Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
The word "integrated" in the term "integrated accounting software" means:
a) The software is color blind
b) The software can interface with non-accounting software such as spreadsheets.
c) The software combines several accounting functions in one package.
d) all of these are terms of integrated accounting software
Answer:
Which of the following is not an objective of the purchasing process?
a) Inventory control
b) Fastest possible processing of payments to vendors
c) Maintaining vendor records
d) Forecasting cash outflows
Answer:
Which of the following is an objective of the purchasing process?
a) Collecting information for the financial statements
b) Making timely and accurate vendor payments
c) Forecasting cash requirements
d) Tracking bills of lading
Answer:
Which of the following does not destroy data but merely replicates itself repeatedly
until the user runs out of internal memory or disk space?
a) Computer virus
b) Worm program
c) Java applet
d) Salami technique
Answer:
Which of these is correct about the terms "e-business" and "e-commerce."
a) They are exact synonyms
b) They are exact opposites
c) e-business is a subset of e-commerce
d) e-commerce is a subset of e-business
Answer:
Which of the following statements is true regarding timely performance reports?
a) In many companies, these reports are the major means of providing information to
management concerning the actual operations of the companies' internal control
systems
b) These reports should only include monetary data
c) Since these reports fail to provide feedback to management on the operations of
previously implemented internal control procedures, other techniques are needed to
provide this feedback to managers
d) The complexity that a computer introduces into a company's information system will
typically prevent the preparation of timely performance reports for the company's
management
Answer:
Which of these is not a stage in the systems development life cycle?
a) Planning and investigation
b) Analysis
c) Design and acquisition
d) Implementation, followup, and maintenance
e) All of these are stages in the systems development life cycle
Answer:
The operator, in mounting the magnetic tape containing the cash receipts for the
processing run to update accounts receivable, mounted the receipts tape from the
preceding rather than the current day. The error was not detected until after the
processing run was completed. The best control procedure would be a:
a) Header label check
b) Trailer label check
c) Parity check
d) Hash total check
Answer:
For the following terms find the correct definition below and place the letter of that
response in the blank space next to the term. Each definition is used only once there are
two terms that are not used.
1) ______ ideal control
2) ______ scenario planning
3) ______ COBIT
4) ______ detective controls
5) ______ SOX, Section 404
6) ______ control activities
7) ______ fidelity bond
8) ______ risk matrix
9) ______ preventive controls
10) ______ Val IT
11) ______ control environment
12) ______ separation of duties
13) ______ corporate governance
14) ______ internal control
15) ______ corrective controls
Definitions:
A. Managing an organization in a fair, transparent and accountable manner to protect
the interests of all the stakeholder groups
B. A framework for IT governance
C. The purpose of this control is to reduce the risk of loss caused by employee theft
D. The policies, plans, and procedures management uses to protect company assets
E. Software that interfaces with suppliers and customers
F. A control procedure that reduces to practically zero the risk of an undetected error or
irregularity
G. A process whereby management identifies possible events that represent a problem
to the firm and then identifies appropriate responses to those problems
H. Establishes the tone of a company and influences the control awareness of the
company's employees
I. An example of this control is to assign these three functions to different employees:
authorizing transactions, recording transactions, and maintaining custody of assets
J. An example of this type of control is a firewall to prevent unauthorized access to the
company's network
K. An example of this type of control is a change to the company's procedures for
creating backup copies of important business files
L. When companies have production or work completed in countries like India, China,
Canada, Mexico, or Malaysia
M. Examples of this type of control are: log monitoring and review, system audits, file
integrity checkers, and motion detection
N. The purpose of this procedure is to classify each potential risk by mitigation cost and
also by likelihood of occurrence
O. The purpose of this framework is to achieve effective governance of IT
P. Reaffirms that management is responsible for an adequate internal control structure
Q. Includes a combination of manual and automated controls such as approvals,
authorizations, verifications, reconciliations, reviews of operating performance, and
segregation of duties
Answer:
For the following terms find the correct definition below and place the letter of that
response in the blank space next to the term. Each definition is used only once there are
two terms that are not used.
1) ______ Input-processing-output
2) ______ POS system
3) ______ data transcription
4) ______ MICR coding
5) ______ biometric verification
6) ______ legacy system
7) ______ gigabyte
8) ______ terabyte
9) ______ worm
10) ______ RFID
Definitions:
A. Automated data recording for input
B. Potential bottleneck for processing accounting data
C. An older AIS, typically using a mainframe computer
D. 1 billion bytes
E. The data processing cycle for processing most accounting transactions
F. A type of CD encoding
G. 1 trillion bytes
H. Threshold hamming distance
I. Data communications using radio waves
J. Used by banks for automated data input
K. 1 thousand bytes
L. 1 million bytes
Answer:
Which of the following is not a characteristic associated with professional service
organizations?
a) Lack of a profit motive
b) Absence of inventories
c) Importance of human resources
d) Difficulty in measuring the quantity and quality of output
Answer:
Decision trees normally flow from:
a) Top to bottom
b) Left to right
c) Right to left
d) Inside outwards
Answer:
Regarding COBIT, which of the statements is true?
a) COBIT means Cost Objectives for Information and Related Technology
b) COBIT rejects the definition of internal control from the COSO report
c) COBIT states that a company's management should play a minor role in establishing
an internal control system
d) COBIT classifies people as one of the primary resources managed by various IT
processes
Answer:
Suppose a company established training programs that teach employees to perform their
job functions more efficiently and effectively. This is an example of which type of
control?
a) Detective
b) Preventive
c) Corrective
d) none of the above
Answer:
Which of these is not an example of a control break?
a) Changing a name of a client
b) Change in department in an employee listing
c) Change in service classification in a phone book listing
d) Change in zip code in an address listing
e) none of these
Answer:
When erroneous data are detected by computer program controls, such data may be
excluded from processing and printed on an error report. The error report should most
probably be reviewed and followed up by the:
a) Supervisor of computer operations
b) Systems analyst
c) Data control group
d) Computer programmer
Answer:
In entering the billing address for a new client in Emil Company's computerized
database, a clerk erroneously entered a nonexistent zip code. As a result, the first
month's bill mailed to the new client was returned to Emil Company. Which one of the
following would mostlikely have led to discovery of the error at the time of entry into
Emil Company's computerized database?
a) Limit test
b) Validity test
c) Parity test
d) Record count test
Answer:
Database management systems are important to accountants because:
a) They automate file storage tasks and enable managers to generate worthwhile
financial reports
b) They eliminate data redundancy
c) They are unique data structures which accountants have never used before
d) They are easy to develop and therefore save money
e) They are energy efficient
Answer:
The 1992 COSO report identifies five components for an effective internal control
system. Which of those five includes the methods used to record, process, summarize,
and report a company's transactions?
a) Control procedures
b) Control environment
c) Control activities
d) Information and communication
Answer:
Which of the following is not a control to ensure the physical safety of a company's
data processing center?
a) Strategic placement of the computer center
b) The use of password codes
c) The use of identification badges
d) all of the above are computer facility controls
Answer:
Which of the following is not true regarding selecting a new AIS?
a) It is usually cheaper to build a new AIS software program than to purchase it
b) It is much easier today to learn about software options because of the Internet
c) It is always a good idea to get expert help in choosing an ERP system
d) Middle-range and high-end AIS software are not available in shopping malls
Answer:
The term "enrollment" is most closely associated with which of the following?
a) ABA system
b) Biometric system
c) POS system
d) Joystick
e) PDA
Answer:
Information technology governance:
a) Is a component of IT auditing
b) Has one objective to ensure that IT is used strategically to fulfill an organization's
mission
c) Is intended to ensure both the strategic use of IT and control over IT resources
d) Is primarily intended to deter IT fraud
Answer:
Which of these would be an example of a "resource" in the REA framework?
a) Equipment
b) Inventory
c) Cash
d) all of these are possible examples of resources
Answer:
For the following terms find the correct definition below and place the letter of that
response in the blank space next to the term. Each definition is used only once there are
two terms that are not used.
1) _______ CFE
2) ______ SAR
3) ______ CISA
4) ______ ERP
5) ______ XBRL
6) _______ ISACA
7) _______ IT
8) _______ REA
9) _______ KPI
10) _______ VAR
Definitions:
A. A professional auditing organization
B. A special type of systems consultant who is licensed to sell particular software
packages and provide organizations with consulting services related to that software
C. An enterprise-wide accounting system
D. Federally-mandated reporting of suspicious accounting activities
E. An important database design approach
F. Key productivity report
G. A language for creating, transforming, and communicating financial information
H. An auditing certification
I. An acronym often used to describe the computer department of an organization
J. A type of knowledge worker
K. A certification that requires individuals to meet certain qualification set by the
Association of Certified Fraud Examiners
L. An important performance indicator
Answer:
Most system flowcharting symbols:
a) Have not been standardized
b) Have been standardized by the Society of System Analysts
c) Have been standardized by the National Bureau of Standards
d) Are unique to the organization that uses them
Answer:
A POS device is usually attached to a:
a) Printer
b) Bank check
c) Cash register
d) Keyboard
e) Computer mouse
Answer:
The TRW Credit Data Case is an example of:
a) The round-off trick
b) An outsider ripping off a corporate computer
c) Valuable information computer crime
d) none of the above
Answer:
Which of these is not commonly used for biometric identification?
a) Fingerprints
b) Breath sampling
c) Retinal scans
d) Iris scans
Answer:
The term "EDRM" is mostly-closely associated with:
a) Records management
b) Points-of-sale processing
c) Banking
d) Electronic data recording and merchandising
Answer:
Enterprise controls:
a) Are controls in Enterprise Resource Planning Systems
b) Are controls required by the AICPA
c) Affect only application controls
d) Affect many general and application controls
Answer:
For the following terms find the correct definition below and place the letter of that
response in the blank space next to the term. Each definition is used only once.
1)______ automated workpaper software
2)______ Certified Information Systems Auditor (CISA)
3)______ computer-assisted audit techniques (CAATs)
4)______ continuous auditing
5)______ COBIT
6)______ fraud triangle
7)______ generalized audit software
8)______ general-use softwareSQL
9)______ information technology (IT) auditing
10)______ information systems risk assessment
11)______ integrated test facility
12)______ IT governance
13)______ parallel simulation
14)______ penetration testing
15)______ program change control
16)______ Sarbanes-Oxley Act
17)______ third party assurance services
Definitions:
A. Involves evaluating the computer's role in achieving audit and control objectives
B. The use of computer processes or controls to perform audit functions, such as sorting
data to detect duplicate accounts payable invoice numbers
C. A certification given by the Information Systems Audit and Control Association
D. Method by which an auditor can evaluate the desirability of IT-related controls for a
particular aspect of business risk
E. To evaluate risk and design controls to protect against unauthorized access
F. Provides auditors and businesses with guidance in managing and controlling for
business risk associated with IT environments
G. A language that auditors use to retrieve a client's data and display these data in a
variety of formats for audit purposesA productivity tool used by auditors to improve
their work
H. These programs enable auditors to review computer files without continually
rewriting processing programs
I. These programs can help auditors create common-size income statements and balance
sheets that show account balances as percentages
J. A more comprehensive test technique that is used to audit an AIS in an operational
setting
K. The auditor uses live input data, rather than test data, in a program actually written or
controlled by the auditor
L. A set of internal control procedures developed to protect against unauthorized
program changes
M. XBRL can support this concept
N. The process of using IT resources effectively to meet organizational objectives
O. Usually refers to motive, opportunity, and rationalization of inappropriate behavior
in organizations
P. An important feature of this legislation is commonly referred to as Section 404
Reviews
Q. Specialized audits of Internet systems and Web sites
Answer:
One problem with internal auditing is that it is akin to self-regulation (i.e., the auditor
cannot be impartial because both the auditor and the subsystem being audited work for
the same company).
Answer:
One of the techniques for controlling batch processing is the use of hash totals.
Answer:
The changes that a user makes to the data in a form at run time do not alter the data in
the underlying database table.
Answer:
It is relatively easy to determine the acquisition costs of an ERP system.
Answer:
The domain address of a web page is the equivalent of its universal resource locator
(URL).
Answer:
Another name for a URL is the term "domain address."
Answer:
The purpose of PERT is to coordinate the activities in a project, such as a systems
implementation project.
Answer:
Watching for tell-tale signs may help detect computer crime.
Answer:
Microsoft Access can create a well-functioning database for you using Wizards, and
there is no need to understand database design or normalization.
Answer:
Name several conditions when prototyping a system is useful.
Answer:
The production process begins with a request for raw materials and ends with the
transfer of finished goods to warehouses.
Answer:
An example of an input mask for an Access data field is "000\-00\-0000."
Answer:
An ABC inventory system refers to an "activity-based costing" system.
Answer:
Database security is no longer important because DBMSs are already so safe.
Answer:
What do the acronyms COSO and COBIT stand for?
Answer:
Input controls attempt to assure the accuracy and completeness of the data fed into the
CPU for processing.
Answer:
Databasescannot store more than one value in the same data field of the same record.
Answer:
A computer mouse is an example of an input device.
Answer:
Equipment that gathers accounting data at the point at which a sale is made are
sometimes called POS devices.
Answer:
