Exam 8: Controlling Information Systems: Introduction to Pervasive Controls

The disaster recovery strategy known as a(n) ______________________________ is a fully equipped data center that is made available on a standby basis to client companies for a monthly subscriber's fee.

______________________________ is a policy of requiring an employee to take leave from the job and substituting another employee in his or her place.

The most common biometric devices read ______________________________.

A facility usually comprised of air-conditioned space with a raised floor, telephone connections, and computer ports, into which a subscriber can move equipment, is called a hot site.

Combining the functions of authorizing and executing events is a violation of the organizational control plan known as ______________________________.

The ______________________________ coordinates the organizational and IT strategic planning processes and reviews and approves the strategic IT plan.

______________________________ controls provide assurance that all modifications to programs are authorized and documented, and that the changes are completed, tested, and properly implemented.

A key control concern is that certain people within an organization have easy access to applications programs and data files. The people are:

The IS function with the principal responsibilities of ensuring the security of all IT resources is data control.

A control plan that is designed to detect a fraud by having one employee periodically do the job of another employee is called:

In an online environment, ______________________________ ensures that only authorized users gain access to a system through a process of identification (e.g., a unique account number for each user) and authentication.

Which of the following controls restrict access to programs, data, and documentation?

Top security concerns reported by IT security professionals include all the following except:

______________________________ controls restrict access to data, programs and documentation.

______________________________ are particularly important because they operate across all business processes and affect a company's capability to meet a multitude of control goals.

______________________________ are documents that help users learn their jobs and perform consistently in those jobs.

Application documentation that describes the application and contains instructions for preparing inputs and using outputs is a(n):

The use of IT resources for enterprise systems and e-business:

______________________________ in an internal control system means assessment by management to determine whether the control plans in place are continuing to function appropriately over time.

Top 10 management concerns about IT's capability to support an organization's vision and strategy include all except the following: