Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
The principle of selecting and developing controls that might help mitigate risks to an
acceptable level belongs to which of the COSO's Internal Control Model's component?
A) Control environment.
B) Risk assessment.
C) Control activities.
D) Information and communication.
How many tables are needed to implement an REA data model that has four distinct
entities, three M:N relationships and one 1:N relationships in a relational database?
A) 5
B) 7
C) 8
D) 10
Approximately what percentage of software development projects were over budget?
A) 70%
B) 30%
C) 66%
D) 54%
In a relational database designed according to the REA model, where is information
about transactions stored?
A) Resource entities.
B) Agent entities.
C) Event entities.
D) All of the above.
Which of the following balanced scorecard dimensions provides measures on how
efficiently and effectively the organization is performing key business processes?
A) Financial.
B) Internal operations.
C) Innovation and learning.
D) Customer.
The definition of the lines of authority and responsibility and the overall framework for
planning, directing, and controlling is laid out by the
A) control activities.
B) organizational structure.
C) budget framework.
D) internal environment.
A well-planned and drawn level 0 data flow diagram for the expenditure cycle would
show which of the following processes?
A) 1.0 Order Goods; 2.0 Receive and Store Goods; 3.0 Pay for Goods.
B) 1.0 Order Goods; 1.1 Receive and Store Goods; 1.2 Pay for Goods.
C) 0.1 Order Goods; 0.2 Receive and Store Goods; 0.3 Pay for Goods.
D) 0.1 Order Goods; 0.12 Receive and Store Goods; 0.13 Pay for Goods.
The operations list shows
A) the labor and machine requirements.
B) the steps and operations in the production cycle.
C) the time expected to complete each step or operation.
D) all of the above
In a database created using an REA model, the Bill of Materials entity is most
analogous to
A) the "bill" that can be sent to the customer who order the finished good(s).
B) the "recipe" needed to produce the finished good(s).
C) the "receipt" for the purchase of specific raw materials.
D) the "audit trail" that can be used to verify a finished good(s) was actually produced.
Data must be converted into information to be considered useful and meaningful for
decision making. There are seven characteristics that make information both useful and
meaningful. If information can help reduce uncertainty, improves decision making, or
confirms or corrects prior expectations, it is representative of the characteristic of
A) reliability.
B) relevance.
C) complete.
D) truthful.
Identify the statement below that is not true with regards to the accounts receivable
subsidiary ledger.
A) Every credit sale is entered individually into the subsidiary ledger.
B) Debits and credits in the subsidiary ledger must always equal.
C) The subsidiary ledgers play an important role in maintaining the accuracy of the data
stored in the AIS.
D) The total of the subsidiary ledgers must equal the control account.
The task of improving the efficiency of Crawford Insurance's accounting information
system was given to a project development team. During the ________ step in the
systems development life cycle, the team initiated an end user training program to
prepare employees to switch to the new system.
A) systems analysis
B) operations and maintenance
C) implementation and conversion
D) physical design
Which of the following controls can minimize the threat of theft or fraudulent
distribution of paychecks?
A) Redepositing unclaimed paychecks and investigating cause.
B) Issuing earnings statements to employees.
C) Using biometric authentication.
D) Conducting criminal background investigation checks of all applicants for finance
related positions.
With a limited work force and a desire to maintain strong internal control, which
combination of duties would result in the lowest risk exposure?
A) Updating the inventory subsidiary ledgers and recording purchases in the purchases
journal.
B) Approving a sales return on a customer's account and depositing customers' checks
in the bank.
C) Updating the general ledger and working in the inventory warehouse.
D) Entering payments to vendors in the cash disbursements journal and entering cash
received from customers in the cash receipts journal.
Software that identifies unexecuted program code is called
A) automated flowcharting programs.
B) automated decision table programs.
C) mapping programs.
D) tracing program.
Increasing the effectiveness of auditing software will
A) reduce detection risk.
B) reduce control risk.
C) increase detection risk.
D) increase control risk.
After graduating from college, Rob Johnson experienced some difficulty in finding
full-time employment. Trying to make ends meet, Rob used all of his saving to buy a
significant number of shares in small, low-priced, thinly traded penny stocks. He then
uses spam e-mails and blog postings to disseminate overly optimistic information about
the company in hope to drives up the company's stock price. He is waiting to sell his
shares to investors and pocket a profit. He is engaged in
A) internet pump-and-dump.
B) Bluesnarfing.
C) vishing.
D) typosquatting.
A company that invests in a system in the hopes of improving product or service quality
is attempting to use their information system to gain
A) a competitive advantage.
B) improved business processes.
C) productivity gains.
D) better systems integration.
Encryption is a necessary part of which information security approach?
A) Defense in depth.
B) Time based defense.
C) Continuous monitoring.
D) Synthetic based defense.
In a relational database, details about activities such as Cleaning, X-Rays, Fillings, Root
Canals, Crowns, and Extractions would all be stored in which table?
A) Services.
B) Sales.
C) Inventory.
D) Patient.
When a subsystem achieves its goals while contributing to the organization's overall
goal, it is called
A) system match.
B) system congruence.
C) goal congruence.
D) goal match.
The project development committee for Photomat Incorporated is discussing output
design alternatives for a new, organization-wide accounting information system. There
is disagreement among the team regarding whether the quarterly sales numbers be
disclosed in a narrative, displayed as a table, or appear in a bar chart. What output
design consideration is the team discussing?
A) Use.
B) Medium.
C) Format.
D) Location.
The evidence collection stage of an operational audit includes all the following
activities except
A) reviewing operational policies.
B) establishing audit objectives.
C) testing the accuracy of operating information.
D) testing controls.
MacDougalKids is a mid-sized manufacturer of organic baby food. MacDougalKids
uses the EOQ inventory management approach. Which of the following factors would
likely be least important when selecting inventory suppliers?
A) product price
B) product quality
C) vendor delivery dependability
D) All would be equally important.
Gaining control of somebody's computer without their knowledge and using it to carry
out illicit activities is known as
A) hacking.
B) spamming.
C) posing.
D) hijacking.
According to the Trust Services Framework, the confidentiality principle of integrity is
achieved when the system produces data that
A) is available for operation and use at times set forth by agreement.
B) is protected against unauthorized physical and logical access.
C) can be maintained as required without affecting system availability, security, and
integrity.
D) is complete, accurate, and valid.
The best example of an effective payroll transaction file hash total would most likely be
A) sum of net pay.
B) total number of employees.
C) sum of hours worked.
D) total of employees' social security numbers.
What specific control can help restrict the rights of authorized users to only the portion
of a database needed to complete their specific job duties?
A) an access control matrix
B) passwords and user IDs
C) closed-loop verification
D) specific authorization
When combining two REA diagrams by merging common entities, changes in the
cardinality of the merged entity is needed when it is a(n)
A) agent.
B) event.
C) relationship.
D) resource.
Text that was transformed into unreadable gibberish using encryption is called
A) plaintext.
B) ciphertext.
C) encryption text.
D) private text.
Which of the following is commonly true of the default settings for most commercially
available wireless access points?
A) The security level is set at the factory and cannot be changed.
B) Security is set to an adjustable level that changes depending on the wireless network
the device is connected.
C) Security is set to the lowest level that the device is capable of handling.
D) Security is set to the highest level that the device is capable of handling.
Mara Kay is a system analyst for a national department store. She was tasked to identify
previously unknown relationships in the company's sales data that can be used in future
promotions. What technique would Mara most likely use?
A) Customer auditing
B) Customer resource management
C) Data exploring
D) Data mining
Describe the conceptual systems design phase and identify the elements of conceptual
design specifications.
Describe prototyping and identify when prototyping is appropriate. Identify the steps
involved in prototyping. Discuss the advantages and disadvantages of prototyping.
What is Cardinalities?
Describe cycle billing and identify how an organization might benefit by using cycle
billing.
Discuss to the key CAN-SPAM's guidelines on commercial e-mail that has the primary
purpose of advertising.
Discuss how information system outsourcing can provide the organization with both a
business solution and asset management.
How is a balanced scorecard used to assess organizational performance?
Compare and contrast the COBIT, COSO, and ERM control frameworks.
Identify and discuss the role of the groups that influence the development and
implementation of an AIS.
Describe economic feasibility analysis. What techniques are used in economic
feasibility analysis?
What is the purpose behind the five primary activities in the value chain?
Discuss the basic business activities and related information processing operations in
the expenditure cycle, explain the general threats to those activities, and describe the
controls that can mitigate those threats.
What guidelines should be followed when contracting with an outside developer to
create custom software?
Explain the process and key decisions involved in approving supplier invoices for
goods and services, identify the threats to those activities, and describe the controls that
can mitigate those threats.
Describe some steps you can take to minimize your risk of identity theft.
Describe typical credit approval procedures.
