Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Organization Structures
• Centralized: CIO is central leader of all information system functions
• Decentralized: Assigns personnel to non-central (e.g., departments) organizational units
• Functional organization: Assigns personnel to skills-based units (e.g., programming, systems
analysis). Used by both decentralized and centralized organizations
• Matrix: Assembles work groups or teams, comprised of members from different functional
areas, under the authority of a team leader
• Project: Establishes permanent systems development structures such as “Financial Systems
Development”
-The use of IT resources for enterprise systems and e-business: magnifies the importance of protecting the
resources both within and outside of the organization from risks.
Summary of Information Systems Functions:
IT Control Domains and Processes:
-Compensatory controls- A small organization that does not have enough personnel to adequately segregate
-
simultaneous messages making it impossible for the attached site to engage in its normal activities.
-distributed denial-of-service attack-uses many computers, called zombies, that unwittingly cooperate in a
-
*control redundancy- Having too many control plans directed at the same control goal.
*Document design-A control plan that makes it easier to prepare the document initially and later to input
data from the document.
*Written approval- takes the form of a signature or initials on a document to indicate that the proper person
has authorized the event.
*Preformatted screens-control the online entry of data by defining the acceptable format of each data field,
automatically moving to the next field, requiring that certain fields be completed, and/or automatically
populating certain fields.
*Online prompting- describes a computer system's asking the user for input or asking questions that the user
must answer.
* Programmed edit checks-are edits automatically performed by data entry programs upon entry of the input
data.
* Reasonableness check- is a “limit check”
*mathematical accuracy checks--The edit that compares calculations performed manually with those
performed by the computer to determine if a document has been entered correctly.
*check-digit is an extra digit that is added to an identification number to help control the accuracy with
which the number is entered into a computer system.
*key verification-The control plan designed to reduce the possibility that one person will misread or mis-key
data.
*exception and summary report is a computer-generated report that reflects the events--either in detail,
summary total, or both--that were accepted by the system and rejected by the system.
*line-A count of the number of invoices being paid by all of the customer remittances is a type of batch
control total.
*hash total -is the general term to describe the summation of data that would not normally be totaled except
for control purposes.
*turnaround document- a document that is printed as an output of one computer process and is used to
capture and input a subsequent transaction
*Data encryption-a process that employs mathematical algorithms and keys to encode data so that it is
unintelligible to the human eye.
*One-for-one checking-shipping clerk compares each line on the shipping document to the items to be
shipped. to ensure that the shipment is accurate.
*We prefer to enter data close to the originating source to ensure that business event data is entered in a
timely manner and that personnel who enter the data can confirm its legitimacy and easily correct errors.
*tickler file-The file of open sales orders .The manager of shipping reviews a file of open sales orders--items
to be shipped today--to determine that all shipments are made in a timely manner.
*When there are programmed edits to control data entry, we would expect to also find procedures for
rejected inputs to ensure that erroneous items are corrected and re-input.
*Encryption- The process of encoding data so that it may only be read by someone having a key.