This preview shows pages 1–3. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: PAPER – 6 : MANAGEMENT INFORMATION AND CONTROL SYSTEMS Question No. 1 is compulsory. Answer any four questions from remaining six questions . Question 1 (a) Why Computerised Information systems are more vulnerable to many more kinds of threats than manual systems? Name some of the key areas where large amounts of data stored in electronic form are most vulnerable. (b) Discuss some common types of field interrogation as a validation control procedure in an EDP set up. (c) Differentiate between General and Application controls. Also mention the broad categories into which the first can be subdivided. (d) How does MIS auditing enhance the control process? (5 + 5 + 5 + 5 = 20 Marks) Answer (a) When large amounts of data are stored in electronic form they are vulnerable to many more kinds of threats than when they exist in manual form. Since the data is in electronic form and many procedures are invisible through automation, Computerized Information Systems (CIS) are vulnerable to destruction, misuse, error, fraud, hardware and software failures. Online systems and those utilizing the Internet are especially vulnerable because data and files can be immediately and directly accessed through computer terminals at many points in the network. Hackers can penetrate corporate networks and cause serious system disruptions. Computer viruses can spread rampantly from system to system, clogging computer memory or destroying programs and data. Software presents problems because of high costs of correcting errors and because software bugs may be impossible to eliminate. Data quality can also severely impact system quality and performance. Following are the key areas due to which data stored in electronic form are most vulnerable: (1) Hardware failure, (2) Software failure, (3) Personnel actions, (4) Terminal access penetration (5) Theft of data, services, equipment, (6) Fire (7) Electrical problems, (8) User errors (9) Program changes, (10) Telecommunication problems (b) Some common types of field interrogation as a validation control procedure in an EDP set up are discussed below: (1) Limit Checks : The field is checked by the program to ensure that its value lies within certain predefined limits. PAPER – 6 : MANAGMENT INFORMATION AND CONTROL SYSTEMS 25 (2) Picture checks : These check against entry of incorrect characters into processing. (3) Valid Code Checks : Checks are made against predetermined transactions codes, tables or other data to ensure that input data are valid. They may either be embedded in the programs or stored in files. (4) Check digit : It is an extra digit that is added to the code when it is originally assigned. It allows the integrity of the code to be established during subsequent processing....
View Full Document
- Spring '11