Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
A REA diagram can be used to verify whether job functions are properly segregated.
The EOQ approach to managing inventory has been gaining popularity in recent years.
A credit sale should always be denied if it exceeds the customer's credit limit.
End-user computing can eliminate many of the analyst-programmer communication
problems associated with the traditional program development.
CAN-SPAM provides both criminal and civil penalties for violations of the law.
Identify theft has always been a federal crime.
Cash is a component of the adjusting entry.
Timely detection of problems is not enough to protect organizations' information
resources.
The IT department should be given control of end-user computing (EUC).
Auditors have the ability to change detection risk.
Under the EOQ inventory approach, carrying costs are usually ignored for
low-cost/low-usage items.
A properly configured enterprise resource planning (ERP) system uses a decentralized
database to share information across business processes and coordinate activities.
The recovery point objective is inversely related to the frequency of backups.
The activist hacker group called Anonymous played Santa Claus one Christmas,
indicating they were "granting wishes to people who are less fortunate than most." They
were inundated with requests for iPads, iPhones, pizzas, and hundreds of other things.
They hacked into banks and sent over $1 million worth of virtual credit cards to people.
One of the advantages of CAATS software is that it can replace the auditor's judgment
in specific areas of an audit.
Cloud computing is generally more secure than traditional computing.
Besides modeling entities as rectangles, there are no industry standards for
entity-relationship diagrams.
Periodic account reconciliations are a control that can be used to reduce the risk of
employees creating unauthorized adjusting entries.
Detecting fraud where two or more people are in collusion to override controls is less
difficult because it is much easier to for one or more fraud perpetrators to reveal the
fraud.
It is relatively easy to train employees to learn how to use an ERP system.
If developers took the time to find and correct every program flaw, they would risk not
getting the system completed on time.
It is industry standard to model entities as rectangles on entity-relationship diagrams.
Maintaining physical custody of the raw materials and finished goods inventories is the
responsibility
of the accounting department.
It is important to verify that all temporary accounts have a zero balance at least two
times during the time period covered by the financial statements.
Digital assets will affect the REA models of the revenue and expenditure cycles.
There is an inverse relationship between control risk and detection risk.
Many corrective controls rely on human judgment.
It is important to physically count inventory, at least periodically, even in a perpetual
inventory system.
Traditionally, accounting information systems have been used to collect, process, store
and report non-financial information.
Batch processing continues to be widely used to process payroll transactions.
Organizations are infrequently the target of deliberate attacks.
Which type of payroll report contains information such as the employees' gross pay,
payroll deductions, and net pay in a multicolumn format?
A) Payroll register.
B) Deduction register.
C) Employee earnings statement.
D) Federal W-4 form.
Recording interest earned on an investment is an example of which type of adjusting
journal entry?
A) Accrual entry.
B) Deferral entry.
C) Closing entry.
D) Correcting entry.
Computer systems are particularly vulnerable to computer fraud because
A) perpetrators can steal, destroy, or alter massive amount of data in very little time,
often leaving little evidence.
B) computer fraud can be much more difficult to detect than other types of fraud.
C) computer programs need to be modified illegally only once for them to operate
improperly for as long as they are in use.
D) all of the above.
Auditing involves the
A) collection, review, and documentation of audit evidence.
B) planning and verification of economic events.
C) collection of audit evidence and approval of economic events.
D) testing, documentation, and certification of audit evidence.
Which of the following is a control that addresses the threat of unauthorized changes to
the payroll master file?
A) Restriction of access to the EFT system.
B) Biometric authentication.
C) Segregation of duties.
D) Sound hiring procedures.
The primary key for a Purchase-Inventory table that consists of the Purchase Order
Number and the Inventory Item Number, is known as a
A) concatenated key.
B) foreign key
C) primary key.
D) dual key.
One way to circumvent the counterfeiting of public keys is by using
A) a digital certificate.
B) digital authority.
C) encryption.
D) cryptography.
Which of the following diagrams represents a situation where a business that rents lawn
mowers (not all of which get rented) writes separate rental agreements for each mower,
so renters don't have to return all the rented items at the same time?
A)
B)
C)
D)
Why would a firm perform ABC cost analysis?
A) to identify the best inventory supplier
B) to reconcile accounts payable
C) to prioritize physical inventory counts
D) to verify production quality
Modest Expectations Investment Services (MEIS) allows customers to manage their
investments over the Internet. If customers attempt to spend more money than they
have in their account, an error message is displayed. This is an example of a
A) reasonableness test.
B) field check.
C) validity check.
D) limit check.
Identify the statement below which is true.
A) Requiring two signatures on checks over $20,000 is an example of segregation of
duties.
B) Although forensic specialists utilize computers, only people can accurately identify
fraud.
C) Internal auditors, rather than external auditors, can conduct evaluations of
effectiveness of Enterprise Risk Management processes.
D) Re-adding the total of a batch of invoices and comparing the total with the first total
you calculated is an example of an independent check.
In the Inventory table above, "Item number" is best described as
A) an attribute.
B) a primary key.
C) a foreign key.
D) A, B, and C
Sequentially prenumbered forms are an example of a(n)
A) data entry control.
B) data transmission control.
C) processing control.
D) input control.
According to the ERM model, ________ help to ensure the accuracy, completeness and
reliability of internal and external company reports.
A) compliance objectives
B) operations objectives
C) reporting objectives
D) strategic objectives
The system objective concerned that information output should help management and
users make decisions is known as
A) flexibility.
B) reliability.
C) timeliness.
D) usefulness.
Why is a separate payroll account used to clear payroll checks?
A) For internal control purposes, to help limit any exposure to loss by the company.
B) To make bank reconciliation easier.
C) To separate payroll and expense checks.
D) All of the above are correct.
Verifying the identity of the person or device attempting to access the system is an
example of
A) authentication.
B) authorization.
C) identification.
D) threat monitoring.
Which of the following is a method for comparing alternative vendor proposals for
development of an accounting information system when the vendors differ with regard
to their ability to meet the project criteria?
A) Point scoring.
B) Resource clearing.
C) Requirements costing.
D) Multi-objective optimization.
Type and group entities are similar in that both are abstractions that represent sets of
A) objects.
B) semantics.
C) attributes.
D) tables.
The information systems audit objective that pertains to source data being processed
into some form of output is known as
A) overall security.
B) program development.
C) program modifications.
D) processing.
Which of the following statements regarding special journals is not true?
A) The balances in a special journal must always reconcile to the general ledger.
B) Special journals are used to record large numbers of repetitive transactions.
C) Special journals are periodically summarized and posted to the general ledger.
D) Special journals provide a specialized format for recording similar transactions.
Recall that students used Facebook and VKontakte to identify Russian money
laundering mules. What fraud case did these students help foil?
A) Zeus
B) Trident Breach
C) Nigerian Banking
D) InfraGard
In Petaluma, California, electric power is provided to consumers by Pacific Power.
Each month Pacific Power mails bills to 186,000 households and then processes
payments as they are received. What is the best way for this business to ensure that
payment data entry is efficient and accurate?
A) well-designed paper forms
B) source data automation
C) turnaround documents
D) sequentially numbered bills
Which organization provides payroll processing as well as other HRM services, like
employee benefit design and administration?
A) title companies
B) payroll service bureau
C) professional employer organization
D) paycheck distribution companies
Which internal control framework is widely accepted as the authority on internal
controls?
A) COBIT.
B) ISACA framework.
C) COSO Integrated Control.
D) Sarbanes-Oxley control framework.
A border router
A) routes electronic communications within an organization.
B) connects an organization's information system to the Internet.
C) permits controlled access from the Internet to selected resources.
D) serves as the main firewall.
Strong ________ controls can partially compensate for inadequate ________ controls.
A) development; processing
B) processing; development
C) operational; internal
D) internal; operational
Which of the statements below is false with regards to generating financial statements
from an REA-based relational database?
A) It is possible to use a completed REA diagram to guide the writing of queries to
produce the information that would be included in financial statements.
B) Many financial statement items can be displayed by querying a single table.
C) It is unnecessary to understand the REA data model to know which tables need to be
included in each query to generate the correct answers to financial statement questions.
D) A major advantage of the REA data model is that it integrates non-financial and
financial data.
Antia Carmie is the largest collector and retailer of Japanese fans in the St. Louis area.
Antia uses computer technology to provide superior customer service. The store's
database system was designed to make detailed information about each Japanese fan
easily accessible to her customers. Accordingly, the fan price and condition are
provided for each fan, along with many pictures of each fan. In Antia's database, the
data about each Japanese fan's price is stored in a(n)
A) entity.
B) attribute.
C) field.
D) record.
What is the primary objective of ensuring systems and information are available for use
whenever needed?
A) To minimize system downtime.
B) To minimize system expense.
C) To maximize system processing speed.
D) To maximize sales.
Knowledge management systems (KMS) permit organizations to
A) store employee solutions to specific problems in a shared database.
B) learn from individuals external to the organization.
C) perform background checks on potential employees.
D) gain competitive business intelligence on competitors.
Name and describe the different types of audits.
What factors should be considered in outsourcing payroll to a payroll service bureau?
Discuss the advantages and disadvantages of using a payroll service bureau to process a
payroll.
Define fraud and describe both the different types of fraud and the auditor's
responsibility to detect fraud.
Discuss the ways in which information professionals interact with documentation tools
and the various levels of understanding necessary.
Discuss the idea of a data flow.
Give an example of an M:N Agent-Event relationship.
Explain the purpose of a journal voucher file.
Identify the two types of payroll deductions and give two examples of each type.
Describe the conditions that favor the use of prototyping.
What characteristics must be presented for an act to be considered fraudulent? Give an
example to support your answer.
According to COBIT 5, what should be the common features for locating and designing
data centers housing mission-critical servers and databases?
What are the advantages of the REA data model over the traditional AIS model?
Explain the relevance of the Sarbanes Oxley Act to the documentation tools presented
in this chapter.
Explain the impact of SAS No. 99 on auditors' responsibilities.
Explain the various computer fraud classifications using the data processing model.
Provide an example for each computer fraud classification.
Describe ways to help minimize social engineering.
Explain the importance of systems development planning, and describe the types of
plans and planning techniques used.
Describe the risk-based audit approach.
Describe the process for producing various managerial reports, the threats to that
process, and how tools like responsibility accounting, the balanced scorecard, and
well-designed graphs can help mitigate those threats.
