accounting test 1

A comprehensive set of flashcards covering key concepts from the lecture on Accounting Information Systems.

Controls for information security

Protecting information assets, detecting and responding to attacks.

Trust Services Framework

A framework ensuring security, confidentiality, privacy, processing integrity, and availability of information.

Defense-in-depth

A security strategy that employs multiple layers of controls to protect information.

Time-Based Model of Information Security

An equation that states: P > D + C, where P is the time to prevent, D is the time to detect, and C is the time to respond to attacks.

Preventive controls

Controls that avert potential security incidents before they occur, such as user access controls and training.

Detective controls

Controls that identify and detect security incidents as they occur, like log analysis and intrusion detection systems.

Corrective controls

Controls that respond to and rectify security incidents after they have occurred, such as patch management.

Authentication

The process of verifying who a person is, based on knowledge (password), possession (ID card), or biometric characteristics.

Authorization

The process of granting or restricting access to information and systems based on user privileges.

Social engineering

Psychological manipulation techniques aimed at gaining access to sensitive information.

Malware

Any malicious software designed to cause damage to a computer system, such as viruses and ransomware.

Hacking

Unauthorized access, modification, or use of a computer system or network.

Fraud Triangle

A model explaining the factors that lead to fraud: pressure, opportunity, and rationalization.

Sarbanes-Oxley Act of 2002

Legislation aimed at improving financial reporting and reducing fraud by establishing stricter regulations on internal controls.

COSO Framework

A framework consisting of control environments, risk assessment, control activities, information and communication, and monitoring.

Data Processing Cycle

The cycle involving stages of data input, processing, output, and storage within an organization.

Enterprise Resource Planning (ERP)

Integration of data and processes across an organization into a unified system to improve efficiency and decision-making.

Business Process Reengineering

Radical redesign of business processes to achieve dramatic improvements in critical measures of performance.

Information system documentation

A set of documents and models that describe the processes and flows within an information system.

Flowcharts

Visual representations of processes that depict how data and activities flow through an information system.

Data Flow Diagram (DFD)

A graphical representation of the flow of data in a system, showing the process, data stores, and data flow paths.

Business Process Modeling Notation (BPMN)

A standardized graphical notation for modeling business processes.

Data overload

A situation where too much information is available, making it difficult to make decisions.