Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Midterm Exam - My Answers

    Hochgeladen von

    Kim Taengooss
    7 Ansichten1 Seite
    my answers cis

    Originaltitel

    Midterm exam - my answers

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    DOCX, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    my answers cis

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    7 Ansichten1 Seite

    Midterm Exam - My Answers

    Hochgeladen von

    Kim Taengooss
    my answers cis

    Copyright:

    © All Rights Reserved
    Als DOCX, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 1

    1.

    a) Separation of Duties within the Information Systems is very important, and their functions should be
    properly segregated for good organizational controls. Doing so reduces risk of employees breaching the
    system security and using it to their own advantages, or in short, it is designed to prevent fraud, error or
    abuse. If the duties are separated, it will also restrict or limit one's power. If there won't be proper separation
    of duties within the information systems, one person could destroy, alter, manipulate or destroy data without
    being detected, or without leaving any trace. There needs to be an organizational structure which should
    provide the definite lines of authority and responsibility within the informations system department. For
    example, a systems developer, who designs and develops new systems, evaluates and improves existing
    systems, and database administrators and programmers, who writes, tests and debugs a program, should
    not be allowed to use the programs they developed, and should not be allowed to operate the computer. If
    there are computer operators, they also should not participate in designing the program.

    b) Century Incorporated needs to make sure that their security is very tight and secure. One of the ways is
    by putting up, and regularly changing their passwords, suggestively everytime they change or rotate their
    employees 'jobs. Doing this can prevent other employees from having access to their previous jobs'
    financial information, which they can use to their own advantage.

    2. Managers can outsource their IT function because even though they can handle it now, it may consume
    too much of their time, instead of them just focusing their work and attention on their main jobs. Also, with
    the changing and improving tchnology, it will be taking a lot of time and money, and also effort to train their
    employees. If they will be outsourcing their IT instead, it will help them save money, and will cut their costs.
    Managers may choose to outsource IT responsibility for their IT controls as well, because they won't entirely
    be losing control over their operations. They can choose to receive updates regularly, and also still take
    part in the whole process, including making decisions. Outsourcing the responsibility for IT control will also
    help them focus more on their own work, and in the company's operations. The auditors may choose to
    review operational information, or test of controls. They can also observe or perform walkthroughs, to see
    if the design of their internal control is really functioning as intended, or they could even interview the
    employees to see how well they are trained for the jobs, and to know if they clearly understand what their
    role or function is.

    Das könnte Ihnen auch gefallen