Accounts notes

This set of vocabulary flashcards covers key concepts in database design, REA modelling, relational database management, systems development lifecycles, internal controls, fraud, and information security.

REA model

A database design framework categorising entities into Resources, Events, and Agents.

Resources

Things that have economic value to an organisation in the REA model.

Events

Business activities that management wants to manage and control in the REA model.

Agents

People and organisations that participate in events within the REA model.

Primary Key

An attribute or combination of attributes that uniquely identifies each record/row in a table.

Foreign Key

An attribute of one entity that is itself the primary key of another entity, used to implement relationships.

Cardinality

Describes the nature of relationships between entities, including how many instances of one entity can be linked to another (Minimum: 0 or 1; Maximum: 1 or Many).

Tuple

A row in a relational database table that contains data about one instance of an entity, equivalent to a record.

Attribute

A column in a relational database table that contains data about a specific characteristic of an entity, equivalent to a field.

Update Anomaly

A problem in a database where changes to existing data are not correctly recorded due to multiple records with the same data attributes.

Insert Anomaly

A problem in a database where a user is unable to add a record because it is missing a required attribute.

Delete Anomaly

A problem where removing a record from the database also results in the unintended removal of other data.

Entity Integrity

A relational database rule stating that a primary key cannot be null (empty).

Referential Integrity

A rule stating that if a foreign key is not null, it must have a value corresponding to a primary key in another table.

DBMS (Database Management System)

The interface between software applications and the data stored in files.

Data Dictionary

Contains information about the structure of the database, including field names, descriptions, and uses.

Data Definition Language (DDL)

A DBMS language used to build the data dictionary, create the database, and describe the subschema.

Data Manipulation Language (DML)

A DBMS language used to change database content, including updates, insertions, and deletions.

Data Query Language (DQL)

A DBMS language that enables the retrieval, sorting, and display of data from the database.

Business Process Management (BPM)

A systematic approach to continuously improving and optimising an organisation's business processes.

Prototyping

The process of developing an initial model (prototype) to clarify user needs and gather feedback on functionality.

CASE (Computer-Aided Software Engineering) Tools

Software designed to help plan, analyse, design, program, and maintain an information system.

End-User Computing (EUC)

Allows end-users to create, control, and implement simple systems independently of technical specialists.

SaaS (Software-as-a-Service)

A cloud computing model where software is provided to users via the Internet (e.g., Gmail).

Parallel Conversion

A system implementation method where the old and new systems are operated simultaneously for a period.

Pilot Conversion

Implements a new system in only one part of the organisation (e.g., a branch) to localise problems.

Inherent Risk

The risk that exists before any plans are made to control it.

Residual Risk

The remaining risk after controls have been implemented to reduce it.

Separation of Duties

An internal control that separates Authorization, Custodial (handling assets), and Recording functions to prevent fraud.

Symmetric Encryption

An encryption method where one secret key is used both to encrypt and decrypt information.

Asymmetric Encryption

An encryption method involving two keys: a public key available to everyone and a private key kept secret.

Hashing

A one-way function that converts information into a fixed-length code that cannot be reversed or 'unhashed' to recover the original document.

Digital Signature

A legally binding electronic signature created by hashing a document and encrypting that hash with a private key.

Virtual Private Network (VPN)

A tool used to securely transmit encrypted data between a sender and receiver.

Defense-in-depth

An information security approach that employs multiple layers of overlapping, complementary, or redundant controls.

Time-Based Model of Information Security

A formula (P > D + C) where security is effective if the time to break preventive controls (P) is greater than the time to detect (D) and respond (C) to an attack.

Authentication

A user access control that verifies who a person is based on something they know, have, or a biometric characteristic.

Authorization

A user access control that determines what resources or files a verified person can access.

Phishing

An electronic social engineering technique of sending an e-mail asking a victim to click a link to a spoofed site to divulge sensitive data.

Lapping

A fraud technique where an employee conceals the theft of cash by applying subsequent payments from one customer to another customer's account.

Trojan Horse

Malicious computer instructions hidden within an authorised and properly functioning program.

Botnet

A 'Robot Network' of hijacked computers that carry out processes without the users' knowledge.

Denial-of-Service (DoS) Attack

An attack that overwhelms a web-server with a constant stream of requests to shut down the service.

Fraud Triangle

Compromised of three elements necessary for fraud: Pressure, Opportunity, and Rationalisation.

Data Flow Diagram (DFD)

A graphical description of the flow of data within a system using symbols for entity, process, data flow, and data store.

Value Chain

The set of activities (Primary and Support) a product or service moves along to gain value before being sold to a customer.

Enterprise Resource Planning (ERP)

A system that integrates all aspects of an organisation's information into one overall Accounting Information System (AIS).