romch8 - CHAPTER 8 INFORMATION SYSTEMS CONTROLS FOR SYSTEMS...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CHAPTER 8 INFORMATION SYSTEMS CONTROLS FOR SYSTEMS RELIABILITY SUGGESTED ANSWERS TO DISCUSSION QUESTIONS 8.1 For the consumer, opt-out represents many disadvantages because the consumer is responsible for explicitly notifying every company that might be collecting the consumer’s personal information and tell them to stop collecting their personal data. Consumers are less likely to take the time to opt-out of these programs and even if they do decide to opt-out, they may not know of all of the companies that are capturing their personal information. For the organization collecting the data, opt-out is an advantage for the same reasons it is a disadvantage to the consumer, the organization is free to collect all the information they want until explicitly told to stop. 8.2 a. The cost here is tangible, consisting of the salaries of additional employees, if any, who must be hired in order to accomplish segregation of duties. The benefit is much less tangible, comprising primarily the reduction in the risk of loss from both fraud and unintentional errors. One approach might be to estimate an "expected benefit" as a product of the possible loss from fraud and the reduction in probability of fraud. b. The costs here are also relatively tangible, including the costs of maintaining a tape library and of performing special procedures such as file labeling, concurrent update controls, encryption, virus protection, maintaining backup files, and so forth. The benefit is again intangible, consisting of the reduction in risk of loss of vital business data. Once again an "expected benefit" might be estimated as the reduction of the product of the cost of data reconstruction and the probability of data loss. c. The cost here consists of the extra programming and processing time required to prepare and execute the input validation routines. As in the other cases, the benefits are intangible and difficult to measure in dollars. The primary benefit is the increase in accuracy of files and output. In this case, the decision must be primarily subjective, since a reliable dollar value is unlikely to be available. 8.3 The disadvantage of a full backup is time. Organizations do not normally make full backups of their data on a frequent (daily) basis simply due to the time a full backup takes. Most 8-13
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Ch. 8: Computer-Based Information Systems Control organizations do full backups on a weekly basis and supplement them with partial backups on a daily basis. The advantage of frequent full backups is that the full system can be restored from a single backup. An advantage of doing partial daily backups is time. It takes less time and therefore, fewer resources to perform a partial backup on a daily basis than a full backup on daily basis. There are two primary types of partial backups: incremental and differential daily partial backups. Incremental backups copy only data files that have changed since the last backup.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/16/2010 for the course AF 3211 taught by Professor June during the Spring '09 term at Polytechnic University of Puerto Rico.

Page1 / 10

romch8 - CHAPTER 8 INFORMATION SYSTEMS CONTROLS FOR SYSTEMS...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online