Chapter 1 - ANSWER
Source code - ANSWERuncompiled, archive code
Object code - ANSWERcompiled code that is distributed and put into production; not able to be read by humans
Inherent risk - ANSWERthe risk that an error could occur assuming no compensating control exist
Control risk - ANS...
Object code - ANSWERcompiled code that is distributed and put into production; not
able to be read by humans
Inherent risk - ANSWERthe risk that an error could occur assuming no compensating
control exist
Control risk - ANSWERthe risk that an error exists that would not be prevented by
internal controls
Detection risk - ANSWERthe risk that an error exists, but is not detected. The risk
that an IS auditor may use an inadequate test procedure and conclude that no
material error exists when in fact errors do exist.
Audit risk - ANSWERthe overall level of risk; the level of risk the auditor is prepared
to accept.
Compliance testing - ANSWERdetermines if controls are being applied in a manner
that complies with mgmt's policies and procedures
Parallel testing - ANSWERFeeding test data into two systems and comparing the
results.
White box testing - ANSWERtest the software's program logic.
Black box testing - ANSWERTesting the functional operating effectiveness without
regard to internal program structure.
Redundancy check - ANSWERdetects transmission errors by appending calculated
bits onto the end of each segment of data.
Variable sampling - ANSWERused to estimate the average or total value of a
population.
Discovery sampling - ANSWERused to determine the probability of finding an
attribute in a population.
Attribute sampling - ANSWERselecting items from a population based on a common
attribute. Used for compliance testing.
, Chapter 2 - ANSWER
Steering Committee - ANSWERAppointed by senior management. Serves as a
general review board for projects and acquisitions... not involved in routine
operations. The committee should include representatives from senior management,
user management, and the IS department. Escalates issues to senior management.
Substantive testing - ANSWERevaluates the integrity of individual transactions, data,
and other information.
Regression testing - ANSWERused to retest earlier program abends that occurred
during the initial testing phase.
Sociability testing - ANSWERto ensure the application works as expected in the
specified environment where other applications run concurrently. Includes testing of
interfaces with other systems.
Request for Proposal (RFP) - ANSWERA document distributed to software vendors
requesting their submission of a proposal to develop or provide a software product.
RFP should include: Project Overview, Key Requirements and Constraints, Scope
Limitations, Vendor questionnaire, customer references, demonstrations, etc.
Quality Assurance - ANSWERCheck to verify policies are followed.
Quality Control - ANSWERCheck to verify free from defects.
Bottom-up approach for policy development - ANSWERbegins by defining
operational-level requirements and policies which are derived and implemented as a
result of a risk assessment.
Chapter 3 - ANSWER
OSI Model - ANSWERAll People Seem To Need Dominos Pizza
Layer 7 - Application layer - ANSWERThe application layer interfaces directly to and
performs common application services for the application processes.
Layer 6 - Presentation layer - ANSWERThe presentation layer relieves the
Application layer of concern regarding syntactical differences in data representation
within the end-user systems. MIME encoding, data compression, encryption, and
similar manipulation of the presentation of data is done at this layer.
Layer 5 - Session layer - ANSWERThe session layer provides the mechanism for
managing the dialogue between end-user application processes (By dialog we mean
that whose turn is it to transmit). It provides for either duplex or half-duplex operation.
This layer is responsible for setting up and tearing down TCP/IP sessions.
Layer 4 - Transport layer - ANSWERThe transport layer is responsible for reliable
data delivery. The transport layer provides transparent transfer of data between end
users, thus relieving the upper layers from any concern with providing reliable and
cost-effective data transfer. The transport layer controls the reliability of a given link.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller papersbyjol. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
