Chapter 2
Auditing IT Governance Controls
Review Questions
1. What is IT governance?
Response: IT governance is a relatively new subset of corporate governance that
focuses on the management and assessment of strategic IT resources.
2. What are the objectives of IT governance?
Response: The key objectives of IT governance are to reduce risk and ensure that
investments in IT resources add value to the corporation.
3. What is distributed data processing?
Response: Distributed data processing involves reorganizing the central IT
function into small IT units that are placed under the control of end users. The IT units
may be distributed according to business function, geographic location, or both. All or
any of the IT functions may be distributed. The degree to which they are distributed will
vary depending upon the philosophy and objectives of the organization’s management.
4. What are the advantages and disadvantages of distributed data processing?
Response: The advantages of DDP are:
a. cost reductions
b. improved cost control responsibility
c. improved user satisfaction
d. back up flexibility
The disadvantages (risks) are:
a. inefficient use of resources
b. destruction of audit trails
c. inadequate segregation of duties
d. difficulty acquiring qualified professionals
e. lack of standards
5. What types of tasks become redundant in a distributed data processing system?
Response: Autonomous systems development initiatives distributed throughout
the firm can result in each user area reinventing the wheel rather than benefiting from the
work of others. For example, application programs created by one user, which could be
used with little or no change by others, will be redesigned from scratch rather than
shared. Likewise, data common to many users may be recreated for each, resulting in a
high level of data redundancy. This situation
has implications for data accuracy and consistency.
.
Consider the following computer applications:
(1) At a catalog sales firm, as phone orders are entered into their computer, both inventory and credit are immediately checked.
(2) A manufacturer's computer sends the coming week's production schedule and parts orders to a supplier's computer.
Which statement below is true for these applications?
59) Consider the following computer applications:
(1) At a catalog sales firm, as phone orders are entered into their computer, both inventory and credit are immediately checked.
(2) A manufacturer's computer sends the coming week's production schedule and parts orders to a supplier's computer.
Which statement below is true for these applications?
A) Both applications are examples of EDI.
B) Both applications are examples of online real-time processing.
C)
The first application is an example of EDI and the second is an example of online real-time.
D) The first application is an example of online real-time and the second is an example of EDI.