Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
70 Cards in this Set
- Front
- Back
What is Information System? |
It processes data and transactions to provide user with information they need to:
Plan, Control and Operate an Organization |
|
What does IT system do?
|
1. Collect transactions and data
2. Enter it into information system 3. Processing the data 4. Provide user with information 5. Control the process |
|
What does Management Informationystem do?
|
a systems designed to provide past, present, future informaiton for planning, organization and controll the operation of an organization
|
|
Decision Support System
|
Computer based info. system that combines models and data to resolve nonstructured probelmes with extensive user involvement
|
|
Typses of IT system
|
1. Transaction processing system
2. Management reproting system i. mgmt info system ii. decision support system iii. Expert system iv. executive info system |
|
Expert System
|
Computer system that apply reasoning methods to data in a relatively structured way to render advice/recommendaton much like human expert
|
|
Executive Information system
|
Computerized systems that are specifically designed to support executive work
|
|
System development life cycle (7)
|
1. Planning
2. Analysis 3. Design 4. Development 5. testing 6. Implementation 7. maintenance |
|
Planning Phase
|
1. Define the system
2. Determine project scope 3. Develope project plan |
|
Defination Phase
|
Identify and select the system to be developed based on stretegic goal of organization
|
|
Determine Project scope
|
high level requirements are defined
|
|
Development Phase
|
Project plan defines activities to be performed, individual and resources to be used, establishes project milestone
|
|
Analysis Phase
|
Need assesment
Gap assesment Gap priorties established |
|
Design Phase
|
Technical blue print
|
|
Development Phase
|
Transformed to actual system
|
|
Types of testing phase
|
1. unit testing - unit/piece of code testing
2. System testing- integration of units 3. Integreation testing - can seperate system work together 4. user acceptance - system meets business requirements |
|
Types of Implementation
|
1. Parallel Implementation
2. Plunge Implementation 3. Pilot Implementation 4. Phase Implementation |
|
Maintenance Phase
|
1. Monitories and supporting new system
2. Ongoing training 3. Help desk resource 4. System of making authorized and tested changes |
|
where is Application and Program Data saved?
|
RAM - Random Access memory (part of primary memory)
|
|
What are the 3 funcion of CPU
|
1. Fetch instruciton and data
2. Decode instruction 3. Carry out instruction |
|
What does control unit do?
|
1. Inteprets program instruction
2. Coding, input, output and storage device |
|
Types of Softwares
|
1. System Software
a. Operating system b. utitlity program c. Communication software 2. Application software a. word/graphic b. accounting softwared (lowend, highend, ERP) |
|
Advantages of ERP
|
1. Integration of various portion of the Informaton system
2. Direct ecommerce with suppliers customers 3. Increased responsiveneess to information request to decision making |
|
Disadvantages of ERP
|
1. Complexity
2. Cost 3. Integration with suppliers and customers may be difficult |
|
Complier
|
Produces a machine language object program form a source program language
|
|
Batch processing
|
Transactions flow through the system in groups of like data.
Leaves easy to follow trail |
|
Online real-time processing
|
AKA direct access processing
Transactions are process i order they occured |
|
Types of online realtime processing
|
OLTP - Online transaction processing
OLAP - Online analystica processing (allow user to query the system) |
|
Data mining
|
Using sophisticated techniques from statistical, artificial intellegence and computer graphics to explain, confirm and explore relationship between data
|
|
Artificial Intellegence
|
1. Computer system designed to help human make decision
2. sesigned to model aspect of human thought on computed 3. deals with decision mode using structured approaches |
|
Expert System
|
One from of AI
Guides decision process within a well defined area allows decision comprable to an expert expert knowledget is modelded into a mathemetical system |
|
SQL
|
Structured query language
Most common language used for creating, query relational database |
|
Types of SQL
|
Data Defination (DDL)
Data Manipulation (DML) Data Control (DCL) |
|
DDL
|
Creating
altering, deleting tables establishing various constrains defines database |
|
DML
|
Commands used to maintain and query database
Updating, intensify, modifying and query joining tables |
|
DCL
|
Data Controlling language:
Determines which users have various privileges abel to read and write to various portion of the database |
|
Database structure
|
1. hierarchical
2. Networked 3. Relational 4. Object oriented 5. Object - relational 6. distributed |
|
Database Control
|
User department
access control Restricting privileges logical views |
|
Types of backup recovery
|
Backup database and logs of transactions
Database replication Backup facility |
|
Advantages of Database system
|
1. Data independence
2. minimal data redundancy 3. Data sharing 4. Reduce program maintenance 5. Commercial application can be modified |
|
Disadvantages of database system
|
1. Need a database expert
2. Installation is costly 3. Conversion from legacy file is costly 4. Comprehensive back and recovery are necessary |
|
What is a Network
|
Is a interconnected computers and terminals
|
|
Classificatin of network (geographical)
|
Lcoal area network
Metro area network Wide area network |
|
Internet languages
|
1. Hypertext transfer Protocol (HTTP). Used to transfer documetns among diff. types of computers and networks
2. Uniform Resource Locator (URL): stanard for finding a document by typing in an address |
|
Firewall
|
A method of protecting an organization's computers and computer informaiton from outsiders.
Consists of security algorithms, router communication protocals that prevent outsiders from tapping into organization's database and email |
|
Routers
|
Connects two networks
determines best way for data packets to move forward |
|
Bridge
|
Divides LAN into two segments forwarding traffic accross network boundary
|
|
Switch
|
Devices that channel incoming data from any of multiple input ports to the specific output port that will take data toward its intended destination
|
|
Gateway
|
Combination of harward and software that links seperates types of network
|
|
Bulletin Board
|
Acts as centralized information source and massage swiching system for users with particular interest
|
|
LAN
|
Privately owned within same building
General controls are week, depends on useres LAN software generally does not provide security features available in large scale environment |
|
Control over microcomputes
|
Security - Secure hard drive, secure access to computer
Verification - Independent varificaiton of applications being processed Personnel - Who can purchase hardware, software, piracy, virus etc |
|
Controlling software priacy
|
1. Establishing corporate software policy
2. Maintain a log of software purchase 3. Audit computes for software installed |
|
Risks assoicates with Ecommerce system
|
1. Security
2. Availability 3. Processign integrity 4. Online privacy 5. Confidentiality |
|
Benefits of EDI
|
1. Quick respone and access to information
2. Cost efficiency 3. Reduce paperwork 4. Accurate, reduce error, error correction cost 5. better communication and customer serivce 6. Necesasry to remain competitive |
|
Risks related to EDI ((Electronic data interchange)
|
Detecting control maybe too late
log kept for a short peirod of time, so control needs to be tested timely |
|
Exposured of EDI
|
1. total dependece on computer system
2. possible loss of confidentiality 3. unauthorized transactions 4. Concentration of control among few people 5. data processing, application, communication error 6. Potential legal liabitity 7. Reliance on 3rd party 8. Loss of audit trail 9. reliance on trading partners system |
|
Telecommunication controls needed
|
1. System integrity @ remote sites
2. Data entry 3. Central computer security 4. Dial in security 5. Transmission accurancy and completeness 6. Physical security over telecom. facility |
|
COBIT Criteria
|
1. Effectiveness (relevent)
2. Efficiency 3. Confidentiality 4. Integrity 5. Availability 6. Reliability 7. Compliance |
|
Principles of reliable system
|
1. Security
2. Availability 3. Processing integrity 4. Confidentiality 5. Confidentiality |
|
Risk on each principle of a reliable system
|
Physical Risk - Weather, ware, bad employes
Logical Acces- malicious damage or alteration of files, unathorized access, computer fraud |
|
Availability Risk
|
Interruption of buiness operation
loss of data |
|
Processing integrity risk
|
Invalid, incomplete, inaccurate:
input data data processing updating master file creating of output |
|
Online Privacy Risk
|
Disclosure of customer information
SSN Credit card # Credit rating Medical condition |
|
Sytem development life cycle
|
1. software concept
2. requirement analysis 3. architetural design 4. Coding and debugging 5. testing |
|
Input Validation control
|
1. preprinted form
2. check digit 3. control, batch, proof total d. hash total 5. record count 6. limit total 7. menu driven input 8. field check 9. validity check 10. missing data chedk 11. field size check 12. logic check 13. redundant data check\ 14. close loop varificatoin |
|
Parity Check
|
a special bit is added to each character that can deted if the harware losses a bit during internal movement
|
|
Check Digit
|
Extra digit added to a id to check against certain types of data transmission error
|
|
Hash total
|
a control total that is meaningless for financial purpose. i.e. employee ssn #
|
|
Disaster Recover plan should include:
|
Priorities
Insurance for defer cost Backup approches Check point Rollback Backup facility |