Term
| Five principles satisfied by reliable systems |
|
Definition
- information security
- confidentiality
- privacy
- processing integrity
- availability |
|
|
Term
|
Definition
- requires that management identify which information is sensitive
- each organization will develop its own definitions of what information needs to be protected |
|
|
Term
| virtual private network (VPN) |
|
Definition
- provides the functionality of a privately owned network
- uses the internet |
|
|
Term
| three categories of integrity controls |
|
Definition
- input controls
- processing controls
- output controls |
|
|
Term
|
Definition
- forms design
- pre-numbered forms sequence test
- turnaround documents
- cancellation and storage of documents
- authorization and segregation of duties
- visual scanning
- check digit verification
- RFID security |
|
|
Term
|
Definition
- field check
- sign check
- limit check
- range check
- size (or capacity) check
- completeness check
- validity check
- reasonableness test
- check digit verification |
|
|
Term
| additional online data entry controls |
|
Definition
- automatic entry of data
- prompting
- pre-formatting
- closed-loop verification
- transaction logs
- error messages |
|
|
Term
|
Definition
| - should indicate when an error occurred, which item, and how it should be corrected |
|
|
Term
|
Definition
- data matching
- file labels
- recalculation of batch totals
- cross-footing balance test
- write-protection mechanisms
- RFID security |
|
|
Term
|
Definition
- many businesses are replacing bar codes and manual tags with RFID tags that can store up to 128 bytes of data
- should be write-protected so that unscrupulous customers cannot change price information on merchandise |
|
|
Term
| database processing integrity procedures |
|
Definition
- database systems use administrators, data dictionaries, and concurrent update controls to ensure processing integrity
- the administrator establishes and enforces procedures for accessing and updating the database
- the data dictionary ensures that data items are defined and used consistently |
|
|
Term
| concurrent update controls |
|
Definition
- protect records from being updated by two users simultaneously
- locks one user out until the other has finished processing |
|
|
Term
|
Definition
- careful checking of system output provides additional control over processing integrity
- user review of output
- reconciliation procedures
- external data reconciliation |
|
|
Term
|
Definition
| - computers represent characters as a set of binary digits (bits) |
|
|
Term
| message acknowledgement techniques |
|
Definition
| - a number of message acknowledgment techniques can be used to let the sender of an electronic message know that a message was received |
|
|
Term
|
Definition
- when data are transmitted, the system calculates a summary statistic such as the number of bits in the message
- the receiving unit performs the same calculation and sends the result to the sending unit
- if the counts match, the transmission is presumed accurate |
|
|
Term
|
Definition
- the sending unit stores control totals in a trailer record
- the receiving unit uses the information in those totals to verify the entire message was received |
|
|
Term
|
Definition
- if a large message is transmitted in segments, each can be numbered sequentially
- the receiving unit uses those numbers to properly assemble the segments |
|
|
Term
| key components of effective disaster recovery and business continuity plans |
|
Definition
- data backup procedures
- provisions for access to replacement infrastructure
- thorough documentation
- periodic testing
- adequate insurance |
|
|
Term
| three basic options for replacing computer and networking equipment |
|
Definition
- reciprocal agreements
- cold sites
- hot sites |
|
|
Term
|
Definition
| - determines if the characters in a field are of the proper type |
|
|
Term
|
Definition
| - determines if the data in a field have the appropriate arithmetic sign |
|
|
Term
|
Definition
| - tests a numberical amount to ensure that it does not exceed a predetermined value |
|
|
Term
|
Definition
| - similar to a limit check except that it has both upper and lower limits |
|
|
Term
|
Definition
| - ensures that the input data will fit into the assigned field |
|
|
Term
|
Definition
| - determines if all required data items have been entered |
|
|
Term
|
Definition
| - compares the ID code or account number in transaction data with similar data in the master file to verify that the account exists |
|
|
Term
|
Definition
| - determines the correctness of the logical relationship between two data items |
|
|
Term
|
Definition
| - authorized ID numbers (such as an employee number) can contain a check digit that is computed from the other digits |
|
|
Term
|
Definition
| - tests if a batch of input data is in the proper numerical or alphabetical sequence |
|
|
Term
|
Definition
| - summarize key values for a batch of input records |
|
|
Term
|
Definition
| - sums a field that contains dollar values |
|
|
Term
|
Definition
| - sums a nonfinancial numeric field |
|
|
Term
|
Definition
| - sums the number of records in a batch |
|
|
Term
|
Definition
| - the system requests each input data item and waits for an acceptable response |
|
|
Term
|
Definition
| - the system displays a document with highlighted blank spaces and waits for the data to be entered |
|
|
Term
|
Definition
| - checks the accuracy of input data by using it to retrieve and display other related information |
|
|
Term
|
Definition
- located at the beginning of each file
- contains the file name, expiration date, and other identification data |
|
|
Term
|
Definition
- located at the end of the file
- contains the batch totals calculated during inputs |
|
|
Term
| cross-footing balance test |
|
Definition
| - compares the results produced by each method to verify accuracy |
|
|
Term
| concurrent update controls |
|
Definition
| - protect records from errors that occur when two or more users attempt to update the same record simultaneously |
|
|
Term
|
Definition
| - enabling a system to continue functioning in the event that a particular component fails |
|
|
Term
| uninterruptible power supply (UPS) |
|
Definition
| - provides protection in the event of a prolonged power outage, using battery power to enable the system to operate long enough to back up critical data and safely shut down |
|
|
Term
|
Definition
| - exact copy of the most current version of a database, file, or software program |
|
|
Term
|
Definition
| - involves copying only the data items that have changed since the last backup |
|
|
Term
|
Definition
| - copies all changes made since the last full backup |
|
|
Term
| recovery point objective (RPO) |
|
Definition
| - represents the maximum length of time for which it is willing to risk the possible loss of transaction data |
|
|
Term
|
Definition
| - involves maintaining two copies of the database at two separate data centers at all times and updating both copies in real-time as each transaction occurs |
|
|
Term
|
Definition
| - making a copy of the database |
|
|
Term
|
Definition
| - copy of a database, master file, or software that will be retained indefinitely as a historical record, usually to satisfy legal and regulatory requirements |
|
|
Term
| recovery time objective (RTO) |
|
Definition
| - represents the time following a disaster by which the organization's information system must be available again |
|
|
Term
|
Definition
| - an empty building that is prewired for necessary telephone and internet access, plus a contract with one or more vendors to provide all necessary computer and other office equipment within a specified period of time |
|
|
Term
|
Definition
| - facility that is not only prewired for telephone and internet access but also contains all the computing and office equipment the organization needs to perform its essential business activities |
|
|
