Professional Documents
Culture Documents
Group4 Auditingincis
Group4 Auditingincis
GUILING, ASLIMA M.
VILLANUEVA, CLARISSA MICAH
TIRATIRA, KATE LORIE
DATA MANAGEMENT
APPROACHES
FLAT-FILE APPROACH
DATABASE APPROACH
FLAT-FILE APPROACH
• Flat files are data files that contain records with no
structured relationships to other files.
• Associated with large, older legacy systems which are
often large mainframe systems that were implemented in
the 1970s through the 1980.
• Promotes a single-user view approach where end users
own rather than share data files.
• Separate data sets for each user leads to data
redundancy which causes problems with:
• Data storage
• Data updating
• Currency of information
• Task-data dependency
FLAT-FILE APPROACH
DATA STORAGE
- Efficient data management captures and stores
data only once and makes this single source available to all
users who need it. In the flat-file environment, this is not
possible.
- Some commonly used data may be duplicated
dozens, hundreds, or even thousands of times within an
organization
FLAT-FILE APPROACH
DATA UPDATING
- Organizations store a great deal of data on master
files and reference files that require periodic updating to
reflect changes.
- Changes must be made separately for each user. If
updating fails problem of currency of information with users
having outdated information.
- redundant updating tasks add significantly to the
cost of data management
FLAT-FILE APPROACH
CURRENCY OF INFORMATION
- In contrast to the problem of performing multiple
updates is the problem of failing to update all the user files
that are affected by a change in status. If update information
is not properly disseminated, the change will not be reflected
in some users' data, resulting in decisions based on
outdated information.
FLAT-FILE APPROACH
TASK-DATA DEPENDENCY
- user's task is limited and decision-making ability
constrained by the data that he or she possesses and
controls
- users in this environment tend to satisfy new
information needs by procuring new data files. This takes
time, inhibits performance, adds to data redundancy, and
drives data management costs even higher.
DATABASE APPROACH
• Access to the data resource is controlled
by a database management system
(DBMS).
• Centralizes organization’s data into a
common database shared by the user
community.
• All users have access to data they need
which may overcome flat-file problems.
• Elimination of data storage
problem
• Elimination of data update
problem
• Elimination of currency
problem
• Elimination of task-data
dependency
DATABASE APPROACH
KEY ELEMENTS OF DATABASE
ENVIRONMENT:
• Database management
system (DBMS),
• users,
• Database administrator
(DBA),
• Physical database, and
• Database management
system mode
DATABASE APPROACH
DATABASE MANAGEMENT SYSTEM
- The DBMS provides a controlled environment to assist (or
prevent) access to the database and to efficiently manage the
data resource.
- Typical DBMS features include:
• Program Development – Applications may be created
by programmers and end users.
• Backup and Recovery - Copies made during processing.
• Database Usage Reporting - Captures statistics on database usage (who, when, etc.).
• Database Access - Authorizes access to sections of the database.
- Data definition language a programming language used to define the database to the DBMS on three
levels (Data views):
1. Internal View/Physical View -lowest level of representation, which is one step removed from the
physical database. This internal view describes the structures of data records, the linkages between
files, and the physical arrangement and sequence of records in a file. There is only one internal view
for the database.
2. Conceptual View/Logical View (Schema) - Describes the entire database logically and abstractly
rather than physically. Only one conceptual view.
3. External View/User View (Subschema) - user's section of the database the portion that an
individual user is authorized to access, To a particular user, the user view is the entire database.
Unlike the internal and conceptual views, there may be many distinct user views.
DATABASE APPROACH
USERS
Formal Access: Application Interfaces
- Under this mode of access, the presence of the DBMS is
transparent to the users. Data processing procedures (both
batch and real time) for transactions such as sales, cash receipts,
and purchases are essentially the same as they would be in the
flat file environment.
Network Model
• In the late 1970s, an ANSI committee created the Committee on Development of Applied Symbolic Languages
(CODASYL), which formed a database task group to develop standards for database design. CODASYL developed
the network model for databases.
• Like the hierarchical model, it is a navigational database with explicit linkages between records and files. The
distinction is that the network model permits a child record to have multiple parents.
DATABASE APPROACH
Relational Model
• E. F. Codd originally proposed the principles of the relational
model in the late 1960s.! The formal model has its foundations in
relational algebra and set theory, which provide the theoretical
basis for most of the data manipulation operations used.
• Difference between this and navigational models is the way data
associations are represented to the user.
• Relational model portrays data in two- dimensional tables with
attributes across the top forming columns
• Intersecting columns to form rows are tuples which are
normalized arrays of data similar to records in a flat-file system.
• Relations are formed by an attribute common to both tables in the
relation
• Properly designed tables possess the following four
characteristics:
1. All occurrences at the intersection of a row and a column
are a single value. No multiple values (repeating groups) are allowed.
2. The attribute values in any column must all be of the
same class.
3. Each column in a given table must be uniquely named.
4. Each row in the table must be unique in at least one
attribute. This attribute is the primary key.
DATABASES IN A DISTRIBUTED
ENVIRONMENT
DATABASES IN A DISTRIBUTED ENVIRONMENT
CENTRALIZED DATABASES
• Data retained in a central location.
• Remote IT units send requests to central site which
processes requests and transmits data back to the
requesting IT units.
• The actual processing of the data is performed at the
remote IT unit.
• Objective of database approach it to maintain data
currency with can be challenging.
• During processing, account balances pass through a state
of temporary inconsistency where values are incorrect.
• To achieve data currency, simultaneous access to
individual data elements by multiple IT units must be
prevented. The solution to this problem is to employ a
database lockout, which is a software control (usually a
function of the DBMS) that prevents multiple simultaneous
accesses to data
DATABASES IN A DISTRIBUTED ENVIRONMENT
DISTRIBUTED DATABASES
Distributed databases can be either partitioned or replicated
Partitioned databases
Replicated databases
• Effective for situations with a high degree of data sharing, but no primary
user.
• Since common data are replicated at each IT unit site, the data traffic
between sites is reduced considerably
• primary justification for a replicated database is to support read-only
queries.
• The problem with this approach is maintaining current versions of the
database at each site.
• Since each IT unit processes only its transactions, common data
replicated at each site are affected by different transactions and reflect
different values.
CONCURRENCY CONTROL
• Database concurrency is the presence of complete and accurate data at all
user sites.
• A commonly used method for concurrency control is to serialize
transactions. This method involves labeling each transaction by two
criteria.
• First, special software groups transactions into classes to identify
potential conflicts.
• The second part of the control process is to time stamp each
transaction.
Ref.: https://pdfslide.net/education/chapter-4-security-part-ii-auditing-database-systems.html?page=37
Auditing in CIS ppt.