AIS Chapters 5,6 and 7 (12,13 and 14)

¡Supera tus tareas y exámenes ahora con Quizwiz!

With respect to COBIT 5, which of the following is true:

COBIT 5 articulates a series of enablers that facilitate the achievement of organizational objectives.

to achieve appropriate, effective IT governance, senior managers of an organization will typically use which of the following:

COBIT and VAL IT

The database of an ERP system is best described as:

Centralized

The 2013 COSO Report identifies five components for an effective internal control system. These are:

Control procedures, risk assessment, control activities, information and communication, and monitoring

Those control procedures that are designed to remedy problems discovered through detective controls are called:

Corrective controls

The output from a company's ERP system displays graphs and charts depicting sales by different regions of the country is often called a:

Dashboard

A company's management is concerned about computer data eavesdropping and wants to maintain the confidentiality of its information as it is transmitted. The company should utilize:

Data encryption

According to PCAob standard no. 5, which of the following is an example of an entity level control?

Effectiveness of the board of directors

An effective control for maintaining the privacy of data stored on a large, networked server would be:

Encryption

Categories of application controls include all of the following except

Encryption

The acronym ERP stands for:

Enterprise resource planning

____ is defined as "the culture, capabilities, and practices, integrated with strategy and execution, that organizations rely on to manage risk in creating, preserving and realizing value."

Enterprise risk management

A ______ site is a disaster recovery site that includes a computer system similar to the one the company regularly uses, software, and up-t0-date data so the company can resume full data processing operations within seconds or minutes.

Flying start

If _____ controls are ineffective, this can cause ____ controls to be unreliable.

IT general, application

___ controls help ensure the validity, accuracy and completeness of data entered into an AIS.

Input

Which of the following is a distinguishing characteristic of an enterprise-wide (ERP) system?

Integration of business functions

This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the organization.

Internal control

Which of the following fundamental concepts is stressed by the 2013 COSO Report?

Internal control is a process

Which of the following is not a computer facility control?

Limit access to the data processing center to all employees of the company

A web page that uses graphs and other tools to visually display data from both an ERP system and from external sources is also called a:

Mashup

Mid-level accounting software:

May be purchased in modules that match various business processes

Which of the following is the best DRP choice if minimal downtime is the primary deciding factor?

Mirrored site

Which of the following accounting software programs would be appropriate for a small business (e.g., a sole proprietorship with 20 employees)?

NetSuite

An internal control system should consist of five components. Which of the following is not one of those five components?

Performance evaluation

Assume that a company designs and implements a control procedure whereby the accountant that is responsible for recording cash receipts transactions does not have access to the cash itself. This control procedure is an example of a:

Predictive Control

Which of the following is not one of the four objectives of an internal control system?

Promote firm profitability

Which of the following accounting software programs would be appropriate for a small business (e.g., a sole proprietorship with 20 employees)?

QuickBooks

The purpose of a/n __ edit check is to ensure that an input field does not exceed expected norms, i.e., someone doesn't enter more than 24 hours worked in a day.

Reasonableness

Separation of duties is an important control activity. If possible, managers should assign which of the following three functions to different employees?

Recording, authorizing, custody

All of the following are benefits of ERP systems except:

Reduced employee turnover

Fault-tolerant systems are designed to tolerate computer errors and are built on the concept of:

Redundancy

The purpose of ________________ is to identify organizational risks, analyze their potential in terms of costs and likelihood of occurrence, and install those controls whose projected benefits outweigh their costs.

Risk assessment

Which of the following is not one of the five components of Enterprise Risk Management from the COSO 2017 report?

Risk response

A _____ is a comprehensive plan that helps protect the enterprise from internal and external threats.

Security policy

If the same employee is responsible for authorizing a business transaction and recording the transaction in the accounting records, this indicates a weakness in which element of a company's internal control system?

Separation of duties

Which one of the following would most compromise the use of backups as protection against loss or damage of master files?

Sorting of all files in one location

Within the context of accounting packages for small businesses, the term "scalability" refers to:

The ability of the system to grow with a business

Disaster recovery plans may not be of much use if:

They are not tested and revised when necessary

A ______ is a security appliance that runs behind a firewall and allows remote users to access entity resources by using wireless, hand-held devices.

VPN

In entering the billing address for a new client in Emil Company's computerized database, a clerk erroneously entered a nonexistent zip code. As a result, the first month's bill mailed to the new client was returned to Emil Company. Which one of the following would most likely have led to discovery of the error at the time of entry into Emil Company's Computerized database?

Validity test

Components of an ERP's architecture typically include:

a centralized database and application interfaces

Within the context of ERP systems, a mashup is:

a web page that can combine data from two or more external sources

In selecting a new AIS, a company's management should:

always consult with your accountant during the decision process

segregation of duties is a fundamental concept in an effective system of internal control. but, the internal auditor must be aware that this safeguard can be compromised through:

collusion among employees

Which of the following is a distinguishing characteristic of an enterprise-wide (ERP) system?

integration of business functions

This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the organization.

internet control

An organization will always need to upgrade to a new AIS if:

none of the above are necessarily reasons to buy new accounting software

which of these is not one of the 3 major types of controls?

objective

which one of the following forms of audit is most likely to involve a review of an entity's performance of specific activities in comparison to organizational specific objectives?

operational audit

an internal control system should consist of five components. which of the following is not one of those five components?

performance evaluation

which of the following is not one of the four objectives of an internal control system?

promote firm profitability

Low-end accounting software is increasingly complex and sophisticated. However, software costing only a few hundred dollars is not likely to:

provide all the info needed to optimize customer and supplier relationships

separation of duties is an important control activity. if possible, managers should assign which of the following three functions to different employees?

recording, authorizing, custody

which of the flowing is not one for he three additional components that was added in the 2004 COSO report?

risk assessment

which of the following would a manager mostly likely use to organize and evaluate corporate governance structure?

the 1992 COSO report

which of the following would a manager most likely use for risk assessment across the organization?

the 2004 COSO report

which management of the sales department has the opportunity to override the system of internal controls of the accounting department, a weakness exists in:

the control environment

Accounting and enterprise software can be expensive. Which of the following is likely to be the highest cost associated with a new AIS?

the cost of implementing and maintaining a new system

section 404 affirms that management is responsible for establishing and maintaining an adequate internal control structure. this section may be found in which of the following?

the sarbanes-oxley act of 2002

All of the following are examples of authenticating based on something you know except

token

COSO recommends that firms ______ to determine whether they should implement a specific control

use cost benefit analysis

Components of an ERP's architecture typically include:

A centralized database and application interfaces

Enterprise controls:

Affect many general and application controls

Which of the following is considered an integrated software system?

All of the Above (MRP I, MRP II, ERP)

Successful implementation of ERP systems typically involves:

All of the Above (Substantial Planning, Review of Business Processes, Support from Mgt.)

Which of the following reasons might explain why a small business owner would hire a CPA firm or a software consultant to help select accounting software?

All of the Above (train employees to use software, identify useful reports for decision making, help w/rescue efforts in event of disaster)

Organizations use _____ controls to prevent, detect, and correct errors and irregularities in transactions that are processed.

Application

___ controls prevent, detect, and correct errors and irregularities in processing transactions.

Application

A _____ identifies and inventories mission critical business processes and supporting information systems, as well as establishes timelines and priorities for resuming processing capabilities.

Business Impact Analysis


Conjuntos de estudio relacionados

test 3: science of climate change

View Set

Week 8 - Eyelids and extraocular muscles

View Set

Political Science 1AC: Introduction to American Politics and Government Midterm Study Guide

View Set