File - TLA2 Portfolio

advertisement
Review for Final Exam
Accounting Information Systems
Romney and Steinbart
Linda Batch
July 2012
Learning Objectives
• AIS Development Strategies (Chapter 21)
• Ways to acquire an AIS
• BPM and BPMS
• Systems Development (Chapter 22)
• Conceptual systems design process (5 steps)
• Physical systems design process
• Systems implementation and conversion – important
• Microsoft Access
– Creating Macros and Switchboard
– Work on Assignment 4
• Quiz (Chapter 9, 10)
Review for Final Exam Text Book Theory
•
•
•
•
•
•
•
•
Chapter 7 – Control and AIS
Chapter 8 – IS Controls for System Reliability
Chapter 9 – IS Controls for Systems Reliability Con’t
Chapter 10 – IS Controls for Systems Reliability
Chapter 11 – Auditing Computer Based AIS
Chapter 20 – Intro to Systems Development
Chapter 21 – AIS development Strategies
Chapter 22 – Systems Design, Implementation, and Operation
Chapter 7 – Control and AIS
•
•
•
•
COSO ERM
Preventive, Detective and Corrective Controls (week 8, slide 4)
COSO ERM (week 8, slide 9, 8)
COSO ERM – Control Activities (week 8, slide 12) – control activities
are categorized into 7 types
Chapter 7 – Control and AIS
• Know that segregation of accounting duties is different than
segregation of systems duties (you do not have to learn the list of
segregations for systems duties) (week 8 slide 16)
• Know that people with unrestricted access to your computer system
and perpetrate and conceal fraud (week 8, slide 16)
• Know that systems staff should not have access to change records,
tables, programming in your production system (week 8, slide 16)
• Know some independent checks on performance (week 8, slide 17) –
good short answer question
• AIS has five primary objectives according to the AICPA (week 8, slide
18)
Chapter 8 – IS Controls for System Reliability
• COBIT’s four domains, plus be able to give three examples of each
domain (week 9, slides 9 to 13)
• Know that systems security is a management responsibility not an IT
responsibility and why (week 9, slide 3) – good short answer question
• Information provided to management must satisfy 7 key criteria,
know three (week 9, slide 4)
• Know authentication vs. authorization (week 9, slide 16) – good short
answer possibly
• Be able to talk to system reliability (week 9, slide 17)
• Go over the scenarios in problem 8.4 from the text – discussion
regarding control types (preventive, dectective, corrective)
• Deep packet inspection vs. stateful packet filtering (week 9, slide 26)
• TCP and IP (week 9, slide 25)
• Steps in an IT attack are NOT on the final
Chapter 9 – IS Controls for System Reliability
•
•
•
•
Encryption – what is it (week 10, slides 4 to 6)
Know types of Encryption (week 10, slides 7 and 8)
Know how digital signatures are created (week 10, slides 7 and 8)
Know what a VPN is and how it works (week 10, slide 9)
Chapter 10 – IS Controls for System Reliability
• System Availability (week 10, slides 13 and 14)
• RTO, RPO (week 10, slides 13 and 14)
• Data recovery plan and business continuity plan – how does that fit
with RTO and RPO
Chapter 11 – Auditing Computer Based AIS
•
•
•
•
Different types of audits (week 11, slide 4)
Overview of the audit process – four steps (week 11, slide 4)
Risk based approach to audit (week 11, slide 5)
Six objectives to an information systems audit (week 11, slide 6 and
7)
• Examples of audit techniques for Objective 3 and Objective 4 (week
11, slide 9)
• Computer Assisted Audit Techniques (week 11, slide 10)
• Chapter 11 check point questions in the week 11 deck
Chapter 20 – Systems Development and Analysis
• Reasons to change the computer system – know 3 (week 11, slide 16)
• Know the systems development life cycle (SDLC) (week 11, slide
18,19)
• Two plans are required to Systems Development (week 11, slide 21)
• GANTT Chart and PERT Chart – know the difference (week 11, slide
22)
• Three forms or resistance to change (week 11, slide 24)
• How do you prevent behavioral problems (week 11, slide 25)
Chapter 20 – Systems Development and Analysis
Systems
analysis
Conceptual
System
Design
Physical
Design
Implementation
And
Conversion
Operation
and
Maintenance
Chapter 21 – AIS Development Strategies
• Definitions – (week 12, slide 3)
• Ways to get an AIS
–
–
–
–
Purchase AIS (week 12, slide 3)
In House development of AIS (week 12, slide 4)
Outsource AIS (week 12, slide 4)
Prototype AIS (week 12, slide 4)
• Systems Development Life Cycle (week 12, slides 7 to 11)
– Physical systems Design
– Systems Implementation and conversion (week 12, slides 7 to 11)
Chapter 22 – Systems Design, Implementation, Operation
• Systems Development Life Cycle (week 12, slides 7 to 11)
– Physical systems Design (figures from text)
– Systems Implementation and conversion (figures from text)
• System conversion – know 4 (week 12, slides 10, 11)
Chapter 22 – Systems Design, Implementation, Operation
Chapter 22 – Systems Design, Implementation, Operation
Download