AIS Exam #2

SOMETIMES a Debit Memo (DM):

A positive invoice the vendor sends to customer to increase what the customer owes on an invoice because of a shipping mistake - (shipped too many, but invoiced the original PO quantities)

Request for Quote (RFQ)

A request for goods/products (sometimes standard services) that has detailed specifications and quantities sent to several vendors - often for large scale projects (furniture for our new Business Building)

Two of the most popular audit software packages include: a. ITF b. ACL c. CIS d. SCARF

ACL

Debit Memo (DM)

A negative invoice the customer sends to the vendor to decrease an issued invoice (after agreement, and returning the excess quantity or damaged goods)

Credit Memo (CM)

A negative invoice the vendor sends to customer to decrease an issued invoice (often the customer "asks" for the CM because of damaged goods, pricing mistakes)

Request for Proposal (RFP)

A request for services including detailed objectives or goals to be achieved by the project / consulting job. The RFP will specify the exact details that must be included, number of pages, illustrations, qualifications, certifications etc. (consulting for revamping SBA website)

The applicable control for theft of cash is: a. Lockboxes b. Segregation of duties c. Use of cash registers d. All of the above

All of the above

internal auditing

Assurance and consulting activity designed to add value, improve organizational effectiveness and efficiency and accomplish organization objectives

4 Major Steps in the Auditing Process

Audit Planning, Collection of Evidence, Evaluation of Evidence and Communication of Results

Operational data is needed to monitor performance and to perform the following recurring tasks: a. Respond to customer inquiries about account balances and order status b. Select methods for delivering merchandise c. Determine inventory availability d. B and C e. All of the above

c. Determine inventory availability

The approach to managing inventory that is based on forecasted sales to schedule production is: a. IBM b. EOQ c. MRP d. JIT

c. MRP

parallel stimulation

using auditor written software to process data and comparing the output with the company's output; discrepancies are investigated to see if unauthorized program changes were made

system control audit review file (SCARF)

using embedded audit modules to continuously monitor transactions, collect data on transactions with special audit significance and store the data to later identify and investigate questionable transactions

reprocessing

using source code to reprocess data and comparing the output with the company's output; discrepancies are investigated to see if unauthorized program changes were made

Three-way Match:

voucher package - match the Vendor Invoice, to the PO, to the Receiving Report

Sales Order (SO):

a document or entry screen used by the vendor to create the order details from the customer referring to the PO

audit log

a file containing transactions that have audit significance

Purchase Order (PO)

a legal document from the customer specifying order details

input controls matrix

a matric that shows control procedures applied to each input record field; used to document the review of source data controls

Two documents usually accompany goods shipped to a customer. What are the two documents? an invoice and a packing slip a packing slip and a bill of lading a bill of lading and an invoice an invoice and a sales order

a packing slip and a bill of lading

The applicable control procedure for the threat of incomplete or inaccurate customer orders is: a. Data entry edit checks b. Segregation of duties c. Data entry edit controls d. Reconciliation of sales order with the picking ticket

a. Data entry edit checks

The major cost driver in the purchasing function is a. the number of purchase orders processed b. the price of the items purchased c. the reputation of the supplier d. none of the above.

a. the number of purchase orders processed

The focus of an operational audit is on which of the following? a. reliability and integrity of financial information b. all aspects of information systems management c. internal controls d. safeguarding assets

all aspects of information systems management

materiality

amount of an error, fraud or omission that would affect the decision of a prudent user of financial information

systems review

an internal control evaluation step that determines if necessary control procedures are actually in place

The audit technique used to catch the State Farm Life Insurance Company employee fraudulently taking cash was a. audit hooks b. snapshot technique c. program tracing d. internal control testing

audit hooks

audit hook

audit routines that notify auditors of questionable transactions, often as they occure

computer assisted audit techniques (CAATS)

audit software that uses auditor- supplied specifications to generate a program that performs audit functions

gneerated audit software (GAS)

audit software that uses auditor-supplied specifications to generate a program that performs audit functions

A useful report for management to control for the threat of uncollectible accounts is: a. Customer list b. Accounts receivable aging report c. Sales order report d. Inventory report

b. Accounts receivable aging report

The document used to request that an item be ordered is the a. purchase order b. purchase requisition c. purchase advice d. purchase auction

b. purchase requisition

The following are the business activities performed in the revenue cycle: 1. Shipping 2. Cash collections 3. Sales order entry 4. Billing The correct sequence in which these activities are performed is: a. 3, 2, 1, 4 b. 3, 4, 1, 2 c. 3, 1, 4, 2 d. 3, 4, 2, 1

c. 3, 1, 4, 2

The two basic methods to maintain accounts receivable are: a. Real-time and open-invoice b. Real-time and balance-forward c. Open-invoice and balance-forward d. None of the above

c. Open-invoice and balance-forward

The compensating controls that compensate for an internal control efficiency include(s) a. information systems insurance b. preventive maintenance c. effective user controls d. all of the above

c. effective user controls

A receiving report is typically not used for a. low cost supply items b. items ordered on blanket purchase orders c. receipt of services d. reoccurring items

c. receipt of services

vouching

comparing accounting journal and ledger entries with documentary evidence to verify that a transaction is valid, accurate, properly authorized and correctly recorded

compensating controls

control procedures that compensate for the deficiency in other controls

To ensure proper segregation of duties, only the ________ has authority to issue credit memos. cashier credit manager controller accounts receivable supervisor

credit manager

In performing an information systems audit, there are _____ audit objectives. a. 3 b. 4 c. 5 d. 6

d. 6

A general threat throughout the revenue cycle includes: a. Loss or destruction of data b. Invalid orders c. Theft of inventory d. All of the above e. None of the above

d. All of the above

The following lists the quantity and description of each item included in the shipment: a. Picking ticket b. Bill of lading c. Sales order d. Packing slip

d. Packing slip

Crucial operating decisions when selecting suppliers for inventory items includes: a. price b. quality of materials c. dependability of making decisions d. all of the above

d. all of the above

The first step in an operational audit is a. evaluating evidence b. collecting evidence c. communicating the results d. none of the above

d. none of the above

an audit is planned so that mot of it focuses on the areas with the highest risk factors. the risk that auditors and their audit procedures will fail to detect a material error or a misstatement is an a. inherent risk b. control risk c. detection risk

detection risk

Risk-based Audit Approach

determine the threats, identify the controls, evaluate the controls, for weak controls must increase testing or compensating controls

continuous and intermittent simulation (CIS)

embedding an audit module in a dbms that uses specified criteria to examine all transactions that update the database

When auditors have recommendations in their report to management, they use: a. audit objectives b. established policies c. audit scope d. established criteria

established criteria

investigative audit

examination of incidents of possible fraud, misappropriation of assets, waste and abuse or improper governmental activities

compliance audit

examination of organizational compliance with applicable laws, regulations, policies and procedures

operational audit

examination of the economical and efficient use of resources and the accomplishment of established goals and objectives

information systems (internal control) audit

examination of the general and application controls of an IS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets

analytical review

examination of the relationships

financial audit

examination of the reliability and integrity of financial transactions, accounting records, and financial statements

integrated test facility

inserting a dummy entity in a company's system; processing test transactions to update them will not affect actual records

An ________ is an arrangement where a bank receives customer payments and transmits payment data to the organization electronic data interchange (EDI) e-commerce electronic funds transfer (EFT) lockbox

lockbox

snapshot technique

marking transactions with a special code, recording them an their master file records before and after processing and storing the data to later verify that all processing steps were properly exeuted

Auditing

objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria

reasonable assurance

obtaining complete assurance that information is correct is prohibitively expensive, so auditors accept a reasonable degree of risk that the audit conclusion is incorrect

The activities in the expenditure cycle in the correct order of activity is: a. order, storing, paying b. ordering, receiving, approving, paying c. identifying needs, approving, ordering, paying d. approving, receiving, paying

ordering, receiving, approving, paying

The ________ normally triggers the billing process in the revenue cycle. packing slip received from the shipping department journal voucher received from the shipping department sales order received from the sales department picking ticket received from the sales department

packing slip received from the shipping department

reperformance

performing calculations again to verify qualitative information

Laz Chance wears roller blades and headphones when he is at work at the Squishy Things Toy Company. He is a product packer. The headphones give him computer-generated instructions so he knows the location of each item and quantity that should be included in the order. These instructions are the equivalent of a sales order. packing slip. picking ticket. bill of lading.

picking ticket.

An integrated test facility technique a. examines the way transactions are processed b. places a small set of fictitious records in the master files c. uses embedded audit modules to continuously monitor transaction activity and collect data on transactions with special audit significance d. searches a program for occurrences of a specified variable name or other character combinations

places a small set of fictitious records in the master files

auditing is the systematic process of obtaining and evaluating evidence regarding assertions about economic actions and events in order to determine how well they correspond to the established criteria. developing knowledge of business operations is regarded as a part of which of the following audit processes? a. planning b. collection of evidence c. evaluation of evidence d. communication of results

planning

embedded audit modules

program code segments that perform audit functions, report test results and store the evidence collected for auditor review

6. The __________ audit procedure is used for the audit of __________. a. examine system access logs; program development b. review programming evaluation standards; overall computer security c. proper use of internal and external file labels; computer processing controls d. review program documentation standards; program modification

proper use of internal and external file labels; computer processing controls

A monthly statement sent to customers serves a control purpose by reminding customers of the balance due and due date. summarizing invoices and amounts due for customers. triggering the process to record a customer payment. providing an opportunity for customers to verify the balance owed and activity on the account.

providing an opportunity for customers to verify the balance owed and activity on the account.

The least effective control for preventing an organization from processing fraudulent credit memo is to match each credit memo with a receiving report. require approval for each credit memo by the credit manager. reconcile total of credit memos to total debits posted to customers' subsidiary ledgers. sequentially prenumber all credit memos and perform a sequence check at the end of each day.

reconcile total of credit memos to total debits posted to customers' subsidiary ledgers.

The document a customer returns with their payment and that identifies the source and the amount of the payment is called a credit memorandum. remittance advice. closed-loop advice. debit memorandum.

remittance advice.

which of the following procedures is not used to detect unauthorized program changes? a. source code comparison b. parallel simulation c. reprocessing d. reprogramming code

reprogramming code

what is the four step approach to internal control evaluation that proves a logical framework for carrying out an audit a. inherent risk analysis b. systems review c. tests of controls d. risk based approach to auditing

risk based approach to auditing

control risk

risk that a material misstatement will get through the internal control structure and into the financial statements

Which of the following is a computer technique that assists an auditor in understanding program logic by identifying all occurrences of specific variables?? a. mapping program b. program tracing c. automated flowcharting d. scanning routine

scanning routine

program tracing

sequentially printing all executed program steps, intermingles with output, so a programs execution sequence can be observed

scanning routines

softeware that searches a program for the occurrence of specified items

test data generator

software that based on program specifications, generates a set of data used to test program logic

source code comparison program

software that compares the current version of a program with its source code; differences should have been properly authorized and correctly incorporated

concurrent audit techniques

software that continuously monitors a system as it processes live data and collects, evaluates, and reports information about system reliability

mapping programs

software that identifies unexecuted program code

automated flowcharting programs

software that interprets a programs source code and generates a flowchart of the programs logic

automated decision table programs

software that interprets the programs source code and generates a decision table of the programs logic

inherent risk

susceptibility to significant control problems in the absence of internal control

tests of controls

tests to determine whether existing controls work as intended

which of the following is a concurrent audit technique that monitors all transactions and collects data on those that meet certain characteristics specified by the auditor? a. ITF b. snapshot techniques c. SCARF d. audit hooks

SCARF

EOQ

Square root of 2DP/C (D=demand per period, P=Ordering cost per PO, C=Carrying Cost per unit per period

When a customer places an order (on account) for a certain product, what should be done first? Shipping should be notified of an order in process. A picking list should be generated for the warehouse. The purchase order should be created and written to a file. The customer's available credit should be checked.

The customer's available credit should be checked.

An important decision during the shipping stage is a. Selecting a carrier b. Location of distribution centers c. All of the above d. None of the above

c. All of the above

Inventory Terms:

Economic Order Quantity (EOQ), Reorder Point, Materials Requirement Planning (MRP), Just-in-Time (JIT) inventory system, Kanban systems

Financial Audit

Examines the reliability and integrity of financial transactions, accounting records, and financial statements

Types of Audits:

Financial, Information Systems, Internal Control, Operational, Compliance, and Investigative

which of the following is a computer program written especially for audit use? a. GAS b. CATAS c. ITF d. CIS

GAS-- STERK SAYS CAATS

A typical audit has a mix of audit procedures, which of the following is not an audit procedure? a. Confirmation b. Vouching c. Analytical review d. Identify risk factors

Identify risk factors

Which type of audit risk involves the chance that there will be a material risk when the controls are absent? a. External risk b. Inherent risk c. Internal risk d. Control risk

Inherent risk

Aging of accounts receivable is based on the a. sales order date b. picking ticket date c. invoice date d. bill of lading date

Invoice date

Bogumil Distributors is an Internet-based wholesaler. Customers enter their orders online. The manager of Cezary Foods was entering an order when the following error message popped up: "Your order exceeds your available credit. You will be contacted within 8 hours." This message is the result of a limit check. reasonableness test. validity check. sign check.

Limit check

Information Systems Audit

Reviews the controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets. (done by experts - a narrow field of practice)

detection risk

Risk that auditors and their audit procedures will fail to detect a material error or misstatement

at what step in the audit process do the concepts of reasonable assurance and materiality enter into the auditors decisions process a. planning b. evidence collection c. evidence evaluation d. they are important in all three steps

they are important in all three steps

Reperformance of calculations is part of the collection of evidence process true or false

true

Confirmation

written communication with independent third parties to confirm the accuracy of information such as customer account balances