Scribd Logo
Carica

Benvenuto in Scribd!

  • Revision Mis374 Fall2019

    Caricato da

    Yasmine Gamal
    30 visualizzazioni10 pagine

    Titolo originale

    revision mis374 fall2019

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    30 visualizzazioni10 pagine

    Revision Mis374 Fall2019

    Caricato da

    Yasmine Gamal

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 10

    Revision

    MIS374 - Accounting Information Systems (AIS)

    (Chapter 1&2)

    1. Explain the six components of an accounting information


    system (AIS)

     People using the system


     Procedures and Instructions For collecting, processing, and
    storing data
     Data about the organization and its business activities
     Software used to process data.
     Information Technology (IT) Infrastructure
    Computers, peripherals, networks used in the AIS.
     Internal Control and Security Measures
    Safeguard the AIS and its data

    2. Explain AIS business functions

     Collect and store data about organizational activities, resources,


    and personnel.
     Transform data into information enabling Management to plan,
    execute, control, and evaluate activities, resources, and personnel
     Provide adequate control to safeguard the organization’s assets
    and data

    TA: Aya Saeed


    3. Draw the data processing cycle

    This process consists of four steps: data input, data storage,


    data processing, and information output

    4. What is coding? Explain the four coding techniques;


    support your answer with examples.

    Coding is the systematic assignment of numbers or letters to


    items to classify and organize them

    With Sequence Codes

    Items are numbered consecutively to account for all items.


    Any missing items cause a gap in the numerical sequence.

    Examples include prenumbered checks, invoices, and


    purchase orders.

     With a Block Code

    Specific ranges of numbers are associated with a category

    TA: Aya Saeed


     In Group Code

    Two or more subgroups of digits used to code items, are


    often used in conjunction with block codes. Positioning of
    digits in code provide meaning

    Example of a seven-digit product code number

    Digit Position Meaning


    1–2 Product Line, size, and so on
    3 Color
    4–5 Year of Manufacture
    6–7 Optional Features
    1241000 12 = Dishwasher
    4 = White, 10 = 2010, 00 = No
    Options.

     With Mnemonic Codes

    Letters and numbers are interspersed to identify an item.

    The mnemonic code is derived from the description of the


    item and is usually easy to memorize.

    For example Dry_300w05 could represent a low end (300),


    white (w) dryer (Dry) made by Whirlpool (05).

     Chart of accounts

    A list of the numbers assigned to each general ledger


    account.

    Type of block coding

    Example:

    100-199 Assets

    200-299 Non-Current Assets

    300-399 Liabilities

    TA: Aya Saeed


    (Chapter8)
    1. What is the difference between authentication and
    authorization?

    Authentication and authorization are two related controls


    designed to restrict access to an organization’s information
    systems and resources.

    The objective of authentication is to verify the claimed


    identity of someone attempting to obtain access.

    The objective of authorization is to limit what an


    authenticated user can do once they have been given
    access.

     Authentication vs. authorization

    Authentication—verifies who a person is

    1. Something person KNOWS.

    2. Something person HAS.

    3. Some BIOMETRIC CHARACTERISTIC.

    4. Combination of all three.

    Authorization—determines what a person can access

    2. Explain and justify the idea of defense-in-depth (layering)


    information security concept.

    The idea of defense-in-depth (layering) is to employ multiple


    layers of controls in order to avoid having a single point of
    failure.

    For example, many organizations use not only firewalls but


    also multiple authentication methods (passwords, tokens,
    and biometrics) to restrict access.

    TA: Aya Saeed


    (Chapter9)
    1. Differentiate between hashing and encryption

    2. Differentiate between symmetric encryption systems and


    asymmetric encryption systems.

    Symmetric Encryption Systems

    One key used to both encrypt and decrypt

    Pro: fast

    Con: vulnerable

    Asymmetric Encryption Systems

    Different key used to encrypt than to decrypt

    Pro: very secure

    Con: very slow

    TA: Aya Saeed


    3. Draw and explain the creation of a digital signature and
    clarify its usefulness.

    Creating a digital signature is a two-step process

    1. The document creator first generates a hash of the


    document (or file)

    2. The document creator then encrypts that hash using his or


    her private key.

    The resulting encrypted hash is a digital signature

    4. Explain the factors that influence encryption strength

    Key Length

    Number of bits used to convert text into blocks of size equal


    to the key length

    256-bit key is common

    Longer keys provide stronger encryption by reducing the


    number of repeating blocks in the cipher text

    Encryption Algorithm

    Manner in which key and text is combined to create


    scrambled text

    Policies for Managing Cryptographic Keys

    Stored securely with strong access codes

    TA: Aya Saeed


    (Chapter12)
    The major activities in the revenue cycle are:

    1.0 Sales Order Entry


    2.0 Shipping
    3.0 Billing
    4.0 Cash Collections

    For each activity we have to Identify the major threats and evaluate
    the adequacy of various control procedures for dealing with those
    threats.

    1. Outline the general revenue cycle threats and their


    corresponding controls.

    Important note: you have to create a table like this

    To answer this question also you have to write all the threats
    and all their corresponding control.

    TA: Aya Saeed


    1.0 Sales Order Entry

    2. Outline threats of sales order entry and at least one control


    that can be applied to counter each threat.

    In this question, you have to mention all the threats and


    choose only one control that can be applied to counter
    each threat.

    For example:

    Threat Controls
    5.Incomplete/Inaccurate 5.1Data entry edit control
    Orders
    6.Invalidorders 6.1Digital and written
    signatures
    7.Uncollectiable accounts 7.1Credit limits
    8.Stockouts or excess 8.1 training
    inventory
    9.loss of customers 9.1CRM System

    TA: Aya Saeed


    2.0 Shipping

    3. Outline threats of shipping and at least one control that


    can be applied to counter each threat.

    In this question, you have to mention all the threats and


    choose only one control that can be applied to counter
    each threat.

    TA: Aya Saeed


    3.0 Billing

    4. Outline threats of billing and at least one control that can


    be applied to counter each threat.

    In this question, you have to mention all the threats and


    choose only one control that can be applied to counter
    each threat.

    5. Outline threats of cash collection and at least one control


    that can be applied to counter each threat.

    TA: Aya Saeed

    Potrebbero piacerti anche