
B)authorizing events
C)executing events
D)recording events
Question
Which of the following has the responsibility to ensure the security of all IT resources?

A)steering committee
B)security officer
C)CIO
D)systems development manager
Question
Which of the following is not one of COBIT's four broad IT control process domains?

A)plan and organize
B)acquire and implement
C)repair and replace
D)monitor and evaluate
Question
Which of the following has the major duties of prioritizing and selecting IT projects and resources

A)steering committee
B)security officer
C)CIO
D)systems development manager
Question
An employee of a warehouse is responsible for taking a computer-generated shipping list, pulling the items from the warehouse shelves and placing them in a bin which is transferred to shipping when the list is completely filled.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Question
Which of the following is not a strategic planning process?

A)IT-related requirements to comply with industry, regulatory, legal, and contractual obligations, including privacy, transborder data flows, e-business, and insurance contracts.
B)Acquisition and development schedules for hardware, software, and application systems and for personnel and financial requirements.
C)Systems development life cycle adoption to ensure that comprehensive documentation is developed for each application.
D)An inventory of current IT capabilities.
Question
A clerk receives checks and customer receipts in the mail.He endorses the checks, fills out the deposit slip, and posts the checks to the cash receipts events data.The clerk is exercising which functions?

A)recording and executing events
B)authorizing and executing events
C)recording and authorizing events
D)safeguarding of resources and authorizing events
Question
The data entry clerk types data from an order form into an on-line computer through a pre-formatted screen.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Question
Managing functional units such as networks, CAD/CAM and systems programming typically is a major duty of:

A)data center manager
B)systems development
C)technical services manager
D)database administrator
Question
An outside auditing firm annually supervises a physical count of the items in a retail store's shelf inventory.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Question
The controlled access to data, programs, and documentation is a principal responsibility of which of the following functions?

A)data control
B)data preparation (data entry)
C)data librarian
D)computer operator
Question
Approving a customer credit purchase would be an example of which basic events processing function?

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Question
A warehouse clerk manually completing an order document and forwarding it to purchasing for approval is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Question
From the standpoint of achieving the operations system control goal of security of resources, which of the following segregation of duties possibilities is least important?

A)between systems programming and computer operations
B)between data control and data preparation personnel
C)between systems development and computer operators
D)between technical services and data center
Question
Which one of the following personnel is not involved in safeguarding resources resulting from consummating events?

A)security officer
B)technical service manager
C)database administrator
D)Chief Information Officer
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/157
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 8: Controlling Information Systems: Introduction to Pervasive Controls
1
As an IT resource, applications are automated systems and manual procedures that process information.
True
2
Within the data center, the data librarian function grants access to programs, data, and documentation to authorized personnel only.
True
3
As used in the text, the information systems organization (function) is synonymous with the accounting function.
False
4
As an IT resource, information includes data in all their forms that are input, processed and output by information systems.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
5
The chief information officer (CIO) prioritizes and selects IT projects and resources.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
6
The functions of the security officer commonly include assigning passwords and working with human resources to ensure proper interview practices are conducted during the hiring process.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
7
The function composed of people, procedures, and equipment that is typically called the information systems department, IS department, or the IT department is the information systems organization.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
8
A small organization that does not have enough personnel to adequately segregate duties must rely on alternative controls, commonly called resource controls.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
9
The IS function with the principal responsibilities of insuring the security of all information systems function resources is data control.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
10
The IS function with the responsibility of guiding the IT organization in establishing and meeting user information requirements is the IT steering committee.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
11
The system of controls used in this text consists of the control environment, pervasive control plans, IT general controls, and business process (and application) control plans.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
12
The policy of requiring an employee to alternate jobs periodically is known as forced vacations.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
13
Individual departments coordinate the organizational and IT strategic planning processes and reviews and approves the strategic IT plan.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
14
Segregation of duties consists of separating the four functions of authorizing events, executing events, recording events, and safeguarding the resources resulting from consummating the events.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
15
IT governance leads to better organizational performance such as profitability.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
16
The IS function of systems development provides efficient and effective operation of the computer equipment by performing tasks such as mounting tapes and disks, loading printer paper, and responding to computer messages.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
17
Combining the functions of authorizing and executing events is a violation of the organizational control plan known as segregation of duties.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
18
Embezzlement is a fraud committed by two or more individuals or departments.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
19
The IS function of quality assurance conducts reviews to ensure the attainment of IT customer requirements.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
20
Within the data center, the data control group is responsible for routing all work into and out of the data center, correcting errors, and monitoring error correction.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
21
Program documentation provides a description of an application computer program and usually includes the program's purpose, program flowcharts, and source code listings.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
22
According to COSO, most organizations are adequately monitoring operations.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
23
Biometric identification systems identify authorized personnel through some unique physical trait such as fingers, hands, voice, eyes, face, or writing dynamics.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
24
Systems documentation provides an overall description of the application, including the system's purpose; an overview of system procedures; and sample source documents, outputs, and reports.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
25
Data encryption is a process that codes data to make it readable to human eye.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
26
The user manual gives detailed instructions to computer operators and to data control about a particular application.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
27
A fidelity bond indemnifies a company in case it suffers losses from defalcations committed by its employees.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
28
Antivirus is a technique to protect one network from another "untrusted" network.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
29
In a logic bomb attack, a Web site is overwhelmed by an intentional onslaught of thousands of simultaneous messages, making it impossible for the attacked site to engage in its normal activities.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
30
Forced vacations is a policy of requiring an employee to take leave from the job and substituting another employee in his or her place.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
31
Business continuity planning is the process that identifies events that may threaten an organization and provide a framework whereby the organization will continue to operate or resume operations with a minimum of disruption.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
32
The most common biometric devices perform retinal eye scans.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
33
Continuity is the process of using backup measures to restore lost data and resume operations.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
34
The disaster backup and recovery technique known as electronic vaulting is a service whereby data changes are automatically transmitted over the Internet on a continuous basis to an off-site server maintained by a third party.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
35
Training materials help users learn their jobs and perform consistently in those jobs.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
36
The operations run manual describes user procedures for an application and assists the user in preparing inputs and using outputs.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
37
A facility usually comprised of air-conditioned space with a raised floor, telephone connections, and computer ports, into which a subscriber can move equipment, is called a hot site.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
38
With continuous data protection (CDP) all data changes are data stamped and saved to secondary systems as the changes are happening.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
39
Program change controls provide assurance that all modifications to programs are authorized and that the changes are completed, tested, and properly implemented.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
40
The disaster recovery strategy known as a cold site is a fully equipped data center that is made available to client companies for a monthly subscriber fee.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
41
Periodic cleaning, testing, and adjusting of computer equipment is referred to as preventative maintenance.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
42
An intrusion-detection systems (IDS) logs and monitors who is on or trying to access the network.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
43
COBIT was developed to:

A)provide guidance to managers, users, and auditors on the best practices for the management of information technology
B)identify specific control plans that should be implemented to reduce the occurrence of fraud
C)specify the components of an information system that should be installed in an e-commerce environment
D)suggest the type of information that should be made available for management decision making
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
44
The department or function that develops and operates an organization's information systems is often called the:

A)information systems organization
B)computer operations department
C)Controller's office
D)computer technology branch
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
45
In an information systems organization, all of the following functions might logically report to the data center manager except:

A)data control
B)computer operations
C)data librarian
D)quality assurance
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
46
Access control software ensures that only authorized users gain access to a system through a process
of identification and authentication.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
47
The use of IT resources for enterprise systems and e-business

A)magnifies the importance of protecting the resources both within and outside of the organization from risks
B)magnifies the importance of protecting the resources both within but not outside the of the organization from risks
C)makes it easier to provide internal control risk when IT resources are interlinked
D)none of the above
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
48
Application controls restrict access to data, programs, and documentation.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
49
____ can consist of many computers and related equipment connected together via a network.

A)PCs
B)Servers
C)LAN
D)Firewall
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
50
In an information systems organization structure, the three functions that might logically report directly to the CIO would be:

A)systems development, technical services, and data center
B)systems development, database administration, and data center
C)systems development, technical services, and data librarian
D)applications programming, technical services, and data center
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
51
Computer hacking and cracking is the intentional, unauthorized access to an organization's computer system, accomplished by bypassing the system's access security controls.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
52
Pervasive control plans:

A)are unrelated to applications control plans
B)are a subset of applications control plans
C)influence the effectiveness of applications control plans
D)increase the efficiency of applications control plans
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
53
Which of the following IT resources includes hardware, operating systems, DBMSs, and networking?

A)Information
B)Applications
C)Infrastructure
D)People
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
54
Top 10 security and privacy concerns reported by managers from 63 countries include all the following except:

A)disaster recovery/business continuity
B)the Internet
C)data backup
D)overall information security strategy
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
55
Top 10 management concerns about IT's capability to support an organization's vision and strategy include all except the following:

A)IT and business alignment
B)security and privacy
C)the Internet
D)retaining IT professionals
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
56
In an information systems organization, which of the following reporting relationships makes the least sense?

A)the data center manager reports to the CIO.
B)the systems development manager reports to the data center manager.
C)database administration reports to the technical services manager.
D)the data librarian reports to the data center manager.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
57
Threat monitoring is a technique to protect one network from another "untrusted" network.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
58
Automated systems and manual procedures that process information are called this IT resource:

A)Information
B)Applications
C)Infrastructure
D)People
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
59
Data in all their forms that are input, processed, and output by information system are called this IT resource:

A)Information
B)Applications
C)Infrastructure
D)People
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
60
Intrusion-prevention systems (IPS) actively block unauthorized traffic using rules specified by the organization.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
61
A warehouse supervisor prepares a sales order listing items to be shipped to a customer and then signs it authorizing the removal of the items from the warehouse.The supervisor is performing which functions?

A)authorizing events and safeguarding of resources
B)executing and recording events
C)authorizing and executing events
D)authorizing and recording events
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
62
A key control concern is that certain people within an organization have easy access to applications programs and data files.The people are:

A)data librarians
B)systems programmers
C)systems development
D)data center managers
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
63
In an information systems organizational structure, the function of ____ is the central point from which to control data and is a central point of vulnerability.

A)data control
B)data entry
C)data librarian
D)database administration
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
64
The control concern that there will be a high risk of data conversion errors relates primarily to which of the following information systems functions?

A)data control
B)data entry
C)data librarian
D)database administration
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
65
Which of the following has the responsibility of efficient and effective operation of IT?

A)steering committee
B)security officer
C)CIO
D)systems development manager
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
66
The segregation of duties control plan consists of separating all of the following event-processing functions except:

A)planning events
B)authorizing events
C)executing events
D)recording events
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
67
Which of the following has the responsibility to ensure the security of all IT resources?

A)steering committee
B)security officer
C)CIO
D)systems development manager
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
68
Which of the following is not one of COBIT's four broad IT control process domains?

A)plan and organize
B)acquire and implement
C)repair and replace
D)monitor and evaluate
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
69
Which of the following has the major duties of prioritizing and selecting IT projects and resources

A)steering committee
B)security officer
C)CIO
D)systems development manager
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
70
An employee of a warehouse is responsible for taking a computer-generated shipping list, pulling the items from the warehouse shelves and placing them in a bin which is transferred to shipping when the list is completely filled.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
71
Which of the following is not a strategic planning process?

A)IT-related requirements to comply with industry, regulatory, legal, and contractual obligations, including privacy, transborder data flows, e-business, and insurance contracts.
B)Acquisition and development schedules for hardware, software, and application systems and for personnel and financial requirements.
C)Systems development life cycle adoption to ensure that comprehensive documentation is developed for each application.
D)An inventory of current IT capabilities.
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
72
A clerk receives checks and customer receipts in the mail.He endorses the checks, fills out the deposit slip, and posts the checks to the cash receipts events data.The clerk is exercising which functions?

A)recording and executing events
B)authorizing and executing events
C)recording and authorizing events
D)safeguarding of resources and authorizing events
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
73
The data entry clerk types data from an order form into an on-line computer through a pre-formatted screen.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
74
Managing functional units such as networks, CAD/CAM and systems programming typically is a major duty of:

A)data center manager
B)systems development
C)technical services manager
D)database administrator
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
75
An outside auditing firm annually supervises a physical count of the items in a retail store's shelf inventory.This is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
76
The controlled access to data, programs, and documentation is a principal responsibility of which of the following functions?

A)data control
B)data preparation (data entry)
C)data librarian
D)computer operator
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
77
Approving a customer credit purchase would be an example of which basic events processing function?

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
78
A warehouse clerk manually completing an order document and forwarding it to purchasing for approval is an example of:

A)authorizing events
B)executing events
C)recording events
D)safeguarding resources
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
79
From the standpoint of achieving the operations system control goal of security of resources, which of the following segregation of duties possibilities is least important?

A)between systems programming and computer operations
B)between data control and data preparation personnel
C)between systems development and computer operators
D)between technical services and data center
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
80
Which one of the following personnel is not involved in safeguarding resources resulting from consummating events?

A)security officer
B)technical service manager
C)database administrator
D)Chief Information Officer
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 157 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree