Acc 55259 | Course Paper

Unlock access to all the studying documents.

View Full Document

E-R diagrams can be used to represent the contents of any kind of database.

SOX suggested the fraud hotline as a mechanism for employees to report fraud and

abuse.

An accounting information system requires at least one computer.

The SEC requires U.S. companies to use XBRL when submitting their filings.

Steganography malware uses encryption to increase its effectiveness.

There is a direct relationship between inherent risk and detection risk.

In a system with effective separation of duties, it is difficult for any single employee to

embezzle successfully.

Many systems development projects requirements do not change because users often

have a good understanding of all the things they want the software to do.

It is impossible to encrypt information transmitted over the Internet.

Encryption is one of the many ways to protect information in transit over the internet.

ERP systems make it easier for an organization to implement an activity based costing

approach.

Shipping efficiency can often be improved by replacing RFID tags with bar codes.

A Deloitte & Touche survey found that most chief information officers do not expect to

replace their current systems with commercially available packages.

Training can also reduce the risk of system downtime.

Corporate strategy should affect the way a firm deploys an accounting information

system.

Auditors have the ability to change inherent risk.

When properly deployed, accounting information systems can provide firms with a

competitive advantage.

Logs need to be analyzed regularly to detect problems in a timely manner.

An organization that sells digital products, such as access to view online videos, does

not need an inventory table in its database.

Auditors often use reperformance to test a company’s internal control.

A 16 year old hacker was able to access the systems of U.S. Missile Command and

accidently launched a small nuclear missile, which fortunately, failed to detonate.

The choice of cardinalities is often arbitrary to reflect facts about the organization being

modeled and its business practices.

Employees who are transferred internally is often a more costly alternative because they

already will need to be trained.

Data dictionary can be used as part of the audit trail.

It is not as efficient to enter data on paper, then enter the data into the system compared

to requiring users to enter data directly into the system without using a paper source

document.

Standard XBRL taxonomies can cover most accounting situations.

Social engineering attacks often take place over the Internet.

Law enforcement uses key logging software, a form of malware, to detect crime.

Guidelines that an organization can follow to prevent behavioral problems when

implementing a system is often inexpensive and not as time-consuming as one may

have thought.

RFPs for exact hardware and software specifications have higher total costs and require

more time to prepare and evaluate.

Since most systems are moving away from using paper documents, form design is not

as an important consideration in system development.

Which of the following statements is false regarding the use of incentives, commissions

and bonuses in the payroll system?

A) Using incentives, commissions, and bonuses requires linking the payroll system and

the information systems of sales and other cycles in order to collect the data used to

calculate bonuses.

B) Bonus/incentive schemes must be properly designed with realistic, attainable goals

that can be objectively measured.

C) Incentive schemes can result in undesirable behavior.

D) Incentive schemes can create fraud.

A(n) ________ system prepares and mails monthly statements to customers throughout

the entire month, instead of just at the end of the month.

A) continuous

B) open-invoice

C) cycle billing

D) balance forward

This document appears to be a

A) Materials Requisition.

B) Production Order.

C) Bill of Materials.

D) Move Ticket between production and warehouse functions.

Pay rate information should be stored in

A) employees’ personnel files.

B) employee subsidiary ledgers.

C) the payroll master file.

D) electronic time cards.

An organization that has an antiquated accounting information system has more

________ risk than an organization that has a more advanced system.

A) control

B) detection

C) inherent

D) investing

The Cape Fear Rocket Club heads out to the dunes of Cape Fear, Oregon every August

to pierce the sky with their fiery projectiles. An enterprising seller of t-shirts has

devised a series of designs that capture the spirit of the event in silk-screened splendor.

His employees can be found on many of the major intersections selling his products out

of the backs of pickup trucks. What is the best way for this business to ensure that sales

data entry is efficient and accurate?

A) well-designed paper forms

B) source data automation

C) turnaround documents

D) sequentially numbered forms

Sales order number is most likely to be a foreign key in which entity of an expanded

revenue cycle REA diagram?

A) Call on Customers.

B) Fill Customer Order.

C) Ship Order.

D) Take Customer Order.

Firms should consider developing custom software only if

A) it will be used for critical functions like accounts receivable.

B) it will contribute to development of a significant competitive advantage.

C) the firm has the necessary expertise available in-house.

D) the available canned software is very expensive.

An integrated REA diagram merges multiple copies of ________ and ________ entities

but retains multiple copies of ________ entities.

A) resource; event; agent

B) event; agent; resource

C) resource; agent; event

D) event; resource; agent

Which of the following is not a management characteristic that increases pressure to

commit fraudulent financial reporting?

A) Close relationship with the current audit engagement partner and manager

B) Pay for performance incentives based on short-term performance measures

C) High management and employee turnover

D) Highly optimistic earnings projections

When a computer criminal gains access to a system by searching through discarded

records, this is referred to as

A) data diddling.

B) dumpster diving.

C) eavesdropping.

D) data squatting.

The use of a data warehouse in strategic decision making is often referred to as

A) business intelligence.

B) managerial accounting.

C) data analysis.

D) analytical modeling.

A ________ shows how a project will be completed, including tasks and who will

perform them as well as a timeline and cost estimates.

A) performance evaluation

B) project development plan

C) steering committee

D) strategic master plan

Which of the following controls would be the least effective in preventing paying the

same invoice twice?

A) Only pay from original invoices.

B) Cancel each document in the voucher package once the check is prepared and

mailed.

C) Only pay vendor invoices that have been matched and reconciled to a purchase order

and a receiving report.

D) Allow only the accounts payable department to authorize payment for vendor

invoices and allow only the cash disbursements department to cut and mail checks to

vendors.

Compatibility tests utilize a(n) ________, which is a list of authorized users, programs,

and data files the users are authorized to access or manipulate.

A) validity test

B) biometric matrix

C) logical control matrix

D) access control matrix

Who should communicate frequently with users and hold regular meetings to consider

ideas and discuss progress so there are no surprises upon project completion?

A) Information systems steering committee.

B) Management.

C) Project development team.

D) Accountants.

An effective project development team consists of

A) systems analysts.

B) accountants.

C) users.

D) all of the above

According to the Trust Services Framework, the reliability principle of integrity is

achieved when the system produces data that

A) is available for operation and use at times set forth by agreement.

B) is protected against unauthorized physical and logical access.

C) can be maintained as required without affecting system availability, security, and

integrity.

D) is complete, accurate, and valid.

In the time-based model of information security, P represents

A) the time it takes to respond to and stop the attack.

B) the time it takes for the organization to detect that an attack is in progress.

C) the time it takes an attacker to break through the various controls that protect the

organization’s information assets.

D) the time it takes to assess threats and select risk response.

Under CAN-SPAM legislation, an organization that receives an opt-out request from an

individual has ________ days to implement steps to ensure they do not send out any

additional unsolicited e-mail to the individual again.

A) 2

B) 5

C) 7

D) 10

One of the key objectives of segregating duties is to

A) ensure that no collusion will occur.

B) achieve an optimal division of labor for efficient operations.

C) make sure that different people handle different transactions.

D) make sure that different people handle different parts of the same transaction.

The Trust Services Framework reliability principle that states access to the system and

its data should be controlled and restricted to legitimate users is known as

A) availability.

B) security.

C) privacy.

D) integrity.

In preparing a DFD, when data are transformed through a process, the symbol used

should be

A) a circle.

B) an arrow.

C) a square.

D) two horizontal lines.

In the expenditure cycle, good control dictates that expenditures should be paid by

check. This may not be feasible when minor purchases are made. To facilitate quick

payment for minor purchases, a(n) ________ should be set up and maintained using

________.

A) special bank account; disbursement vouchers

B) imprest fund; vouchers

C) cash box; small denomination bills

D) petty cash fund; procurement cards

A chart of accounts is an example of (select all that apply)

A) sequence codes.

B) block codes.

C) group codes.

D) mnemonic codes.

The process of maintaining a table listing all established connections between the

organization’s computers and the internet to determine whether an incoming packet is

part of an ongoing communication initiated by an internal computer is known as

A) packet filtering.

B) deep packet inspection.

C) access control list.

D) access control matrix

Which of the following would be true when implementing this REA diagram into a

relational database?

A) The primary key for Employee would be a foreign key for Cash Receipts.

B) The primary key for Cash Receipts would be a foreign key for Cash.

C) The primary key for Parts would be a foreign key for Service Request.

D) The primary key for Sales would be a foreign key for Service Request.

Identify the statement below that is false with regards to basic requirements of a

relational database model.

A) Primary keys can be null.

B) Foreign keys, if not null, must have values that correspond to the value of a primary

key in another table.

C) All non-key attributes in a table should describe a characteristic about the object

identified by the primary key.

D) Every column in a row must be single-valued.

In an REA diagram for the HR/Payroll cycle, the relationship between Employees and

Training is typically M:N for all except which of the following reasons?

A) One employee may attend the same training event more than once.

B) Each employee may attend more than one training event.

C) Each training event may have more than one employee attend.

D) One training event may be offered more than once.

An accounting information system (AIS) processes ________ to provide users with

________.

A) data; information

B) data; transactions

C) information; data

D) data; benefits

Identify the notation often used to represent cardinality information.

A) Dotted lines.

B) Greek characters.

C) Crow’s feet.

D) Color coding.

Not all journal entries affect cash flow. Adjusting entries that reflect events that have

already occurred, but have no effect on cash, are classified as

A) accruals.

B) deferrals.

C) revaluations.

D) corrections.

Which of the following duties could be performed by the same individual and not

violate segregation of duty controls?

A) handling cash and posting to customer accounts

B) issuing credit memos and maintaining customer accounts

C) handling cash and authorizing credit memos

D) handling cash receipts and mailing vendor payments

Identify the false statement below.

A) Retail stores do not have a production cycle.

B) Financial institutions have installment-loan cycles.

C) Every organization should implement every transaction cycle module.

D) A service company does not have an inventory system.

Describe a system flowchart. Describe a program flowchart. How are the two

interrelated?

Describe the disadvantages of test data processing.

What is PLM and how management can use it to improve product design?

Discuss the revenue cycle threat of stockouts, carrying costs, and markdowns.

Explain how business process management, prototyping, agile development, and

computer-aided software engineering can help improve system development.

How can using RFID tags or bar codes on goods or products provide significant benefit

in the expenditure cycle?

What is the difference in logical view and physical view?

Discuss how cloud computing could both positively and negatively affect system

availability.

Describe the information that is contained in the data dictionary.

Describe the four main events of interest included in a typical production cycle REA

diagram.

Describe the rules that are necessary to correctly draw an integrated REA diagram.

Describe the four ways that management can use to respond to risk. Provide an example

for each of them.

Describe the concept of materiality and provide an example.

Describe the basic revenue cycle activities.

What are the actions recommended by the Treadway Commission to reduce the

possibility of fraudulent financial reporting?

Describe each of the four important principles underlying Business Process

Management (BPM).

Describe an REA data model.

Explain the differences between each type of audit risk.

Discuss the concept of a system and the issues of goal conflict and goal congruence.