Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
The COSO enterprise risk management framework can be useful in:
A. Systems audits.
B. Investigative audits.
C. Both systems audits and investigative audits.
D. Neither systems audits nor investigative audits.
As the term is used in the Audit Clarity Project, "applicable financial reporting
framework" can mean: (i) IFRS, (ii) COSO, (iii) US GAAP.
A. I and II only
B. I and III only
C. II and III only
D. I, II and III
Which of the following demonstrates the least professional behavior based on Bell's
characteristics?
A. Developing a presentation based on the characteristics of the audience
B. Correctly applying FASB standards for short-term investments
C. Completing continuing professional education courses
D. Ignoring principles from management and finance
Arrange the steps in the systems development life cycle in their usual order of
occurrence.A.TestB.Operations and maintenanceC.ImplementationD.DesignE.Build
F.Requirements analysis
G.Initiation/planning
MCL Corporation recently hired a consultant to design and implement a new
information system. The consultant was trying to decide whether to discard the old
system all at once and put the new system in its place, or to make the transition more
gradual. After making that choice, which of the following should the consultant do
based on the steps in the systems development life cycle?
A. Present MCL with an invoice.
B. Teach MCL employees how the system works.
C. Arrange for the system to be audited.
As an internal control for source documents, transaction limits are most likely to ___ an
error.
A. Prevent
B. Detect
C. Correct
D. Eliminate
An ASP specializes in software applications for government agencies. It is best
described as which type of ASP?
A. Enterprise
B. Vertical market
C. Volume business
D. Application
Common causes of ERP implementation failure include:
A. Poor leadership from top management.
B. Unrealistic expectations.
C. Both poor leadership from top management and unrealistic expectations.
D. Neither poor leadership from top management nor unrealistic expectations.
Carter suggested a four-part taxonomy for classifying computer crime; COBIT
identified a series of enablers to make the best possible use of information and
information technology vis--vis the needs of organizational stakeholders. Which of the
following pairs a COBIT enabler with an element of Carter's taxonomy?
A. Information and target, because the "target" category focuses on system information.
B. Instrumentality and processes, because the "instrumentality" category always
involves at least two business processes.
C. Associated and principles/policies/frameworks, because the "associated" category
involves comprising organizational policies.
D. All of these are good pairings of COBIT enablers and Carter categories.
Modules in an ERP system that contain information about inventory include all the
following except:
A. Customer relationship management
B. Human resource management
C. Supply chain management
D. Financial management
Which of the following statements would you expect to read in a company memo
arguing against the use of the systems development life cycle as a form of internal
control?
A. The risks associated with the SDLC are unknown.
B. The SDLC does not help achieve all four objectives of internal control.
C. The SDLC is not recognized by COSO.
D. The SDLC has no relationship to internal control.
Booksellers of Bufluffia is a small, independent bookstore that both publishes and sells
very specialized titles. They currently have about 50 clients; they publish and sell 30
different books at present. The company's management has asked you to create database
tables to support their operations. Which table(s) should be in third normal form?
A. The client table only
B. The books table only
C. Both the client table and the books table
D. Neither the client table nor the books table
As a form of internal control, an SSAE 16 audit is least likely to address which of the
following risks associated with ASPs?
A. Compromised data
B. Inability to pay monthly fees
C. Financial costs associated with setting up a computer network
D. Cost of purchasing software
The difference between "error" and "information manipulation" as business risks
associated with information technology is:
A. The person's intent
B. The kind of information involved
C. The potential dollar amount of the loss
D. The classification on Carter's taxonomy
