1. (TCO 1) Facts that are collected, recorded, stored, and processed by an information system are (Points : 7)
Question 2.2. (TCO 2) This control framework addresses the issue of control from three vantage points: business objectives, information technology resources, and information technology processes. (Points : 7)
ISACA’s control objectives for information and related technology
COSO’s internal control framework
COSO’s enterprise risk management framework
None of the above
Question 3.3. (TCO 3) What is a major disadvantage to using symmetric encryption to encrypt data? (Points : 7)
Both sender and receiver must have the private key before this encryption method will work.
The private key cannot be broken into fragments and distributed to the receiver.
The private key is used by the sender for encryption but not by the receiver for decryption.
The private key is used by the receiver for decryption but not by the sender for encryption.
Question 4.4. (TCO 3) Multi-factor authentication (Points : 7)
involves the use of two or more basic authentication methods.
is a table specifying which portions of the systems users are permitted to access.
provides weaker authentication than the use of effective passwords.
requires the use of more than one effective password.
Question 5.5. (TCO 4) In the revenue cycle, a customer places an order for a certain product. Before the order is checked for inventory availability, what step should be taken? (Points : 7)
The customer’s credit should be checked for a sale on account.
The sales order should be created and written to a file.
Shipping should be notified of an order in process.
A picking list should be generated for the warehouse.
Question 6.6. (TCO 5) In addition to identifying and dealing with defective products before they reach customers, quality management is concerned with initiating process changes that will reduce the number of defective units produced. All other things held constant, a decrease in the number of defective units will increase throughput by (Points : 7)
increasing productive capacity.
increasing productive processing time.
increasing all components of throughput.
Question 7.7. (TCO 6) A reporting system that reports the performance of the organization on several financial and non-financial goals is called (Points : 7)
object linking and embedding function.
online analytical processing (OLAP.)
balanced scorecard reporting.
Question 8.8. (TCO 7) The potential inconsistency problem could arise when there are multiple occurrences of a data item in a database. This is called the (Points : 7)
Question 9.9. (TCO 8) Compared to batch processing, real-time processing has which of the following advantages? (Points : 7)
Ease of auditing
Ease of implementation
Timeliness of information
Efficiency of processing
Question 10.10. (TCO 8) In which phase of the systems development life cycle are the new hardware and software for a system tested? (Points : 7)
Implementation and conversion
Operations and maintenance
1. (TCO 1) Michael Porter developed five primary activities that directly provide value to customers. Think about how a company such as Walmart, or any retail-based company, provides value using these activities.
a: Describe briefly each of the five activities.
b: Develop a specific example for each activity related to how that retail-based company can use its AIS to provide value. (Points : 20)
3. (TCO 3) Why do all audits follow a sequence of events that can be divided into four stages? (Points : 20)
2. (TCO 2) Think of a local bookstore, such as Borders, and describe in detail the risks associated with this bookstore’s sale of merchandise (not limited to books) to customers, and propose at least four internal controls that would mitigate those risks. Now take a look at Amazon.com (or some other online bookstore.) Evaluate the differences that exist in an online selling environment, and explain how those risks are mitigated. (Points : 20)
4. (TCO 8) Discuss the relative advantages and disadvantages of the four different methods for gathering data during a systems survey. (Points : 20)
3. (TCO 7) Describe the main constraints when a relational database model is being logically designed. (Points : 20)
2. (TCO 6) Identify what tool(s) are used to assess organizational performance, and explain why they are used. (Points : 20)
1. (TCO 5) The owner of a small family-owned business currently prepares his own payroll manually, but he is considering switching to an AIS. He is skeptical about the security of the information and asked you to educate him about the types of unauthorized changes to payroll data, and explain at least two controls that would maintain the integrity of the payroll master file. (Points : 20)