ACC 3202 Final

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

When management designs and implements effective administrative processes:

A budgeting process is a method of corporate governance.

Within ERP systems:

A single user with a password may be authorized to purchase and receive the item.

In addition to fraud, there are many kinds of unethical behaviors related to computers. Which of the following is one of those behaviors?

All of the above

The risk of an unauthorized user gaining access is likely to be a risk for which of the following areas?

All of the above

There are number of advantages to cloud computing. Which of the following is one of those advanatges?

All of the above

Unchecked risks and threats to the IT system could result in:

All of the above

Automatic integrated backup means:

All of the above are correct.

Structured data:

All of the above are true of structured data

A bank would consider which of the following as nonprivate information? A. Customer name. B. Customer address if the customer is a business.

All of the above, A, B, and C, are private and privileged types of information.

B2C e-commerce requires:

Access to the Internet.

Bank reconciliation tasks include:

Both of the above

The main reasons that it is necessary to study information-based processing and the related audit function include:

Both of the above.

The common element in B2B and B2C is:

Both require access to the business's website.

Select the true statement from those given below.

Both the capital process and the investment process require top management approval.

When absorption costing is used:

Both variable and fixed costs are included in unit costs.

The purposeful and organized changing of business processes to make the processes more efficient is known as:

Business process reengineering

Production orders:

Authorize production activities for a particular need or order.

After the accounting information has been input into the accounting system, it must be processed. Process accounting data involves:

Calculations, classification, and summarization

This phase of the fixed asset processes relates to those required to maintain accurate and up-to- data records regarding all fixed assets throughout their useful lives.

Continuance

An elaborate system of checks and balances, whereby a company's leadership is held accountable for building shareholder value and creating confidence in the financial reporting processes, is referred to as:

Corporate governance

Factors which adversely affect the implementation of an ERP system do NOT include:

Cost

In order to have the segregation of duties recommended by COSO, it would be necessary for a small organization to hire two additional individuals. At this time, there is not enough work for the one office employee to stay busy. The reason for not hiring the additional people would have to do with:

Cost versus benefit

The maximum dollar amount that a customer is allowed to carry as an accounts receivable balance:

Credit Limit

When two or more people work together to commit a fraud, it is called:

Collusion

Segregation of duties is a fundamental concept in an effective system of internal controls. Nevertheless, the effectiveness of this control can be compromised through which situation?

Collusion among employees

A record pointer is a:

Column value that points to the next address with the linked attribute.

A field is a:

Column within a record.

This type of audit is completed in order to determine whether a company has adhered to the regulations and policies established by contractual agreements, governmental agencies, or some other high authority.

Compliance Audit

To employ analytical processes on the organization's data:

Data mining is performed on the data warehouse.

The procedures to collect and prepare source documents are termed:

Data preparation procedures

A collection of several years' nonvolatile data used to support strategic decision-making is a (n)

Data warehouse.

A collection of data stored on a computer in a form that allows the data to be easily accessed, retrieved, manipulated, and stored is referred to as a(n):

Database

The security of assets and documents would include all of the following, except:

Designated members of management should be assigned responsibility for the disposal of any assets

Which of the following is a correct statement related to segregation of duties related to fixed assets?

Custody of fixed assets is to be separate from the related record keeping

The prevention of industrial espionage is aided by all EXCEPT:

Federal and state laws.

The general guidelines, known as the generally accepted auditing standards, which include the concepts of adequate planning and supervision, internal control, and evidence relate to the:

Fieldwork Standards

When creating or reading a system flowchart, the triangle symbol represents a:

File

Select the correct statement from the following:

Financial statements must be prepared before the closing entries are journalized.

Functions of corporate governance includes all of the following except:

Financial stewardship

The policies and procedures involved in purchasing property; capturing and maintaining relevant data about the assets; paying for and recording the related assets; depreciation and other expenses; and gains or losses are collectively referred to as:

Fixed asset processes

The book of original entry for any transaction not recorded in a special journal is the:

General Journal

In order to achieve the objective of managing risk, management should establish control structures that include, at a minimum:

IT controls, IT governance, corporate governance, and accounting internal controls

Which of the following is not a part of IT performance?

IT security and breach issues

Which of the following statements is false?

IT systems have not had a major impact on the input of data into the accounting information syste,

All of the following are issues with cloud computing except for:

Increased Accessibility

Which of the following is most likely to be an attribute unique to the financial statement audit work of CPAs, compared with work performed by attorneys or practitioners of other business professions?

Independence

This activity serves as a method to confirm the accuracy and completeness of data in the accounting system:

Independent checks

Although there are a number of organizations that provide detailed guidance, it is still necessary for auditors to rely on other direction regarding the types of audit tests to use and the manner in which the conclusions are drawn. These sources of information include:

Industry Guidelines

Value added networks or VANs, features all of the following EXCEPT:

Industry standard.

Regardless of whether the results are printed or retained electronically, auditors may perform all of the following procedures to test application outputs, except:

Integrated Tests

Items associated with equity include all but:

Interest

Which of the following relationships would be allowed for a CPA firm?

Internal audit outsourcing and financial information systems design and implementation.

Select the correct statement from those listed below.

Internal managers need much more frequent and detailed reports than external users.

Which of the following statements about reporting is true?

Internal reports are tailored to the specific needs of each management level and function.

The global computer network, or "information super highway", is the:

Internet

The primary difference between ERP and ERP II systems is that ERP II may include:

Internet EDI

When a company uses the:

Internet for exchanges such as B2C transactions, it must give access to potential customers.

A company's private network, accessible only to the employees of that company is the:

Intranet

A company's computer network uses web servers, HTML, and XML to serve various user groups. Which type of network best serves each of the following users? Employees Suppliers

Intranet Extranet

Which of the following correctly orders the networks from the network that allows access to the least amount of people to the greatest amount of people?

Intranet, Extranet, Internet

The separation of the custody of cash from the accounts receivable record keeping will help to minimize the related risk of:

Invalid cash receipts

In order to help safeguard the processing integrity in an electronic business environment, a company should implement input controls such as field check, validity check, limit check, reasonableness check, and computer logs in order to reduce the risk of:

Invalid data entry

The internal control process that requires that the bank reconciliation be performed monthly, will help to minimize the risk of:

Invalid payments

Investment processes:

Invest excess funds.

Earnings management:

Is the act of misstating financial information.

If one module in the ERP system fails,

It has the potential to stop or disrupt all processes across the entire enterprise

Which of the following is not an advantage of cloud computing when compared to client-server computing?

It increases the amount of computer infrastructure in a company

Which of the following statements is false, related to the authorization of transactions?

It is not possible, nor is it important, to try to ensure that an organization engage only in transactions that are authorized

The objectives of an internal control system include all of the following except:

Maintain ongoing education

This phase of the fixed asset processes relates to discarding fixed assets when they become old, outdated, inefficient, or damaged.

Disposal

Items associated with debt do NOT include:

Dividends

Packet switching is a method of:

Dividing large messages into bundles for transmission over a network.

The unique name that identifies the internet site is referred to as:

Domain name

Five different input methods were identified by the authors. Which of the following is one of those input methods?

EDI

The major difference between EDI and e-business is:

EDI uses dedicated networks and e-business uses the internet

ERP system benefits include all EXCEPT:

ERP systems are configured upon implementation to exceed any reasonable business growth in the future.

Which of the following statements, related to business processes, is false?

Each business process has a direct effect on the financial status of the organization

Operations may be performed by all of the following except:

Each of the above is a valid form of operations.

Physical controls include all but:

Each of the answers, A, B, and C are correct.

Which of the following factors influences the need to safeguard and monitor inventory movement?

Each of the answers, A, B, and C are correct.

Each table in a database must meet all of the following conditions EXCEPT:

Each row must be uniquely named

The falsification of accounting reports is referred to as:

Earnings Management

E-commerce is:

Electronically enabled transactions between a business and its customers.

A control that limits the risk of network break-ins is the coding of data that makes data unreadable to those without the appropriate key. This process does not stop the breaches, but will make the data useless.

Encryption

Closing entries:

End the fiscal period.

A set of processes, software and hardware tools, methodologies, and technologies to integrate software systems is referred to as:

Enterprise application integration

A database is a (n):

Entire set of files.

The theft of proprietary company information is called:

Espionage

As the result of the passage of the Sarbanes-Oxley Act, CPA firms have unlimited ability to provide non-audit services to their audit clients.

False

Auditors must think about how the features of a company's IT systems influence its management assertions and the general audit objectives even though these matters have little or no impact on the choice of audit methodologies used

False

Batch processing occurs when transactions are processed as soon as they are entered.

False

Because of the infrequency of payroll processing and the sequential nature of the payroll process, many companies find that real-time processing is well-suited for payroll activities.

False

Business to business sales on the internet are referred to as e-commerce.

False

Copies of invoices should be filed in the account in alphabetic order by name of the vendors.

False

Data normalization allows repeating groups such as the same vendor name in multiple locations of the primary key field of the same table.

False

Data redundancy occurs when the same customer has more than one database record.

False

E-business is a type of e-commerce

False

Establishing proper processes, internal controls, and ethical guidelines does not lead to better corporate governance, even though it does improve the financial stewardship.

False

General controls are used specifically in accounting applications to control inputs, processing, and outputs

False

General controls relate to specific software and application controls relate to all aspects of the IT environment.

False

If an employee's personal smart phone or tablet is lost or stolen, the company has the right to apply a remote wipe, to remove any company data

False

In XBRL complex financial statements are presented only in a static mode.

False

In order to fulfill the obligations of stewardship and reporting, management has to create a code of ethics

False

It is necessary for an IT system to be networked to an external internet to be open to opportunities for unauthorized access

False

Modular implementation and pilot implementation are both considered methods of implementation.

False

Of all the principles applicable to auditors, the one that generally receives the most attention is the requirement that financial statement auditors maintain integrity.

False

One advantage of the interview process is efficiency.

False

Online processing is best suited to sequential access files

False

Online processing is the opposite of real-time processing

False

Only the purchasing department should authorize the processing of a cash disbursement transaction.

False

Processes in supply chain management involve trading processes from a supplier to a business only.

False

SQL stands for Sequential Query Language.

False

Strong internal controls are just as important for small organizations with few employees paid once per month as it is for large organizations with numerous employees being paid weekly.

False

Substantive tests are also referred to as compliance tests.

False

TCP/IP is an abbreviation for terminal communications protocol/Internet protocol.

False

Telecommuting workers cause two sources of risk exposures for their organizations - the network equipment and cabling in addition to the teleworker's computer - with only "entry- point" being teleworker's computer

False

The AICPA and the Canadian Institute of Chartered Accountants worked together to develop IT guidelines, commonly referred to as COBIT

False

The IT governance committee will be constantly monitoring the IT system to look for fraud and system abuse.

False

The PCAOB/AICPA Code of Professional Conduct is made up of two sections. One section, the rules, are the foundations for the honorable behavior expected of CPAs while performing professional duties.

False

The Sarbanes-Oxley Act decreased management's responsibilities regarding the fair presentation of the financial statements.

False

The accounting department is responsible for implementing internal controls over each business process.

False

The board of directors must decide between debt, assets, or equity for capital funds.

False

The data warehouse is up dated as transactions are processed.

False

The hiring of employees is considered to be a routine process.

False

The individuals who are given the authority to establish sales prices, credit limits, and guidelines for accepting customers should be sure to keep most of the information confidential.

False

The strength of SAP is the human resources aspects of an organization.

False

When files are organized as sequential access, the sequence is normally based on one key record in each file

False

When in the systems design phase and creating an in-house accounting software, the feasibility aspect is the same as in the systems planning stage.

False

When perpetual inventory concepts are utilized, a physical inventory count to determine the quantity of inventory on hand is not required.

False

When safeguarding assets, there is no trade-off between access and efficiency

False

When the customer is billed, the accounts receivable records should be updated to reflect the decreased balance.

False

When using a SQL query language you are restricted to searching two tables for common values such as Vendor Name.

False

With a client/server system all processing is done on the server.

False

ERP modules include all EXCEPT:

Operational database

Fraudsters typically try to justify their behavior by telling themselves that they intend to repay the amount stolen or that they believe the organization owes them the amount stolen. This justification is referred to as:

Opportunity

This type of control is intended to help ensure the accuracy, completeness, and security of outputs that result from application processing:

Output Controls

There are many different types of documentation necessary to operate and maintain an accounting system. These types of documentation include all of the following, except:

Output Examples

General controls in IT systems are divided into five broad categories. Which of the following is NOT one of those categories?

Output controls

When a person alters a system's checks or reports to commit fraud it is referred to as:

Output manipulation

Reports and documents, such as income statements, aged accounts receivable reports, checks, and invoices are referred to as:

Outputs of the system

Which of the process map symbols is used to show the start and / or finish of a process?

Oval

For a given pay period, the complete listing of paychecks for the pay period is a:

Payroll register

Which of the following is not an advantage of fixed asset software systems when compared with spreadsheets?

Manual processes to link to the general ledger.

MRP applications are:

Manufacturing resources planning software

_______ is accomplished through ongoing management activities, separate evaluations, or both

Monitoring

The AICPA's Trust Services Principles practice that states that the organization should have procedures to address privacy related inquiries or disputes is under the title of:

Monitoring and enforcement.

E-commerce business benefits include all EXCEPT:

More rigid advertising and product presentation requirements.

An important requirement of CPA firms is that they must be ________ with regard to the company being audited. The requirement allows CPA firms to provide a completely unbiased opinion on the information it audits.

Neutral

Internal users: 1. Need more frequent reports than external users. 2. Need the same reports as external users to manage the operation. 3. Do not utilize nonfinancial information in the planning and control of operations. 4. Utilize nonfinancial information in the planning and control of operations.

Only 1 and 4.

An ERP system is a software system that provides each of the following EXCEPT:

Physical controls for the prevention of inventory theft.

In a manual system with proper segregation of duties, an employee in the general ledger department should only

Post transactions to the general ledger.

When the proper tone of corporate governance is in place:

Proper stewardship of assets increases.

A request for proposal (RFP) is used during the

Purchase of software

Special journals include the:

Purchases journal.

According to the textbook, after receiving a returned product and checking its condition, all of the following options are available to a company except:

Record an allowance for doubtful accounts on the product

Perpetual inventory systems:

Record changes in inventory categories whenever material is moved from one category to another.

Which of the following is NOT a direct advantage for the consumer from e-commerce?

Reduced order-processing cost

Which of the following is not an objective of IT enablement?

Reduced security problems

Two or more computer network or data servers that can run identical processes or maintain the same data are called:

Redundant servers

Which of the following is not a common form of employee fraud?

Refund fraud

Which of the following is not a part of risk analysis?

Risk management

An electronic hardware device that is located at the gateway between two or more networks is a(n):

Router.

This type of transaction is one that a business encounters on a regular, recurring basis. The volume of the transactions is so large that transactions and the related accounting activities become second nature to the employees responsible for handling them. Specific authorization for each of these transactions is not necessary. The type of transaction referred to is:

Routine transaction

Which company developed the first true ERP system?

SAP

This document is prepared and sent to the customer once the shipment has occurred. The document provides the details of the sale and requests payment.

Sales Invoice

Which of the following two terms both refer to the same document?

Sales order & purchase order

In the context of cloud computing, what does scalability mean for a growing company?

Scalability allows a growing company to purchase new capacity incrementally from a cloud provider

The assessment of the realistic possibility that the proposed IT system can be implemented within a reasonable amount of time is called:

Schedule Feasibility

The process that plans the timing for production activities is referred to as:

Scheduling.

Magnetic tape is a form of

Sequential access media.

Processing of a flat file table is:

Sequential.

Manpower displacement through automation:

Should be a concern of management.

When a person, using a computer system, pretends to be someone else, it is termed:

Spoofing

Within accounts payable, to ensure that each voucher is submitted and paid only once, each invoice approved to be paid should be:

Stamped "paid" by the check signer.

When management has designed, implemented, and continually manages processes and internal controls, it is helping to ensure proper ________.

Stewardship

The responsibility of management to safeguard assets and funds entrusted to them by the owners of an organization is referred to as:

Stewardship Responsibility

The major activities within the conversion process include all but

Strategic planning that supports the company's operational goals.

This type of question is designed such that the format and range of the answer is known ahead of time.

Structured Question

This form of encryption uses a single encryption key that must be used to encrypt data and also to decode the encrypted data

Symmetric encryption

The systematic steps undertaken to plan, prioritize, authorize, oversee, test, and implement large-scale changes to the IT system are called:

System Development Life Cycle

A detailed study of the current system to identify weaknesses to improve upon and strengths that should be maintained is referred to as:

System Survey

Clues that a ghost employee may exist in the company would include all of the following, except:

The personnel file contains no duplicate addresses

Decision makers are typically forced to rely on others for information. When the source of the information is removed from the decision maker, the information stands a greater chance of being misstated. A decision maker may become detached from the source of information due to geography, organizational layers, or other factors. This describes which cause of information risk?

The remoteness of information

Which of the following is not one of broad categories of controls?

The risk of loss due to a natural disaster

An example of vertical integration is a manufacturer who mines the raw materials, produces the product, and then sells it in company owned stores.

True

An intranet is a private network accessible only to the employees of a company.

True

An underwriter is a third party that contracts with a corporation to bring new securities issues to the public market.

True

Companies that reward management with incentives to achieve a growth in earnings is running the risk that management will also have more motivation and pressure to falsify the financial statements to show the higher amounts

True

Company to company sales normally occur on account and involve a time span given for the customer to pay the vendor. The actual number of days will depend on the credit terms and the diligence of the customer concerning on-time payments.

True

Data are the set of facts collected from transactions.

True

Data warehouse files are non-volatile, and not frequently updated while operational databases are updated with each transaction that affects them.

True

Designated members of management should be given the responsibility for authorizing the actual payments and sign their signatures on the face of the check.

True

During the operation phase of the IT system, it is necessary that management receive regular reports that will enable management to determine whether IT is aligned with business strategy and meeting the objectives of the IT system.

True

E-business is the use of electronic means to enhance business processes.

True

E-commerce is electronically enabled transactions between a business and its customers.

True

E-commerce provides the potential for much richer marketing concepts that include video, audio, product comparisons, and product testimonials or product tests.

True

E-mail spoofing is more of an irritation to an organization that a fraud threat

True

Each organization may approach IT governance in a different manner, but each organization should establish procedures for IT governance.

True

Feedback needed by management to assess, manage, and control the efficiency and effectiveness of the operations of an organization relates to both financial and operational information

True

Fixed assets are one area where earnings management may be prevalent due to the judgmental nature of the underlying data.

True

General controls must be tested before application controls.

True

General ledger employees should record journal vouchers, but they should not authorize journal vouchers, have custody of assets, or have recording responsibility for any special journals or subsidiary ledgers.

True

Historically, there have been a large number of cases of fraud, theft, manipulation, and misuse of funds in the areas of payroll and fixed assets.

True

If a vendors waits too long to send the bill to the customer due to the fact that it could cause a delay of the collection of the cash.

True

In order to match company strategy to IT systems, the company needs to have an IT governance committee and a formal process to select, design, and implement IT systems.

True

Integrated IT systems that are used to conduct internet sales in a business to customer manner are referred to as e-commerce.

True

It is necessary to use a computer to accomplish software piracy

True

Random access means that any data item on the storage media can be directly accessed without reading in sequence.

True

The "intercompany" component of electronic data interchange means that two or more companies are conducting business electronically

True

The Internet (interconnected networks) serves as the backbone for the World Wide Web (WWW).

True

The auditor's understanding of internal controls provides the basis for designing appropriate audit tests to be used in the remaining phases of the audit.

True

The corporate governance structure includes internal controls in addition to systems and processes.

True

The customer company, who uses a cloud provides, must have some IT structure to access and use the data stored in a cloud.

True

The economic feasibility study would answer the question about whether the benefits of the proposed IT system outweigh the costs.

True

The major function within the conversion process is the logistics function.

True

Today's ERP systems can be traced back to the first generation of materials requirements planning software.

True

When a client plans to implement new computerized systems, auditors will find it advantageous to review the new system before it is placed in use.

True

When a company is revising systems, there are intangible benefits that are difficult to estimate in dollars. These intangible benefits should be included in the project team's report.

True

When an invoice is paid, it should be canceled to indicate that it has been paid.

True

When audit clients use a database system, the relating data is organized in a consistent manner which tends to make it easier for auditors to select items for testing.

True

When automated matching is used, the system will not approve an invoice for payment unless the items and quantities match with the packing slip and the prices match the purchase order prices

True

Select the true statement from the following.

URL stands for uniform resource locator while http stands for hypertext transmission protocol.

Which of the following internal controls is typically associated with the maintenance of accurate inventory records?

Using physical inventory counts as a basis for adjusting the perpetual records

To maintain adequate records and documents in a manual general ledger system, there are two important requirements. These are:

Well-defined chart of accounts & adequate audit trail

An enterprise resource planning (ERP) system allows a sales representative to provide a customer with all of the following information EXCEPT:

What is the cost of the product?

Which of the following is the most common method of detecting occupational fraud?

Tip from an employee, customer, or vendor

It is the ethical responsibility of employees:

To collect only necessary data from customers

EDI systems have many advantages within the revenue and cash collection processes. Which of the following is not one of those benefits?

Trading partners gaining access to data.

This occurs when the IT system automatically makes a list of users and the actions they take within the IT system.

Transaction Logging

All of the following indicate a high level of risk associated with sales returns, EXCEPT:

Transactions may be recorded in the wrong amount

The human capital management module of an ERP such as SAP would include all of the following components except:

Workforce termination management

An example of a URL is:

http://www.cjb.org.

An example of a domain name is:

jhs-email.com.

Which of the following is not correct regarding the differences in the ways that real-time systems differ from batch systems?

(Real-Time systems)Processing choices are menu-driven (Batch systems)Processing is interactive

Which of the following is the correct chronological order of events in the purchase return process?

1 = receive return authorization; 2 = prepare debit memo; 3 = goods returned; 4 = receive credit or check

Material requirements planning (MRP) software: 1. Calculated raw materials quantities needed for manufacturing. 2. Calculated lead times on raw materials orders. 3. Calculated material needs on accounts payable data.

1 and 2 only

The speed of the U.S. Internet backbone is _______ bytes per second.

1 trillion

The suffix of the domain name will identify the type of organization that owns the rights to that domain. Which of the following is a correct example of the suffix and related organization type?

.gov = governmental organization or unit

According to the textbook, which of the following are the two specific ways in which a company may recognize the need to conduct operations? 1. A sales order is received 2. A sales forecast is made 3. A production schedule is created 4. A physical inventory count is conducted

1 & 2

A system which involves recording purchases of raw materials inventory, recording all the components of work in process, and recording the total cost of sales for products completed and sold is referred to as:

A perpetual inventory system.

Which of the following is the most significant disadvantage of auditing around the computer rather than through the computer?

A portion of the audit trail is not tested.

General controls of the IT system would include all of the following, except:

Accuracy

The risks of e-commerce, or e-business, include all of the following, except:

Accuracy

Application controls of the IT system would include:

Accuracy and Completeness

The main purpose of an audit is to assure users of the financial information about the:

Accuracy and completeness of the information.

Variances represent the differences between:

Actual costs and the standard costs applied.

Many companies use a public cloud computing model for software, data storage or both. Which of the following is an advantage to the public cloud computing model?

All of the above are advantages

The advantages to real-time processing include:

All of the above are advantages

Which of the following is a characteristic of computer fraud?

All of the above are characteristics

Automatic integrated backup

All of the above are correct.

Data reveal relationships between records. These can be thought of as:

All of the above are examples of relationships.

Which of the following is an example of a source document?

All of the above are examples of source documents

Factors that limit the effectiveness of internal controls include all of the following except:

All of the above are factors that limit the effectiveness of internal controls

Which of the following IT controls would NOT be important in an extranet?

All of the above are important IT controls.

In addition to ethical practices, management has an obligation to maintain a set of processes and procedures to assure accurate financial reporting and protection of company assets. This obligation arises because:

All of the above are reasons for the obligation.

There are a number of increased reporting requirements as the result of Sarbanes-Oxley and IFRS. These requirements have made it imperative for companies to:

All of the above are required.

There are many uses of electronic funds transfer related to the payroll process. Which of the following is not one of those uses?

All of the above are uses of electronic funds transfer.

Which of the following company activities would NOT be considered a productive activity?

All of the above, A, B, and C, are considered productive activities.

A proper corporate governance structure must be in place in order to properly deter instances of:

All of the above, A, B, and C, are correct.

General ledger employees should record journal vouchers, but they should not

All of the above, A, B, and C, are correct.

Select the correct statement from the following.

All of the above, A, B, and C, are correct.

The raising of capital:

All of the above, A, B, and C, are correct.

The internal control of cash receipts related to adequate records and documents would include which of the following?

All of the above.

The term conversion processes is often used synonymously with:

All of the above.

Which of the following statements is true regarding an operational database?

An operational database includes data for the current fiscal year and supports day -to-day operations and record keeping for the transaction processing system.

The purpose of this phase is to question the current approaches in the system and to think about better ways to carry out the steps and processes of the system.

Analysis of Systems Survey

Management would use the _____________ module for feedback from the ERP system to assist in the proper management and control of operations.

Analytics

Data mining:

Analyzes past patterns to predict future events.

IT controls can be divided into two categories. Which of the following is a correct statement of one those categories?

Application controls are used specifically in accounting applications to control inputs, processing, and output

The purchase of fixed assets is likely to require different authorization processes than the purchase of inventory. Which of the following is not likely to be part of the authorization of fixed assets?

Approval of the depreciation schedule.

The segregation of duties related to sales returns would ideally separate the function of performing the credit memo activity and all of the following, except:

Approve the credit memos

Which of the following questions is most likely to be found on an internal control questionnaire concerning a company's conversion processes?

Are approved requisitions required when materials are released from the company's warehouse into production?

A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent the flow of data is a(n):

Arrow

The use of the SDLC for IT system changes is important for several reasons. Which of the following is not part of the purposes of the SDLC processes?

As part of the audit of an IT system

Which of the following types of fraud is the most common, according to the Association of Certified Fraud Examiners?

Asset Misappropriation

Economic order quantity (EOQ) is a function:

Associated with inventory control.

Accounting services that improve the quality of information provided to the decision maker, an audit being the most common type of this service, is called:

Assurance Services

A primary objective of output controls would be:

Assure the accuracy and completeness of the output

Transactions are recorded in the special journals and subsidiary ledgers:

At the time of the transaction.

Hierarchal databases:

Are efficient in processing large volumes of transactions with explicit linkages.

Which of the following questions would most likely be included in an internal control questionnaire concerning the completeness of purchasing transactions?

Are prenumbered purchase orders, receiving reports, and vouchers used, and are the entire sequences accounted for?

The transmission of packets:

Are usually sent in sequential order.

The Phar-Mor fraud began when management:

Attempted to make the actual net income match the budgeted amounts

The oval used in an entity relationship diagram is used to represent a(n):

Attribute

When discussing entity relationship diagrams, this is considered to be a characteristic of an entity

Attribute

In database terminology, columns are also called:

Attributes

A type of assurance services that involves accumulating and analyzing support for the information provided by management is called an:

Audit

This phase of auditing occurs when the auditors evaluate all the evidence that has been accumulated and makes a conclusion based on that evidence.

Audit Completion / Reporting

The proof of the fairness of the financial information is:

Audit Evidence

During this phase of the audit, the auditor must gain a thorough understanding of the client's business and financial reporting systems. When completing this phase, the auditors review and assess the risks and controls related to the business.

Audit Planning

Audit tests developed for an audit client are documented in a(n):

Audit Program

The purpose of segregating the duties of hiring personnel and distributing payroll checks is to separate the:

Authorization of transactions from the custody of related assets.

Proper segregation of functional responsibilities calls for separation of the functions of:

Authorization, recording, and custody

A payroll voucher:

Authorizes the transfer of cash from a main operating account to a payroll account

Internal control problems would be likely to result if a company's payroll department supervisor was also responsible for:

Authorizing changes in employee pay rates.

The approval or endorsement from a responsible person or department of an organization that has been sanctioned by top management is the process of:

Authorizing transactions

The category of control activities referred to as segregation of duties requires that certain activities should be the responsibility of different person or department. The three duties that are to be separated are:

Authorizing, recording, and custody

A computer software technique in which the computer software matches a Purchase Order to its related receiving report and invoice is called a(n):

Automated matching

A system of computer hardware and software in which the software matches an invoice to its related purchase order and receiving report is called:

Automated matching

Computerization of the conversion process results in all except:

Automatic computation of materials requirements based on purchase orders.

The risk related to this category of Trust Principles is system or subsystem failure due to hardware or software problems

Availability

There are four primary functions of corporate governance. Which of the following is NOT one of those functions?

Availability

The risk that an unauthorized user would shut down systems within the IT system is a(n):

Availability risk

When a company sells items over the Internet, there are many IT risks. The risk of hardware and software failures that prevent website sales would be a(n):

Availability risk.

Establishing and maintaining a culture where ethical conduct is recognized, valued, and exemplified by all employees can be accomplished by doing all of the following except:

Avoiding some conflicts of interest

When a payment has been made, the cash disbursements clerk will clearly mark the invoice with information pertaining to the date and the check number used to satisfy the obligation. This process is called:

Cancelling the invoice

This document is a financial plan detailing all of the company's investments in fixed assets and other investments.

Capital Budget

The resource management component of the logistics function has all of the following elements except:

Capital budgeting.

The component of internal control, identified in the COSO report, that sets the tone of an organization and includes the consciousness of its employees is:

Control Environment

Not-for-profit organizations would be interested in:

Cash flows, funding sources, and expenditures.

Examples of customer fraud include all of the following except:

Cash fraud

The careful oversight of cash balances, forecasted cash payments, and forecasted cash receipts to insure that adequate cash balances exist to meet obligations is called:

Cash management

The following circumstances may indicate risks related to cash collections, except:

Centralized cash collections

Select the correct statement from the following.

Centralized data processing and databases require dependable and extensive processing power for large organizations.

OBIT is an acronym for which of the following?

Control Objectives for Business and Information Technology

The Trust Services Principles document divided the risks and controls in IT into five categories. Which of the following is not one of those categories?

Certification

GAAS, generally accepted auditing standards, provide a general framework for conducting quality audits, but the specific standards - or detailed guidance - are provided by all of the following groups, except:

Certified Fraud Examiners

Financial statement audits are performed by _________ who have extensive knowledge of generally accepted accounting principles (GAAP) in the US and/or International Financial Reporting Standards (IFRS).

Certified Public Accountants

A company should study risks common to its system prior to deciding the mix of controls needed. High-risk characteristics that might justify the need for extensive internal controls include all of the following, except:

Changes in price or vendors is frequent.

Examples of characteristics that indicate a company may be more risky with respect to the revenue process include all of the following, except:

Changes in sales prices or customers are infrequent.

Goods received are unacceptable due to may different situations. Which of the following is not one of those situations?

Changes in the company needs regarding future sales or production

In response to the need for internal controls above and beyond what was described by COSO, the Information Systems Audit and Control Association developed an extensive framework of IT controls entitled:

Control Objectives for Information Technology (COBIT)

COSO describes five components of internal control. Which of the following terms is best described as "policies and procedures that help ensure management directives are carried out and management objectives are achieved"?

Control activities

The COSO report identified a component of internal control as the policies and procedures that help ensure that management directives are carried out and that management directives are achieved The component is:

Control activities

Management has the responsibility, and the ability, to take action to reduce risks or to lessen the impact al nearly all risks an organization faces. The steps taken by management to lessen to risk or reduce the impact of the risk, are referred to as:

Controls

General controls for an IT system include:

Controls over the physical environment and over the physical access

Which of the following is not a condition in the fraud triangle?

Conversion

An example of concealment would include:

Changing the payee on a check improperly paid by the organization

Which of the following correctly orders the hierarchy of data from smallest to largest?

Character, field, record, file, database

Which of the following is not an advantage to a cloud model of e-mail?

Costs associated with maintaining are higher but are more controllable

The IT governance committee is made up of many different individuals within the organization. Which of the following would not be one of those individuals?

Chief External Auditor

The functional responsibilities within an IT system must include the proper segregation of duties. Which of the following positions is not one of the duties that is to be segregated from the others?

Chief information officer

The AICPA's Trust Services Principles practice that states the organization should ask about the collection, retention, and of the use is under the title of:

Choice and consent

The AICPA's Trust Services Principles practice that states the organization should provide the choice to its customers regarding the collection of data is under the title of:

Choice and consent

In this type of distributed system, each computer or process on the network is either a Client or a server.

Client / Server System

In order to organize the study of accounting information systems, the authors divided the systems in place into three categories. Which of the following is not one of those categories?

Client-Server Systems

This type of computing means that there are two types of computers networked together to accomplish the application processing

Client-Server computing

When an organization has this type of network, there are two types of computers networked together to accomplish the application processing:

Client-server computing

SAP R/3 operates on a:

Client-server environment with open architecture.

In a manual accounting system, the processing of accounting information includes:

Closing the necessary ledger accounts

A contemporary type of computer infrastructure that is used by an increasing number of companies involves the use of shared services, software, and/or data stored on servers at a remote location, which are accessible over a network, is referred to as:

Cloud Computing

The fastest growing area of IT is:

Cloud-based database services

A set of documented guidelines for moral and ethical behavior within an organization is termed a(n):

Code of Ethics

According to the COSO report, there are five different interrelated components of internal control. Which of the following is not one of those five components?

Code of Ethics

The company's development and adherence to this should reduce the opportunities for managements or employees to conduct fraud

Code of ethics

The AICPA's Trust Services Principles practice that states that only the data that is necessary for the purpose of conducting the transaction should be collected is under the title of:

Collection

Jamie Stark, a sales employee, stole merchandise from her employer, and Frank Adams, the accounting clerk, covered it up by altering the inventory records. This is an example of:

Collusion

With the advent of technology, the Internet, and the WWW:

Commerce is moving both from electronic to physical and from physical to electronic.

Which of the following is NOT one of the three components of electronic data interchange?

Commerce- encompasses all forms of electronic trading

A comprehensive report on enterprise risk management was issued by this organization

Committee on Sponsoring Organizations

Intranets are used for each of the following EXCEPT

Communication and collaboration.

Companies should maintain proper security barriers such as firewalls on all of the following except:

Company flash drives

This phase of the systems design for in-house development of software involves the identifying the alternative approaches to systems that will meet the needs identified in the system analysis phase.

Conceptual design

The generally accepted auditing standards are divided into three groups. Which of the following is not one of those groups?

Basic Standards

There are two modes of processing transactions in accounting systems. The mode that requires all similar transactions to be grouped together and be processes at the same time, is referred to as:

Batch Processing

An organization that has applications having large volumes of similar transactions that can be processed at regular intervals is best suited to use which method of processing?

Batch processing

When all similar transactions are grouped together for a specified time and then processed together as a group, the process is referred to as:

Batch processing

When similar transactions are grouped together for a specified time for processing, it is called:

Batch processing

Select the false statement from those provided.

Batch processing has a faster response time than real-time processing due to the grouping of like data items.

A company with revenue of $50 million would be most likely to purchase software from which one of the four market segments?

Beginning ERP Segment

This law, also known as the first-digit law, was named after a physicist who discovered a specific, but non-uniform pattern in the frequency of digits occurring as the first number in a list of numbers:

Benford's Law

Which of the following ERP implementation methods is rarely used today due to its high rate of failure?

Big Bang

More than one-half of ERP implementations by the ________ approach experienced significant failures or problems in the 1990s, and nearly one-third of these implementations abandoned in progress.

Big bang

The terms of agreement between the company and the common carrier are documented in a(n):

Bill of Lading

This document, prepared by the vendor, provides details of the items included in the delivery; and is normally signed by the receiving clerk as verification of receipt.

Bill of lading

The form that specifies the components of a product, including descriptions and quantities of materials and parts needed is the:

Bill of materials.

This type of authentication uses some unique physical characteristic of the user to identify the user and allow the appropriate access to the system

Biometric device

The smallest unit of information in a computer system can have only one of two values, zero or one, and is referred to as a(n):

Bit

The correct order of the computer data hierarchy is:

Bit, byte, field, record, file, database

This document, prepared by the purchasing department, for use by the receiving department, is copy of the purchase order that eliminates all data about the price and quantity of the items ordered.

Blind purchase order

To resolve discrepancies on invoices so that they can be paid on a timely basis, management may issue which of the following?

Blocked invoice Report

Which of the following groups has an ethical obligation to establish the proper tone at the top, strong internal controls, and high ethical standards?

Board of Directors and Management

Long-term debt results from borrowing funds via:

Bonds and loans with payment schedules several years in the future.

Which of the following independent checks would be part of the internal controls for fixed assets?

Book value of the assets should be compared to the insurance records.

Data within an ERP system may be stored in a(n):

Both A & C

Examples of data collection events are

Both A and B are examples of data collection.

The current standard HTML 5 has the following benefits over previous versions:

Both A and C

EDI via ANSI X.12 implementation is hampered by:

Both A and C above are correct answers.

Data in the data warehouse:

Both A and C are correct.

A "Where" condition within a structured query of a relational database:

Both B and C are correct.

A common interest for manufacturing, retail, and service firms is:

Both B and C.

The ways to determine a secure sockets layering connection is:

Both answers, B and C, are correct.

Which of the following statements about payroll and fixed asset processes is true?

Both have routine and non-routine processes

The need to match IT systems to organizational objectives emphasizes the need for the IT governance committee to include top management as its members because:

Both of the above

When attempting to prioritize IT projects, the IT governance committee needs to consider:

Both of the above

IT auditors may need to be called in to:

Both of the above.

Select the correct statement from those below.

Bricks and mortar refer to traditional stores while brick and click businesses are both brick and mortar and e-commerce businesses.

A prescribed sequence of work steps preformed in order to produce a desired result for the organization is called a(n):

Business Process

The fundamental rethinking and radical redesign of business processes to bring about dramatic improvements in performance is called:

Business Process Reengineering

The purposeful and organized changing of business processes to make them more efficient is referred to as:

Business Process Reengineering

The many sets of activities within the organization performed to accomplish the functions necessary to continue the daily operations are referred to as:

Business Processes

When a transaction occurs there are systematic and defined steps that take place within the organization to complete all of the underlying tasks. These "defined steps" are referred to as:

Business Processes

A proactive program for considering risks to the business continuation and the development of plans and procedures to reduce those risks is referred to as:

Business continuity planning

A prescribed sequence of work steps completed in order to produced a desired result for an organization is the definition of:

Business process

Which of the following statements is not true?

Business processes categorized as expenditure processes are not intended to be processes that serve customers

Which of the following is NOT one of the reasons for the increased spending on ERP systems since 2004?

Business processes were separated and standardized.

A unit of storage that represents one character is referred to as a:

Byte

Which of the following terms is most closely related to data redundancy?

Concurrency

If a company stores data in separate files in its different departmental locations and is able to update all files simultaneously, it would not have problems with

Concurrency.

Which of the following is NOT one of the types of input controls?

Confidentiality check

Employee Ethical considerations, related to IT governance, would include which of the following?

Confidentiality for those who serve on the project teams.

The IT system includes this type of table for software, hardware, and application programs that contain the appropriate set-up and security settings

Configuration table

Standardizing data:

Configures all of the data from numerous departments into a single data configuration.

The IT environment plays a key role in how auditors conduct their work in all but which of the following areas:

Consideration of Information Fairness

The _________ is an integrated collection of enterprise-wide data that ideally should include 5 to 10 years of nonvolatile data.

Data warehouse

A large disk storage for accounting and operating data is referred to as a(n):

Database

When a company buys data storage from a cloud provider, the arrangement is referred to as:

Database as a service

A software system that manages the interface between many users and the database is called:

Database management system

The document prepared when purchased items are returned is a(n):

Debit memo

The document that identifies the items being returned, along with the relevant information regarding the vendor, quantity and price, is called:

Debit memo

The sales journal would have columns for a:

Debit to accounts receivable and a credit to sales.

When creating or reading a system flowchart, the diamond represents a(n):

Decision

Advantages of distributed databases include all EXCEPT:

Decreased user involvement.

There are many possible indirect benefits to management when management fraud occurs. Which of the following in not an indirect benefit of management fraud?

Delayed exercise of stock options

The three phases of fixed assets processes, that span the entire useful life of the assets, include all of the following, except:

Depreciation

Management of an internet retail company is concerned about the possibility of computer data eavesdropping and wiretapping, and wants to maintain the confidentiality of its information as it is transmitted. The company should make use of:

Data encryption

Each of the following represents an application of B2C commerce EXCEPT:

Data exchanges.

The process of searching data within the data warehouse for identifiable patterns that can be used to predict future behavior is referred to as:

Data mining

The process of searching for identifiable patterns in data is called:

Data mining

Select the correct statement from the following.

Data redundancy and concurrency are not features of well-designed database management systems.

In the late 1990s, the Y2K compatibility issue was concerned primarily with computer systems':

Data storage

Which of the process map symbols is used to show a point in the process when a decision must be made?

Diamond

A character is a customer, client, or vendor.

False

A cloud provider generally provides only the data storage space.

False

A company is not obligated to pay for goods until 30 days after the goods are received.

False

A corporation's own stock that is repurchased by the company on the open market is a marketable security.

False

A data warehouse is a temperature controlled building where files and records are retained.

False

A database is often less open to unauthorized access than the physical, paper records, because the database has fewer access points

False

A financial statement audit is conducted in order for an opinion to be expressed on the fair presentation of financial statements. This goal is affected by the presence or absence of IT accounting systems.

False

A financial statement audit is part of the IT audit

False

A hacker is someone who has gained unauthorized access to the computer and must be someone outside the organization

False

A method of earnings management is to misclassify capitalized costs as repair and maintenance expenses.

False

A poor control environment can be overcome if the remaining components of internal control are strong

False

A purchase order is essentially an internal document, one that does not go outside the company, whereas a purchase requisition is an external document, which will be presented to an entity outside the company.

False

A reconciliation should be prepared by the same person who is responsible for the recording function.

False

A record pointer identifies a specific record in a flat database.

False

A router is an electronic hardware device that is connected to each computer to connect it to a network.

False

A sophisticated accounting system will provide the necessary accurate and effective feedback needed by management to assess, manage and control the operations of an organization

False

A strength of the supply chain concept is that inconsistencies or poor quality within the supply chain will be compensated by other strengths resulting in an overall satisfactory product.

False

A unique feature of the information contained in an individual personnel file is that it is accessed infrequently but is changed relatively frequently.

False

A user who logs in to the computer-based accounting system to enter invoices should also have access to the portion of the system that would allow her / him to order goods.

False

A vendor audit occurs when a vendor examines the books and records of a customer

False

A web server is a computer and hard drive space that connects to the backbone through lines that have less speed and capacity than the backbone.

False

A well-defined chart of accounts would contain an account titled "Rent."

False

Access to cash collections needs to limited to those who are expressly authorized to record the cash transactions.

False

Access to the operating system will not allow hackers access to the application software or the database

False

According to the 2010 Report to the Nation by the Association of Certified Fraud Examiners, the estimate of global losses due to fraud would total approximately $650 billion

False

According to the ACFE 2010 Report to the Nation, fraudulent financial statements account for less than 5% of the cases, and were the least costly form of fraud

False

Accounting for a fixed asset over the life of the asset would have features of non-routine transactions only.

False

Accounting for fixed assets requires the use of estimates - specifically the cost and the salvage value.

False

Accounting software is available to assist with payroll but it is not very efficient because of all the changes that occur to all payroll variables during the period.

False

All users of financial data - business managers, investors, creditors, and government agencies - have an enormous amount of data to use to make decisions. Due to the use of IT systems, it is easy to verify the accuracy and completeness of the information.

False

As a business grows, the volume and complexity of its transactions increase. At the same timed, there is a decrease in the chance that misstated information may exist undetected.

False

As a rule, the higher the risk, the more controls are generally required and the less costly its accounting system may become.

False

At a minimum, cash receipts should be deposited on a weekly basis.

False

At a minimum, those who handle cash should be the ones to reconcile the bank statement.

False

Auditing testing for any single general auditing objective would involve the same testing techniques even though there are different types of information collected to support different accounts and transactions.

False

Auditing, a monitoring activity, takes place only on a periodic basis

False

Auditors do not need to concern themselves with risks unless there is an indication that there is an internal control weakness.

False

Auditors have the primary responsibility to make sure that they comply with international standards in all cases.

False

Based on the cost/benefit concept, it is not necessary for management to consider the moral implications of replacing human resources with electronic resources.

False

Because conversion processes involve the physical movement of inventory throughout the operating facility and these movements are normally accomplished by material handling personnel the burden of sufficient internal controls is not required.

False

Because different companies conduct business in different manners, there tends to be few similarities in the way the related business processes are carried out.

False

Because intranets do not transmit information through the Internet or WWW they do not use protocols such as TCP/IP.

False

Because of computer interaction and the capability of almost instant verification business across the World Wide Web has a lower probably of fraud, hackers, and compromised customer privacy.

False

Because of regulatory and auditing issues, good corporate governance does not depend upon the ethical conduct of management.

False

Because of their access to the accounting system, internal managers need less detailed reports than external users.

False

Because of their sensitive nature, companies seldom sell or share customer lists or customer data.

False

Because of today's computing power and Internet accessibility, there has been a substantial increase in the use of centralized databases and centralized processing.

False

Because the ERP system will cleanse and correct data errors while importing legacy data into its RDBMS, a minimum of time, effort, and dollars will be spent on data conversion.

False

Because the point-of-sale systems are not normally connected to outside trading partners, they pose fewer risks related to availability.

False

Before ERP software systems, modules such as human resources were in separate software but well integrated with the accounting software

False

Before the paychecks are sent to management for authorization, the human resources department should compare the hours reported on the time sheets with the hours shown on the payroll register.

False

Best of breed means picking the best ERP software on the market for the particular type of business or organization.

False

Billing to the customer should take place prior to shipment so that the customer receives the bill before the merchandise arrives.

False

Biometric devises use unique physical characteristics to identify users. The most common method used is retina scans

False

Business process reengineering takes place at the systems design stage of the SDLC.

False

Business processes in an organization do not include events that are accounting transactions.

False

CRM success depends entirely on the implementation of the software package designed for customer relationship support.

False

Capital usually comes from assets or short-term debt.

False

Cash should be periodically verified by comparing the balance in the check book with the balance in the cash account in the general ledger.

False

Collusion can occur only when two employees who work for the same firm conspire to circumvent the internal controls to commit fraud or theft

False

Companies in the same line of business are not likely to have many differences in their purchasing habits.

False

Control tests verify whether financial information is accurate, where substantive tests determine whether the financial information is managed under a system that promotes accuracy.

False

Corporate governance policies and procedures must be in place to ensure that funds are expended to benefit managers and employees.

False

Corporate governance requires proper financial stewardship, and since inventories, fixed assets, and office supplies are the largest assets reported on a balance sheet, financial stewardship in these areas is especially important.

False

Customizing an ERP system is recommended wherever the business has an existing process to accomplish a goal and that process is not compatible with the ERP system.

False

Data collection in the system survey step of systems analysis involves documentation review only.

False

Data does not need to be stored in most cases.

False

Data mining is the process of searching an operational database for identifiable patterns in the data.

False

Deciphering renders data useless to those who do not have the correct encryption key

False

Defalcation and internal theft are names that refer to the misstatement of financial records

False

Disaster recovery planning is a proactive plan to protect IT systems and the related data

False

Due to interstate trade events and taxation issues the U.S. Government has standardized the definition of e-commerce.

False

Due to the integration of design, ERP systems do not require extensive testing if implementation does not entail best of breed or legacy modules.

False

Due to their level of integration, ERP systems have difficulties in properly segregating duties.

False

During a documentation review, the team would examine only relevant documentation of the proposed upgrade or modification.

False

E-business and EDI have much different advantages and risks to the vendor than what exists for the customer.

False

E-commerce is the use of electronic means to enhance business processes.

False

E-commerce only involves transactions between the business and its customers.

False

ERP applications use modules such as financials, human resources, data warehouse, and analytics.

False

ERP data is stored in both financial and operational databases.

False

ERP implementation costs are kept to a minimum by retaining the legacy computer hardware and operating systems.

False

ERP systems such as SAP normally batch their financial transactions for processing due to the large amounts of data.

False

ERP will automatically track and report any instances where an employee initiates or records an event with conflicting abilities. It is not necessary to configure the system to accomplish this.

False

Each business process has a direct effect on the financial status of an organization

False

Each time a new transaction is completed, parts of the data warehouse must be updated

False

Earnings management related to fixed assets would occur when reducing expenses by decreasing the useful life of the fixed assets.

False

Effective and efficient internal control often takes up valuable management time that could otherwise be spent on attention to revenue growth and cost controls.

False

Either the IT governance or the system development life cycle is necessary in the strategic management of IT systems.

False

Employees are more likely to hide or conceal fraudulent activity in the records of fixed assets and capital acquisition events than elsewhere.

False

Encryption is more important for dial-up networks than for wireless networks

False

Ethical issues related to data utilization are not a consideration for data collection.

False

Even though most companies collect order data from customers, the manner of receiving order data seldom varies.

False

External users need detailed balance information on every existing account in the general ledger.

False

Few accounting information systems rely on computer hardware and software to track business

False

Few deceptions and fraudulent acts in the business and accounting environment relate to revenue measurement and recognition.

False

For any company, and any asset, the method of depreciation and the related estimates (salvage value and useful life) are the same for financial statements and income taxes.

False

For most companies, fixed asset acquisitions are considered to be routine processes.

False

IFRS does not allow as much use of judgment as is allowed under GAAP.

False

IT general controls assist in preventing unauthorized access while providing adequate backup, and are the responsibility of the user.

False

IT governance is an issue for executives and top management. Lower level managers and the board of directors are outsiders in the process.

False

If a company's IT system fails, it would have little or no effect on the company's operations

False

If no source documents are used by the IT system, then the general controls, such as computer logging of transactions, become less important

False

If the operational feasibility determines that the operation will require new training of employees, then the proposed upgrade or modification should be rejected.

False

If the purchasing, receiving, accounts payable, and cash disbursements processes are completed by the same individuals, the internal controls will be stronger because someone in the company will have an overall view of company activities.

False

In a wireless network, signals are transmitted through the air rather than over cables. Anyone who wants to gain access to the network would need to know the password to access these "air- borne" signals

False

In general, designs that require more complex technology have a higher feasibility than designs with less complex technology.

False

In general, purchased software is more costly but more reliable than software designed in- house.

False

In general, the manual input method is less error prone that the electronic methods.

False

In many cases where revenue has been overstated by management, accountants have participated in the deception. Thankfully, once the overstatement has occurred, it will be offset by lower revenues in the subsequent year and normally will not recur.

False

In order for a code of ethics to reduce opportunities for managers and employees to commit fraud, it is necessary that management emphasizes this code. Punishment related to violations of the code are not necessary

False

In order to compute the book value of any asset, start with the cost of the asset and add the accumulated depreciation.

False

In order to have an automated matching system is necessary to have access to paper copies of purchase orders and invoices

False

In order to institute an automated matching system, all of the relevant files must exist in the same physical room.

False

In order to meet the objectives of internal controls, individuals with authoritative responsibilities need to have access to the record keeping functions.

False

In the Phar-Mor fraud case, management did not write or adopt a code of ethics

False

In the modern IT environment, it is necessary for an organization to follow each of the steps in the SDLC in the order presented.

False

Independent checks and reconciliations should be performed on a regular basis as part of the segregation of duties area of internal controls.

False

Independent checks can serve as a preventive control in that they uncover problems in the data or the processing

False

Independent reconciliation of the accounts payable subsidiary ledger to the general ledger control account will help to assure that all inventory has been properly recorded.

False

Information is the set of facts collected from transactions.

False

It is likely that an accountant will select a career path, within accounting, that will not in some way, involve the use of an accounting information system

False

It is likely that expenditure fraud and ethics violations could be eliminated by a strong, ethical "tone at the top" along with encouragement of ethical behavior by all employees, and strong internal controls.

False

It is necessary for students and accountants to understand the types of threats that may affect an accounting system, so that the threats can be avoided

False

It is necessary for the purchasing department to set up the proper procedures to avoid problems related to cutoff issues.

False

It is not necessary to control the humidity and temperature in the location where the computer system is housed

False

It is possible to completely eliminate risks with the proper controls

False

It is proper that the database administrator develop and write programs

False

It is the responsibility of the payroll department to make certain that all time sheets represent actual time worked by currently active employees.

False

It would not be necessary for the programming staff to have interaction with the accounting staff during the systems implementation process, as all systems design was previously completed.

False

Local ISPs connect to the backbone through lines that have less speed and capacity than the backbone.

False

MRP stands for Management Resource Projections.

False

Maintaining high ethics can help prevent fraud but will not help to detect fraud

False

Management must discourage illegal behavior by employees, such misuse of computers and theft through the computer systems

False

Manufacturing resource planning software systems are outgrowths of the ERP concept.

False

Many companies use a public cloud computing model for storage only

False

Members of management are not required to specifically approve an employee hired by the company when the new employee has been screened by an employment office.

False

Most of the records found in an employee's personnel file are accounting related.

False

Network operations typically involve a large number of computers, many users, and a high volume of data transfers, so any lack of network controls could cause widespread damage. Because of this, it is necessary for auditors to apply strict tests to a representative sample of the network.

False

Not all organizations require long-term, capital assets such as land, buildings, and equipment to operate.

False

Once a company has decided on the control processes needed, it is not necessary to have an ongoing assessment of risks

False

Once an organization has set up an effective system to prevent unauthorized access to the IT system, it is not necessary to continually monitor the vulnerability of that system

False

Once the SDLC has identified which types of IT systems are appropriate for the company, the IT governance committee becomes the mechanism to properly manage the development, acquisition, and implementation of the IT system.

False

Once the data from the source documents have been keyed into the computer, the source document can be destroyed

False

Once the system development life cycle has determined the priority it places on IT systems, the IT governance committee will manage the development, implementation, and use of the systems.

False

Once the systems development life cycle (SDLC) is complete, it is not necessary to restart the cycle unless something is brought to the attention of the IT governance committee to indicate that another cycle is required.

False

One of the greatest risks of ERP cloud systems is their vulnerability to hackers.

False

Operations processes authorize, execute, manage, and properly account for debt.

False

Organizations should have written procedures in place to identify when the costs related to fixed assets are capitalized (recorded to repair and maintenance expense).

False

Peoplesoft uses the terms "back office" in reference to managerial functions and "front office" in reference to customer and sales functions.

False

Perpetual inventory systems involve updating the inventory and cost of sales accounts only at the end of the period.

False

Public and Private cloud computing both have the benefits of reduced infrastructure and reduced costs

False

Random access means that you are searching for specific data but do not know where it is within the database.

False

Real-time processing occurs when similar transactions are grouped into a batch and that batch is processed as a group.

False

Reports disseminated to lower level managers are usually used to provide feedback and establish production schedules or sales goals.

False

Resources required in the conversion process include materials, labor, overhead, and fixed assets.

False

Routine transactions refer to common business transactions such as payroll and fixed asset transactions.

False

Routing is the issuance and movement of materials through the sales process

False

SAP R/3 had tremendous growth due to the use of closed architecture and client-server hardware compatibility.

False

SAP was the first "pure Internet" architecture, with no programming code residing on the client computer.

False

Sales and service is a term for software solutions that help businesses manage customer relationships in an organized way.

False

Segregation of duties require within an ERP system is difficult due to the free access allowed to employees.

False

Since ERP systems are modular the risks of implementation enterprise-wide are minimized.

False

Since database management and information is the responsibility and asset of the database owner, customers should not have the privilege to restrict information contained within it.

False

Since distributed databases are under the control of many individual sites rather than a single, centralized site, configuration, conformity, and security are less of an issue.

False

Small businesses, those having fewer than 100 employees, are less vulnerable to fraud and abuse than are larger businesses

False

Source of operational processes are those processes to authorize the raising of capital, execute the raising of capital, and to properly account for that capital.

False

Special journals are journals that are established to record the transactions of specific customers and vendors.

False

Specific internal control procedures to be performed, specifically independent checks and reconciliations, should be performed by someone who as the responsibility for the recording of the transactions and the custody of the assets received.

False

Spending for ERP and ERP II systems has been consistently growing since the mid 1990s and the Y2K events.

False

Strong corporate governance will prevent fraud, theft, and mismanagement within the expenditure process.

False

The AICPA Trust Principles failed to include any reference to the internal control structure of the IT systems.

False

The AICPA Trust Services Principles do not protect the history of purchases since these are classified as "public knowledge events."

False

The amount of IT structure maintained by a client would not change if the database is stored with a cloud provider rather than onsite.

False

The audit planning process is unlikely to vary if the company has adopted IFRS, or is in the process of convergence.

False

The best fit software is usually defined by the client's hardware and intranet structure.

False

The big bang theory is the easiest to implement since the switch from the legacy system to the ERP system is done on a single date throughout the organization.

False

The big bang theory of implementation is preferred due to the limited problems incurred in transition.

False

The cash disbursement process must be designed to ensure that the company appropriately records all accounts payable transactions.

False

The cash disbursements department should have the responsibility of signing and essentially approving all paychecks.

False

The cost of cloud computing is normally related to a period of time, and not to the use of the service.

False

The decision as to whether to adopt cloud-based ERP systems will not have much impact on the computer hardware and IT infrastructure needed.

False

The determination of user requirements is often discovered through the use of observation and documentation review.

False

The differences between Tier One and Tier Two software are becoming more definitive as the Tier One vendors attempt to attract larger companies.

False

The electronic timekeeping devices accumulated data throughout the period and automatically calculate batch totals. At this time, the data batches are not able to prepare the paychecks or the payroll register.

False

The evaluated receipt settlement system is an IT enabled system that reduces the time and cost of processing customer payments

False

The file or database storage for the new accounting system is always be different from the old system.

False

The final hub in the logistics function is sales.

False

The financial module of an ERP such as SAP might contain such components as financial accounting, management accounting, corporate governance, and inventory.

False

The general public has general access to the intranet and extranet networks.

False

The group of controls referred to as Source Document Controls does not include form design

False

The human resources department should be responsible for the record keeping function related to payroll.

False

The incorporation of cloud computing requires a careful, controlled approach to system design related to the costs and benefits. Other issues are not important.

False

The integration of an ERP system compensates for its scope, size, and complexity to make implementation less risky than most IT systems.

False

The intent of an ERP (enterprise resource planning) system is to provide a sales and inventory software application that will interact with the general ledger software with its sales and inventory transactions.

False

The internal controls within a system must be designed in the implementation stage.

False

The investment in fixed assets is often the largest asset reported on the income statement.

False

The longest encryption keys are 128 bits

False

The most common type of audit service is the operating audit performed by internal auditors.

False

The most important factor in controlling IT systems is the maintenance of the vulnerability assessment activities

False

The most popular type of type of unauthorized access is probably by a person known to the organization

False

The only method of exercising corporate governance over administrative processes and financial reporting is through the company's budgeting process.

False

The only person who can perform a financial statement audit of a publicly traded company is a government auditor who has extensive knowledge of generally accepted accounting principles.

False

The only risk related to the entry points of telecommuting workers is the interaction risk

False

The process of evaluating internal controls and designing meaningful audit tests is more complex for manual systems than for automated systems.

False

The product development module of an ERP such as SAP might contain such components as production planning, manufacturing execution, operations analysis, and enterprise asset management.

False

The purchasing process starts when the purchase invoice is submitted by the vendor.

False

The purpose of MRP II was to integrate manufacturing, engineering, marketing, finance, and human resources units to run on the same information system.

False

The real-time nature of processing increases the total processing time and precludes immediate feedback to management.

False

The requirements to frequently or infrequently access data are not relevant to the way that the data is stored due to computer access speed.

False

The responsibility for operations, compliance, and financial reporting lies with the auditors.

False

The responsibility of the auditor to search for fraud is less than the responsibility to search for errors.

False

The risk assessment is the foundation for all other components of internal control and provides the discipline and structure of all other components

False

The risks related to computerized systems are adequately covered by the COS internal control report

False

The sale of bonds should be considered a regular, recurring process since these types of transactions are recorded in the general ledger.

False

The same audit tests would test for completeness of a liability or an asset.

False

The segregation of duties states that the authorization of duties is to be separated from the recording function but not from the custody function.

False

The standard form of encryption embedded in e-commerce sites and in web browser software is "Safe Sending Language" (SSL).

False

The steps within the design phase of the SDLC are the same, whether the organization intends to purchase software or to design the software in-house.

False

The supply chain is the linked processes from the raw material vendor through the manufacturer ending at the stage of finished goods.

False

The systems development life cycle is responsible for the oversight and management of the IT governance committee.

False

The three conditions that make up the fraud triangle are theft, concealment, and conversion

False

The three primary components of the logistics function are 1) planning, 2) production, and 3) sales.

False

The use of control totals and related acknowledgments can reduce the risk of denial of service attacks by hackers.

False

The use of passwords to allow only authorized users to log into an IT system is an example of an application control

False

There are a number of methods described that are intended to limit log-ins exclusively to authorized users. The only method that is foolproof is the biometric devices

False

There is not much room for professional judgement when performing audits, as a result of the detailed guidance provided by organizations, such as the PCAOB.

False

Tier one describes software used by midsize businesses and organizations.

False

Tier two includes software often used by large, multinational corporations.

False

To increase the effectiveness of login restrictions, passwords must be unique for each user

False

Traditional EDI is a real-time processing system due to the 24 hour, 7 day a week operation of computers and servers.

False

Traditional accounting software is much more comprehensive and encompassing that ERP software

False

Training of employees will be minimal due to BPR and system's integration.

False

Unethical and fraudulent behaviors are much more likely to be initiated by employees, not management.

False

When ERP implementation is started, all of the legacy system must be replaced for proper operation.

False

When a client changes the type of hardware or software used or in other ways modifies its IT environment, the auditors need to test only the new system in order to determine the effectiveness of the controls.

False

When a client company is using IT outsourcing, and that service center has its own auditors who report on internal control, the third-party report (from the independent auditors) cannot be used as audit evidence without the auditor performing an adequate amount of compliance testing.

False

When a company implements an evaluated receipt settlement results in the increase in the strength of the internal controls.

False

When a credit memorandum has a reference to the original sales invoice and approved price list it will assure that the correct customer receives credit for the return.

False

When a new asset is requested, and the cost is below a preestablished amount, it is necessary for specific authorization of the purchase.

False

When a sales order has been entered into the system, the customer's credit status must be checked. For existing customers, the sale on account should be approved only if the customer has exceeded their credit limit.

False

When an auditor is engaged to audit a company that uses cloud computing, the auditor must rely on the SOC reports provided by the service company's auditors.

False

When data and processing are distributed across several computers, as occurs in a system of distributed processing, the failure of one site will be harmful and bring down the entire system.

False

When the IT governance committee has made the decision as to which IT upgrades and/or modifications are to be made, their job is complete.

False

Whenever a sales order is received, it is necessary to check the inventory to make sure that the items ordered are in stock. If the items are in stock, a packing slip will be prepared.

False

With the proper training of employees and the adequate controls, it would be possible to eliminate all errors

False

Within are relational database a record may have more than one primary key.

False

Which of the following is NOT one of the types of control totals?

Digit Count

A retail store chain is developing a new integrated computer system for sales and inventories in its store locations. Which of the following implementation methods would involve the most risk?

Direct cutover

A system conversion method in which on a chose date the old system operation is terminated and all processing begins on the new system.

Direct cutover conversion

The AICPA's Trust Services Principles practice that states that organizations should receive explicit or implicit consent of the customer before providing information to third parties is under the title of:

Disclosure to third parties

In this type of client-server computing, the client PC participates in application processing - including the updates and changes to data that reside on the server

Distributed application

A set of small databases where data are collected, processed, and stored on multiple computers within a network is a:

Distributed database.

In this type of client-server computing, the client PC manipulates data for presentation but does not do any other significant processing

Distributed presentation

Client-server computing can be divided into two levels. These two levels are known as _________ and ________

Distributed presentation; distributed application

Within the cloud computing environment, the service provider is responsible to make sure that all relevant risks have been identified and controlled. Because of this, the company using the cloud computing does not need to repeat that evaluation

False

This type of external computer fraud is intended to overwhelm an intended target computer system with so much bogus network traffic so that the system is unable to respond to valid traffic

DoS Attack

The documenting system that shows the flow of documents and information among departments or units within an organization is called a:

Document Flowchart

Which of the following is not one of the popular documentation methods for processes and systems presented in the textbook?

Document creation map

The operations list is the:

Document of instructions utilized to assemble a product.

In an audit of financial statement in accordance with generally accepted auditing standards, an auditor is required to:

Document the auditor's understanding of the client company's internal controls.

The detailed examination of documentation that exists about the system to gain an understanding of the system under study is called a(n):

Documentation Review

Within the systems analysis phase of the SDLC, which of the following data collection methods does not involve any feedback from users of the IT system?

Documentation review

Which of the following function to store, index, and provide the IP address for each domain name?

Domain name servers

OLAP tools include all of the following EXCEPT:

Drill up.

This control requires the approval and signature of two authorized persons, on checks over the predetermined threshold amount, which reduces the risk of significant fraud or error.

Dual Signature

All of the following are operation risks of ERP systems except:

Duplicate Information

The internal control process of requiring management approval of fixed asset changes prior to recording the transaction, will help to minimize the risk of:

Duplicate transactions

The use of electronic means to enhance processes is termed:

E-business

What is the main difference between e-business and e-commerce?

E-business refers to all forms of electronic business transactions and processing, whereas e-commerce is a type of e-business specific to online buying and selling

This type of highly integrated IT system incorporates electronic processing of sales-related activities and, generally, the sales processes are transacted over the internet.

E-commerce

Which of the following statements is true?

E-commerce is a subset of e-business.

All of the following are true statements about e-commerce EXCEPT:

E-commerce sales reduce the opportunity for fraud, theft of assets, and theft of data.

Businesses that are purely web-based are called:

E-tailers

Which of the following is not an example of employee fraud?

Earnings management

The act of misstating financial information in order to improve financial statement results is referred to as:

Earnings management.

Advantages of distributed databases include all EXCEPT:

Eased managerial obligations.

The assessment of the costs and benefits associated with the proposed IT system is referred to as:

Economic Feasibility

Typical steps within the systems analysis phase of the SDLC would not include which of the following?

Economic Feasibility

The purpose of this analysis is to determine which of the alternative designs is the most cost effective.

Economic feasibility

One inventory control function that is important to the conversion process is the determination of _______, or the most efficient quantity of products to purchase.

Economic order quantities

Which of the following is not an advantage of using real-time data processing?

Efficiency for use with large volumes of data

When a company has an e-business transaction with a supplier, it could be using

Either the Internet or an extranet.

The company-to-company transfer of standard business documents in electronic form is called:

Electronic Data Interchange

The inter-company, computer-to-computer transfer of business documents in a standard business format is referred to as:

Electronic Data Interchange

One of the newest technologies related to payables is one where invoices are exchanged and payments are made via the internet. The name given to this process is:

Electronic Invoice Presentment and Payment (EIPP)

The intercompany, computer-to-computer transfer of business documents in a standard business format is called:

Electronic data interchange

This type of highly integrated IT system, inter-company, computer-to-computer, communicates sales documents electronically with a standard business format.

Electronic data interchange

This system enables a vendor to present an invoice to its trading partner via the internet, eliminating the paper, printing, and postage costs of traditional paper invoicing

Electronic invoice presentation and payment

Each of the following represents a characteristic of B2B commerce EXCEPT:

Electronic retailing.

An electronic payroll time keeping device that collects time and attendance data when employees enter their time sheets is called:

Electronic time clock

Which of the following is NOT one of the three rules of data normalization?

Eliminate blank fields

An alternative power supply that provides electrical power in the event that a main source is lost is called:

Emergency power supply

One of the most effective ways a client can protect its computer system is to place environmental controls in the computer center. Environmental controls include:

Emergency power supply

With the proper implementation of an ERP system:

Employee IDs, passwords, and segregated duties aid in internal control measures.

The theft of assets by a non-management employee is termed:

Employee fraud

Select the true statement from the following.

Employee fraud is more prevalent in the routine processes. Management fraud is more prevalent in administrative processes and reporting.

According to the authors of this textbook, which of the following is not one of general categories of people who commit fraud?

Employees

A company's internal controls policies may mandate the distribution of paychecks by an independent paymaster in order to determine that:

Employees included in the period's payroll register actually exist and are currently employed.

Which of the following statements is not true with regard to a relational database?

It stores data in a tree formation.

For which of the following computerized conversion systems is Wal-Mart well known?

JIT

This item would include explanations concerning the qualifications and responsibilities of each position shown on organization chart. The item is also supported by policies and procedures manuals that outline specific activities performed by each position.

Job profile

What company developed the first true ERP systems?

Peoplesoft

The first "pure Internet" architecture, with no programming code residing on the client computer was:

Peoplesoft.

There were four market segments identified by the authors in chapter 2. Which of the following is not one of those segments?

Legacy Company Sytems

The modern integrated systems discussed by the authors include different types of architectures or model. Which of the following is not one of those models?

Legacy accounting

An existing system within the organization that uses older technology is called a(n):

Legacy system

Which of the following is not one of the advantages of maintaining the legacy systems?

Legacy systems are inexpensive to maintain

Features that assist management and accountants, as the result of the point-of-sale systems, include all of the following, except:

List prices can be changed by the check-out clerks to take advantage of any price changes.

This type of computer network is one that spans a relatively small are- often confined to a single building or group of buildings, and are intended to connect computers within an organization

Local Area Network

The proper sequence of Internet connectivity between users is:

Local ISP to regional ISP to national backbone provider to network access points to national backbone provider to regional ISP to local ISP.

Which of the following connects individual users to the Internet using dial-up modems, digital subscriber lines, or cable TV lines?

Local ISPs

A computer network covering a small geographic area, which, in most cases, are within a single building or a local group of buildings is called a:

Local area network

When one site is utilized as the pilot approach to ERP, the implementation method is referred to as:

Location-wise implementation

This term relates to making the computer recognize a user in order to create a connection at the beginning of the computer session

Login

The major function within the conversion process is the:

Logistics function.

The process of logical, systematic flow of resources throughout the organization is referred to as

Logistics.

There are two modes of processing transactions in accounting systems. The mode that will record transactions, one at a time, is referred to as:

Online Processing

In order to smooth out the payroll process and avoid the heavy workload that falls at the end of the payroll period, many companies will use this type of system - one that integrates their human resources and payroll functions. This system makes real-time personnel data available and the general ledger and production system can be automatically updated at the end of the payroll period.

Online Software Systems

The risk related to this category of Trust Services Principles is that personal information about customers may be used inappropriately or accessed by those either inside or outside the company

Online privacy

The existence of IT-based business processes often result in details of transactions being entered directly into the computer system, results in a lack of physical evidence to visibly view. This situation is referred to as:

Loss of Audit Trail Visibility

The reconciliation of time sheets with production reports for work-in-process and finished inventories minimizes the related risk of all of the following EXCEPT:

Lost or stolen inventory

Conditions that warrant the need for strong controls relating to the payroll process include all of the following EXCEPT:

Low employee turnover

The original purpose of ARPANET was to share military research data among four universities. Which of the following was not one of the four universities?

MIT

Select the correct statement from those provided below.

MRP II allows interaction between suppliers and their customers via the internet or other electronic means.

Which of the following is NOT one of the three critical actions that a company can undertake to assist with fraud prevention and fraud detection?

Maintain an accounting information system

It is necessary for a company to maintain good control over their accounts payable and paying by the due date, for all of the following reasons, except:

Maintain relationships with customers

The planning component of the logistics function has all of the following elements except:

Maintenance and control.

The process that is concerned with maintaining the capital resources used to support production is referred to as:

Maintenance and control.

Within the cash disbursement process, specific steps should be taken to enhance the effectiveness and efficiency of making payments to vendors. Which of the following is NOT one of those steps?

Maintenance of the general ledger

When an organization hires consultants to assist with any phase or any phases of the SDLC, there are at least four ethical obligations. Which of the following is not one of those obligations?

Make an honest effort to participate, learn the new system processes, and properly use the new system.

Which individual or group has the responsibility to establish, enforce, and exemplify the principles of ethical conduct within an organization?

Management

Claims regarding the condition of the business organization and in terms of its operations, financial results, and compliance with laws and regulations, are referred to as:

Management Assertions

Internal controls can be effective in preventing or detecting all of the following types of fraud except:

Management Fraud

Management circumvention of systems or internal controls that are in place is termed:

Management override

Some of the AICPA trust services principles may include:

Management, choice & consent, use & retention, access, disclosure to third parties, and monitoring & enforcement.

The AICPA's Trust Services Principles practice that states a specific person or persons should be assigned the responsibility to insure that privacy practices are followed by employees is under the title of:

Management.

Internal control activities within the payroll process, identified as authorization, would include which of the following?

Manager approval of payroll prior to signing checks

Select the true statement from those listed below.

Managers need the information associated with their area of responsibility.

Select the true statement from those provided below.

Managers require access to historical data this is generally not available to other individuals.

Hierarchical databases are NOT:

Many-to-one relationships.

Accounting software traditionally uses two different types of files. The file type that is relatively permanent and used to maintain the detailed data for each major process is a(n):

Master File

The chart of accounts would be a good example of a:

Master File

When a vendor returns a request for proposal, it will include all of the following, except:

Match of the system and user needs

All of the following are disadvantages of e-commerce EXCEPT:

Faster order processing prevents good assurance of order correctness.

The realistic possibility of affording, implementing, and using the IT systems being considered is referred to as:

Feasibility

When high-dollar fixed assets are purchased, there should be a strict approval process which would include three formal steps. Which of the following is not one of those steps?

Feasibility study.

All of the following are disadvantages to a cloud-based system except:

Fewer IT employees would be needed to maintain the system

The separation of the responsibility for the authorization of new customers from the custody of inventory will help to minimize the related risk of:

Fictitious customers

The internal control activity requiring that the manager approves payroll prior to signing paycheck is intended to minimize the risk of:

Fictitious employee

The internal control activity requiring the preparation of a bank reconciliation will minimize the risk of all of the following EXCEPT:

Fictitious employees

The internal control process of requiring an independent paymaster, will help to minimize the risk of:

Fictitious employees

The internal control process of separating the custody of inventory from the accounts payable record keeping will help to minimize the risk of:

Fictitious purchases

The internal control process that requires the segregation of the authorization of purchase returns and the accounts payable record keeping and the custody of inventory, will help to minimize the risk of:

Fictitious returns

Which programmed input validation check determines whether the appropriate type of data, either alphabetic or numeric, was entered?

Field check

Each record is made up of related:

Fields

Internal control activities within the purchasing process, identified as adequate records and documents, would include which of the following?

Files are to be maintained for purchase requisitions, purchase orders, receiving reports, and invoices.

Uploading data is putting:

Files from each HIP system into the data warehouse.

The correct statement regarding the supply chain and B2C is the supply chain extends from the secondary supplier and ends with the:

Final customer while B2C is from the retailer to the final consumer.

This type of audit is completed to determine whether or not the client has prepared and presented its financial statements fairly, in accordance with established financial accounting criteria.

Financial Statement Audit

The first part of the strict approval process for high-dollar fixed assets is the investment analysis. Which of the following is part of that analysis?

Financial justification

The bill of materials is the:

Form that specifies the components of a product.

The theft, concealment, and conversion of personal gain of another's money, physical assets, or information is termed:

Fraud

General controls are divided into five broad categories. Which of the following is not one of these categories?

Fraud Prevention

The audit is to be performed by a person or persons having adequate technical training and proficiency as an auditor. This is one of the generally accepted auditing standards that is part of the:

General Standards

The ________ provide(s) details for all the account within the chart of accounts and is the entire set of T-accounts for the organization.

General ledger

The ten standards that provide broad guidelines for an auditor's professional responsibilities are referred to as:

Generally accepted auditing standards

Which of the following is least likely to be part of an accounting information system function

Generation of data to be part of the information system

An entity who receives a paycheck, but who does not actually work for the company is called:

Ghost employee

The purpose of the data warehouse does NOT include:

Giving managers rich sources of current trends and data.

The purpose of tracing sales invoices to shipping documents would be to provide evidence that:

Goods billed to customers were shipped.

This type of auditor conducts audits of government agencies or income tax returns.

Government Auditor

Which of the following would be a correct way to compute the net pay for an employee?

Gross Pay minus Authorized Deductions

Which of the following statements is true of unstructured data? 1. Unstructured data does not easily fit into rows and columns of fixed length 2. An example of unstructured data is the free-form text of an online customer's review of a product 3. Accounting data is unstructured data 4. An example of unstructured data would be a 10-digit phone number

Only 1 & 2.

Unethical or fraudulent behavior within the administrative process 1. Can occur in administrative processing of an organization. 2. Can occur in the reporting functions of an organization. 3. Are much more likely to be initiated by management. 4. Are much more likely to be initiated by employees.

Only 1, 2, and 3 are correct.

The external general purpose financial statements/reports are the: 1. Aged accounts payable report. 2. Aged accounts receivable report. 3. Balance sheet. 4. Income statement. 5. Inventory statement. 6. Statement of cash flows. 7. Statement of retained earnings.

Only 3, 4, 6, and 7.

Companies that engage in e-commerce, B2C sales with consumers:

Have the same kind of obligations to conduct their business ethically as companies transacting business any other way.

The independence of a CPA could be impaired by:

Having the ability to influence the client's decisions

This section of the common forms used as the standard format in EDI data transmission contains data about the file or transmission and identify the end of a particular transaction.

Header and Trailer Data

Internet EDI, or EDIINT, features all of the following EXCEPT:

Heavy infrastructure.

Today's automated accounting process:

Helps the user by identifying modules for activities.

Select the true statement from the following.

High-impact processes (HIPs) and user's needs determine the data in the data warehouse.

A backbone provider is an organization that provides:

High-speed access to regional ISP users.

All of the following steps come after the evaluation of RFPs and Software in the system design process except:

Hiring a consultant

To fulfill the management obligations that are an integral part of IT governance, management need not focus on:

Hiring an acceptable IT manager

A consulting firm helping a company with the implementation of an ERP system will typically perform all of the following actions except:

Hiring specialized technicians to maintain the system

When accounting software is used to prepare the periodic payroll, which of the following items is necessary to input for each employee?

Hours Worked

Business process reengineering means:

Matching the IT and business processes to achieve the greatest mutual benefit from each.

_________________ involves the automated scheduling of production orders and movement of materials in the production process.

Material resource planning (MRP)

During the planning phase of the audit, auditors estimate the monetary amounts that are large enough to make a difference in decision making. This amount is referred to as:

Materiality

Whenever a company grants credit to customers, there is a danger that customers will not pay. In fact, most companies have occasional problems with customers who fail to pay which leads to writing off the accounts receivable. Proper controls related to these uncollectible accounts include all of the following, except:

Mathematical verification of the cash receipts journal and the accounts receivable ledger.

In a properly controlled system of administrative and reporting functions, 1. Employees have access to related assets or source documents. 2. Administrative processes are tightly controlled by supervisors. 3. Employees have the authority to initiate processes such as investing. 4. On processes such as sales and cash receipts employees are given general authorization to initiate and process transactions.

Only 4 is true.

Detailed information from a sale may be used by: 1. The sales department. 2. The accounts receivable section. 3. The inventory department. 4. General ledger accountants. 5. Customer service.

Only by 1, 2, 3, and 5.

Posting to the general ledger occurs:

Only when proper authorization has been given.

Before forwarding customer data, an organization should receive explicit or implicit consent of the customer. This describes which of the AICPA Trust Services Principles online privacy practices?

Onward transfer and disclosure

A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent a data store or the storage of data is a(n):

Open-ended rectangle

The software that controls the basic input and output activities of the computer are called:

Operating System

The types of concepts commonly found in a code of ethics would not include:

Operating at a profit in all reporting periods

During this phase of the SDLC, management should request and receive ongoing reports about the performance of the IT system.

Operation and Maintenance

The regular, ongoing, functioning of the IT system and the processes to fix smaller problems, or bugs, in the IT system is called:

Operation and Maintenance

This type of audit is completed to assess the operating policies and procedures of a client for efficiency and effectiveness.

Operational Audit

Which of the following types of audits is most likely to be conducted for the purpose of identifying areas for cost savings?

Operational Audits

This type of database contains that data that are continually updated as transactions are processed and includes data for the current fiscal year and supports day-to-day operations is referred to as a(n):

Operational Database

The assessment of the realism of the possibility that the current employees will be able to operate the proposed IT system is referred to as:

Operational Feasibility

During this process, the project team must consider the number of employees, their capabilities and expertise, and any supporting systems necessary to operate each alternative design.

Operational feasibility

The form that describes the chain of events that constitute a product's production is referred to as the:

Operations list.

All of the following are reasons why it is not possible to eliminate all fraud risks, except

Opportunity

Circumstances that provide access to the assets or records that are the objects of the fraudulent activity describes which condition of the Fraud Triangle?

Opportunity

The ERP program that uses the term "back office" in reference to managerial functions and "front office" in reference to customer and sales functions is:

Oracle Applications

The Point-of-sales (POS) systems capture all relevant sales data at the point of sale - the cash register. The data that is captured includes all of the following, except:

Ordering for low-inventory items

The document is prepared in order to map out the jobs and reporting relationships within an organization. This may include only top branches of an organization or may include all positions within the company.

Organization Chart

This type of address is the unique information that allows a specific website or server to be located.

IP

This type of auditor specializes in the information systems assurance, control, and security. They may work for CPA firms, government agencies, or with the internal audit group.

IT Auditor

Which of the following is not one of the three primary types of audits?

IT Audits

Many companies use independent, internet-based service providers to handle their payroll processing. These payroll providers specialize in offering solutions and constant access to payroll information.

Outsourcing of Payroll Services

Internal control activities within the payroll process, identified as adequate records and documents, would include which of the following?

Paychecks are prepared on prenumbered checks

Which of the following is not an independent check within payroll processes?

Paychecks are prepared on prenumbered checks.

This individual is responsible for distributing the signed paychecks on the designated pay day.

Paymaster

Common expenditure processes would include all of the following, except:

Payment received on account

This record, prepared by the cash disbursements department, provides a listing of al paychecks written, in check-number sequence, with the total supporting the amount of payroll funds to transfer to the payroll bank account.

Payroll Disbursements Journal

An integrated IT system of payroll and human resources may have extra risks above those of a manual system. Passwords and access logs are controls that should be used in these integrated systems to lessen the risk of:

Payroll data that does not reconcile to time cards.

Internal control activities within the payroll process, identified as segregation of duties, would include which of the following?

Payroll preparation, authorization of new hiring and pay rates, information systems, and general accounting should all be performed by different departments and / or different people.

A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes is called:

IT Governance

The proper management, control, and use of IT system are known as:

IT Governance

A group of senior managers selected to oversee the strategic management of IT is called:

IT Governance Committee

The two broad categories of general controls that relate to IT systems include which of the following:

IT administration and the related operating systems development and maintenance processes

The policies and procedures that employees following in acquiring and maintaining human resources, capturing and maintaining employee data, paying employees for time worked, and recorded the related cash payroll liabilities and expenses are collectively referred to as:

Payroll processes

This record, prepared by the payroll department, is a complete listing of salary or wage detail for all employees for a given time.

Payroll register

This document authorizes the transfer of cash from the company's main operating account into the payroll cash account.

Payroll voucher

Intentionally attempting to circumvent IT system access controls to determine whether there are weaknesses in any controls is called:

Penetration testing

The process of legitimately attempting to hack into an IT system to find whether weaknesses can be exploited by unauthorized hackers is referred to as:

Penetration testing

These tests of the security controls involve various methods of entering the company's system to determine whether controls are working as intended.

Penetration tests

Which of the following is a general control to test for external access to a client's computerized systems?

Penetration tests

The rule in the PCAOB/AICPA Code of Professional Conduct that is referred to as Responsibilities, can be stated as:

In carrying out their professional duties, CPAs should exercise sensitive professional and moral judgments in all their activities.

Which of the following is not considered a benefit of using computerized conversion systems?

Increased sales and cost of sales

Management misstatement of financial statements often occurs in order to receive indirect benefits such as:

Increased stock prices

Which control activity is intended to serve as a method to confirm the accuracy or completeness of data in the accounting system?

Independent checks and reconciliations

The theft of proprietary company information, by digging through the trash of the intended target company is called what?

Industrial Espionage

The chance that information used by decision makers may be inaccurate is referred to as:

Information Risk

This organization issues guidelines for conducting the IT audit. The standards issued address practices related to control and security of the IT system.

Information Systems Audit and Control Association

Using IT systems to enhance efficiency and effectiveness of internal or supply chain processes is called:

Information Technology Enablement

Which of the following is not one of the advantages of batch processing?

Information can be provided to users on a timely basis

Which of the following best describes the relationship between data and information?

Information is interpreted data.

This type of auditor is an employee of the company he / she audits.

Internal Auditor

The COSO report is also known as:

Internal Control Integrated Framework

The COSO report written for the purpose of assisting managers in the challenge of managing risk in their organization is entitled:

Internal Control- Integrated Framework

A company's _______ encompasses the tone of an organization and sets the basis for how risk is viewed and addresses by an entity's people

Internal Environment

The primary objective of compliance testing in a financial statement audit is to determine whether:

Internal controls are functioning as designed.

Many different types of output are generated by an accounting information system. The authors identified general categories of output. The category that would include any document that management determines would be useful to the business is:

Internal reports

This organization was established by the IFAC to set International Standards on Auditing (ISAs) that contribute to the uniform application of auditing practices on a worldwide basis.

International Auditing and Assurance Standards Board (IAASB)

Which of the following is NOT one of the approaches to cloud computing?

Internet Clouds

What does IP stand for?

Internet protocol

Information is the:

Interpretation of data that have been processed.

Face-to-face, verbal questioning of users of an IT system to determine facts or beliefs about the system are called:

Interviews

Specific software tools that monitor data flow within a network and alert the IT staff to hacking attempts or other unauthorized access attempts is called:

Intrusion detection

This type of software alerts the organization to hacking or other unauthorized use of the system or network.

Intrusion detection

Input controls such as field check, validity check, limit check, and reasonableness check are useful in IT systems of purchase to lessen which of the following risks?

Invalid data entered by vendors

IT controls over computer records and physical controls in general ledger storage areas minimize the related risk of:

Invalid general ledger postings

The internal control process that requires the approval of a cash disbursement transaction to take place prior to the preparation of the check, will help to minimize the risk of:

Invalid payments

The internal control process that requires purchase records to be matched and verified for item descriptions, quantities, dates, authorized prices, and mathematical accuracy, will help to minimize the risk of:

Invalid purchases

The internal control process that requires the approval of the purchase return transaction take place before the preparation of the debit memo, will help to minimize the risk of:

Invalid returns

The separation of the custody of inventory from the accounts receivable record keeping will help to minimize the related risk of:

Invalid returns

The risks that may affect the revenue and cash collection processes include all of the following, except:

Invalid transactions may have been omitted from the records.

The financials module of an ERP such as SAP would include all of the following components EXCEPT:

Inventory

All of the following are General controls except for:

Inventory Controls

The responsibility for managing and recording the movement of inventory in the many different directions that it may go throughout the conversion process is assigned to the:

Inventory control department.

The four primary functions of corporate governance do not include:

Inventory control.

Which of the following is NOT a special journal?

Inventory journal.

In following proper segregation of duties, those who handle cash should not be granted any of the following authorities EXCEPT:

Inventory management duties

Which of the following is not one of the general categories of business processes?

Inventory processes

The _______ function concerns the control of raw materials inventory held in storage or in holding areas, waiting for processing.

Inventory stores

Select the true statement from the choices below.

Inventory stores are concerned with raw materials and warehousing is concerned with finished goods.

When a point of sale system is used and a customer checks out through a cash register, which of the following processes occurs?

Inventory values are updated

Which of the following involves managing the holding area for finished goods awaiting sale?

Inventory warehousing

The account that a manufacturing operation and a retail firm would have in common would be:

Inventory.

The authors presented their "picture" of internal control as a series of umbrellas which represent different types of controls. Which of the following is not one of those types of controls?

Investigation

The IT Governance Committee has several important responsibilities. Which of the following is not normally one of those responsibilities?

Investing excess IT funds in long-term investments

Which of the following statements is false?

New programs sold by software development companies are not as user friendly as the legacy systems

Output from an accounting information system would NOT include:

Invoices from vendors

Perpetual inventory systems:

Involve every level of inventory necessary for production.

XBRL:

Is a language that allows data extraction from financial statements.

The Internet:

Is a series of networks connected to provide a global connectivity.

Which of the following questions would be least likely to appear on an internal control questionnaire regarding the initiation and execution of new property, plant, and equipment purchases?

Is access to the assets restricted and monitored?

SSL - secure sockets layering:

Is an encryption system in which the web server and the user's browser exchange data in encrypted form.

The supply chain:

Is both an internal and external process.

Today's automated accounting process:

Is built on an operational structure similar to manual accounting.

Security of source documents:

Is essential for both manual general ledger systems and IT accounting systems.

A router:

Is hardware that connects two or more networks.

The loss of transaction processing efficiency:

Is minimized because of the increased computing power available.

Which of the following companies would be most likely to use a Tier Two ERP software?

None of the Above

Hacking can be prevented by using which of the following?

None of the above

What time frame is required for a business processing system to be considered a "legacy system"?

None of the above

Which of the following statements is FALSE?

None of the above are false.

Notable differences between the acquisition of fixed assets and the acquisition of inventory includes:

None of the above.

The most difficult type of misstatement to discover is fraud that is concealed by:

Nonrecorded transactions

This term means that a user cannot deny any particular act that he or she did on the IT system is referred to as:

Nonrepudiation

Which of the following statements is true?

Nonroutine transactions are entered in the general journal.

Data within the data warehouse is:

Nonvolatile - it does not change rapidly.

The AICPA's Trust Services Principles practice that states a company should have policies and practices to maintain the privacy of customer data is under the title of:

Notice

Watching the steps that employees take as they process transactions in the system is referred to as:

Observation

Which of the following procedures would be most useful in determining the effectiveness of a company's internal controls regarding the existence or occurrence of payroll transactions?

Observe the segregation of duties concerning personnel responsibilities and payroll disbursement.

Which of the following audit procedures is most likely to be performed during the planning phase of the audit?

Obtain an understanding of the client's risk assessment process.

Batch processing:

Occurs when similar transactions are grouped together and processed as a group.

Real-time processing:

Occurs when the transaction is processed immediately.

Assets to be included in the fixed asset pool would include all of the following, except:

Office Supplies

A company's conversion processes includes all of the following except:

Office supplies.

The decision to raise or acquire capital funds is:

Is the responsibility of the board of directors.

E-commerce:

Is the sale of goods or services to an end-user consumer.

Direct access:

Is the same as random access.

Drill down within OLAP is:

Is the successive expansion of data as lower levels of data are exposed.

The chance for fraud or ethical lapses will not be reduced if management:

Is unethical

Routing is the:

Issuance and movement of materials into the various production phases.

Select the correct statement from those listed below.

Issuance of bonds and the origination of loans are considered debt while the issuance of stock is considered equity.

Which of the following statements concerning an operations list is true?

It is an engineering document that describes the chain of events within a company's conversion process.

The use of the smart card or security tokens is referred to as a two factor authorization because:

It is based on something the user has, the token or card, and something the user knows, the password

Which of the following is a disadvantage of purchased accounting software, compared with software developed in-house?

It is custom designed for that company

Payroll outsourcing has become popular due to all of the following reasons EXCEPT:

It offers full protection from internet fraud

Which of the following relationships does not violate the rules of segregation of duties

Preparation of the sales order and sales invoice.

Which of the following correctly lists activities within the conversion process in chronological order?

Prepare bill of materials, prepare purchase requisition, initiate production, inspect goods

Bar codes can be used in a number of different instances for input:

Prepare financial staments

Which of the following correctly lists the correct chronological order of data flow in the fixed asset acquisitions process?

Prepare requisition; approve purchase; prepare purchase order; receive goods

Which of the following objectives were not identified as necessary to be provided by an effective accounting system?

Prepare the appropriate documents

In a system of proper internal controls, the same employee should not be allowed to:

Prepare voucher packages and sign checks.

Inventory status reports are:

Prepared at various stages of the production process.

Personnel who work in the receiving area should complete all of the following processes, except:

Preparing an invoice

The recording responsibilities for cash receipts includes all of the following, except:

Preparing bank deposits

A large part of the work performed by an auditor in the audit planning process is the gathering of evidence about the company's internal controls. This can be completed in any of the following ways, except:

Preparing memos to summarize their findings

In order to ensure that all records are updated only for authorized transactions, appropriate individuals should be assigned all of the following duties, except:

Preparing the bank reconciliation.

The establishment of log-in procedures can help prevent or lessen security risks and are referred to as:

Preventive controls

Sales orders are calculated based on current selling prices of the items sold. The source of these prices, which would include the entire set of pre-established and approved prices for each product, is referred to as a(n):

Price list

All types of auditors must follow guidelines promoting ethical conduct. For financial statement auditors, the PCAOB/AICPA has established a Code of Professional Conduct, commonly called the Code of Ethics, which consists of two sections. Which of the following correctly states the two sections?

Principles and rules

The purpose of the feasibility study is to assist in

Prioritizing IT requested changes

To avoid the risks associated with a public cloud, many companies establish their own computing cloud structure. The cloud is developed, owned, maintained, and used by the user company. This cloud is referred to as:

Private cloud

An extranet is a:

Private network accessible by select members of the supply chain.

An intranet is a:

Private network accessible only to the employees of a company.

When creating or reading a system flowchart, the rectangle represents a(n):

Process

A pictorial representation of business processes in which the actual flow and sequence of events in the process are presented in the diagram form - the start of the process, the steps within the process, and the finish of the process is referred to as:

Process Map

In documenting systems, which pictorial method is described as a method that diagrams the actual flow and sequence of events?

Process map

The policies and procedures that employees follow when completing the purchase of goods or materials, capturing vendor data and purchase quantities, and routing the resulting purchasing documents to the proper departments within the company are called:

Processes

These controls are intended to prevent, detect, or correct errors that occur during the processing of an application

Processing Controls

This type of control is intended to ensure the accuracy and completeness of processing that occurs in accounting applications:

Processing Controls

The accuracy, completeness, and timeliness of the process in IT systems is referred to as:

Processing Integrity Risks

IT audit procedures typically include a combination of data accuracy tests where the data processed by computer applications are reviewed for correct dollar amounts or other numerical values. These procedures are referred to as:

Processing controls

AICPA Trust Principles identify five categories of risks and controls. Which category is best described by the statement, "Information process could be inaccurate, incomplete, or not properly authorized"?

Processing integrity

The risk related to this category of Trust Services Principles could be inaccurate, incomplete, or improperly authorized information

Processing integrity

When a company sells items over the Internet, it is usually called e-commerce. There are many IT risks related to Internet sales. The risk of invalid data entered by a customer would be a(n):

Processing integrity risk.

In today's IT environment:

Processing speed is compromised for query capability with relational databases.

The sales and services module of an ERP such as SAP would include all of the following components EXCEPT:

Procurement

Credit cards given to employees by the organization in order for the employees to make designated purchases are called:

Procurement Cards

Which of the following is NOT a primary component of the logistics function?

Production

Which of the following is not a method of unethically inflating sales revenue?

Promotional price discounts

An example of an independent verification in the sale process is:

Proof of recorded dates, quantities, and prices on an invoice.

One of the most effective ways a client can protect its computer system is to place physical controls in the computer center. Physical controls include all of the following, except:

Proper temperature control

Regional ISPs:

Provide the connection between local ISPs and national backbone providers.

This form is prepared to document the need to make a purchase and requests that the specific items and quantities be purchased.

Purchase requisition

Internal control activities within the purchasing process, identified as segregation of duties, would include all of the following, except:

Purchasing records and programs must be protected from unauthorized access.

Which of the following is not an example of cloud computing?

Purchasing songs from iTunes and downloading those those songs onto your computer

The final hub in the logistics function is:

Quality control.

The final hub in the logistics function which involves a follow-up to production, where the products are inspected before they are moved to the warehouse or shipping area is referred to as:

Quality control.

The AICPA's Trust Services Principles practice that states that all customer data collected remains "accurate, complete, current, relevant, and reliable" is under the title of:

Quality.

A written, rather than an oral, form or questioning of users to determine facts or beliefs about a system is referred to as a(n):

Questionnaire

The organization of files in a computer system normally uses one of two different access methods. The access method method where the files are not stored in sequence, one record not stored immediately after another, is referred to as:

Random Access

(Magnetic) Disk storage is:

Random access.

Physical inventory counts should only include:

Raw materials, work-in-process, and finished goods.

During substantive testing, if material misstatements have been found to exist, which of the following actions should be taken next?

Re-evaluate the audit risk in the planning phase

The management assertion related to valuation of transactions and account balances would include all of the following, except:

Real

A type of online processing where a transaction is processed immediately so that the output is available immediately is termed:

Real-Time Processing

The processing system where transactions are processed immediately and where output is available immediately is referred to as:

Real-time processing

Select the true statement from those provided.

Real-time processing fails to attain the efficiency of batch processing.

Select the false statement from those provided.

Real-time processing must use sequential storage concepts.

This level of assurance means that controls achieve a sensible balance of reducing risk when compared with the cost of the control

Reasonable assurance

Which programmed input validation check compares the value in a field with related fields which determine whether the value is appropriate?

Reasonableness check

Under a system of sound internal controls, if a company sold defective goods, the return of those goods from the customer should be accepted by the:

Receiving Clerk

The textbook referred to the three primary categories of processes in the typical purchasing system. Which of the following in not one of those categories?

Receiving Processes

A document prepared that lists the chronological sequence of all returned items is referred to as a(n):

Receiving log

This document, prepared and maintained by the receiving department, is a sequential listing of all receipts.

Receiving log

A source document prepared by the personnel in the receiving dock that documents the quantity and condition of the items received is called a(n):

Receiving report

Work steps that are internal controls within the business process would include:

Reconciling a cash register at the end of each day

A set of related fields is referred to as a:

Record

The authorization of sales returns requires that certain individuals within the company be assigned the authority for all of the following, except:

Record the Credit Memos

The AICPA Trust Services Principles categorizes IT controls and risks into categories. Which of the following is not one of those categories?

Recovery

Which of the process map symbols is used to show a task or activity in the process?

Rectangle

A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent any task or function performed is a(n):

Rectangle with rounded corners

Which of the following advantages is least likely to be experienced by a company implementing an enterprise resource planning (ERP) system?

Reduced cost

IT systems permit or allow all of the following except:

Reduced internal security measures.

The advantages and disadvantages of modular implementation are:

Reduces the risks associated with installation and operation of the system, but full system integration is not available.

Many IT systems have redundant data storage such that two or more disks are exact mirror images. This is accomplished by the use of:

Redundant arrays of independent disks

Each of the following is an online privacy practice recommended by the AICPA Trust Services Principles Privacy Framework except:

Redundant data should be eliminated from the database.

The Sarbanes-Oxley act was passed in 2002 as a Congress's response to the many situations of fraudulent financial reporting discovered during 2001. The intention of the Act was:

Reform accounting, financial reporting, and auditing functions of companies that are publicly traded

The difference between a general authorization and a specific authorization is that with a general authorization, a transaction is allowed if it falls within specified parameters, whereas with a specific authorization, explicit authorization is needed for that singe transaction to be completed

True

The differentiating factor between B2C and B2B is where B2C might purchase two books; a B2B purchase might involve ten thousand books.

True

The exact steps in the SDLC and/or their sequence are not as important as is the need to formalize and conduct those steps completely and consistently.

True

The existence of good internal controls do not ensure high sales and profits.

True

The face-to-face nature of an interview is advantageous due to the fact that the interviewer can clear up any misunderstandings as they occur and can follow up with more questions, depending on the response of the interviewee.

True

The form authorization and control includes the requirement that source documents should be prenumbered and are to be used in sequence

True

The intent of an ERP (enterprise resource planning) system is to provide a single software application for revenue, expenditures, conversion, and administrative processes.

True

The internal control activity, related to the authorization of transactions, requires that only specific individuals within the company should have the authoritative responsibility for establishing sales prices and credit terms.

True

The last step of the systems analysis phase is to prepare a systems analysis report that will be delivered to the IT governance committee.

True

The longer the encryption key is bits, the more difficult it will be to break the code

True

The longest and most costly part of the SDLC is the operation and maintenance.

True

The most common method for decision makers to reduce information risk is to rely on information that has been audited by an independent party.

True

The most common method for detecting occupational fraud is a tip - from an employee, a customer, vendor, or anonymous source

True

The most effective measure to prevent management fraud is to establish a professional internal audit staff that periodically checks up on management and reports directly to the audit committee of the board of directors

True

The organization should institute procedures to insure that all customer data collected retains accuracy, is complete, is current, is relevant, and is reliable".

True

The paymaster should be independent from the departmental supervision responsibilities, so that it can be determined that the paychecks are being distributed to active employees.

True

The payroll process starts when an employee is hired by the organization.

True

The purpose of observation in the system survey is to enable the project team to gain an understanding of the processing steps within the system.

True

The real-time nature of processing decreases the total processing time and allows more immediate feedback to management.

True

The remittance advice sent by the customer with the related payment is used by the vendor to properly apply the payment to the customer's account.

True

The remoteness of information, one of the causes of information risk, can relate to geographic distance or organizational layers.

True

The research and development effort is part of the planning process rather than the operations process.

True

The rethinking and designing that occur during business process reengineering are aided by the use of information technology

True

The risk related to confidentiality category of Trust Principles is that confidential information about the company or its business partners may be subject to unauthorized access during its transmission or storage in the IT system

True

The role of the auditor is to analyze the underlying facts to decide whether information provided by management is fairly presented.

True

The strength of Peoplesoft is the human resources aspects of an organization.

True

The supply chain may be larger at either or both ends as more than one vendor may supply the same materials and more than one customer may purchase the finished products.

True

The tone at the top of the organization tends to flow through the entire organization and affects behavior at all levels

True

The use of a blind purchase order forces the receiving clerk to perform an independent check of the quantity and quality of the delivery.

True

The use of dual firewalls - one between the internet and the web server and one between the web server and the organization's network - can help prevent unauthorized from accessing the organization's internal network of computers

True

The use of estimates when accounting for fixed assets requires that the estimates may need to be changed as time passes and new information is discovered.

True

The use of generalized audit software is especially useful when there are large volumes of data and when there is a need for accurate information.

True

The use of passwords to allow only authorized users to log into an IT system is an example of a general control

True

The user ID and password for a particular user should not allow access to the configuration tables unless that user is authorized to change the configuration settings

True

The workstations and the network cabling and connections represent spots were an intruder could tap into the network for unauthorized access

True

Those who handle cash should not have access to the related accounting records.

True

Tier one includes software often used by large, multinational corporations.

True

Tier two describes software used by midsize businesses and organizations.

True

To "drill down" is the process of successive expansion of data into more detail, going from high- level data to successively lower levels of data.

True

To database user, the question of how or where data is stored continues to be less important.

True

To increase the effectiveness of login restrictions, user Ids must be unique for each user

True

To set a proper ethical tone, top managements should measure several factors of managerial performance without over-emphasizing profitability or cost cutting.

True

To the extent possible, IT systems should be installed in locations away from any location likely to be affected by natural disasters

True

To verify the accuracy of application software, an organization should be sure the software is tested before it is implemented and must regularly test it after implementation

True

Tools commonly used in data mining are OLAP, ROLAP, and MOLAP.

True

Unauthorized access is a concern when an IT system is networked to either internal networks or the Internet

True

Using a unique service set identifier (SSID) makes it more difficult for an outsider to access the wireless network

True

What a customer refers to as a purchase order is referred to as a sales order by the vendor.

True

When an automated matching system is used, all of the relevant files must be online (or in databases). The system can then access the online purchase order and receiving files and check the match of items, quantities, and prices.

True

When an organization uses a separate checking account to handle payroll transactions, it is easier to account for the payroll transactions and to distinguish them from cash disbursements for other business purposes.

True

When files are organized as sequential access, and the user needs to access record number 250, the previous 249 records will be read by the computer before reading record number 250

True

When management does not act ethically, fraud is more likely to occur

True

When preparing the cash disbursement journals, it is important that the records have the actual date of cash disbursement, as is shown on the check.

True

When the IT governance committee uses both the strategic match and the feasibility study, they will be better able to prioritize proposed changes to the IT systems.

True

When the company is a vendor, goods flow into the company and cash is paid out.

True

When top management behaves ethically and encourages ethical behavior, there are usually fewer cases of frauds, errors, or other ethical problems.

True

While it is not necessary to hire a consulting firm, many organizations find that the special expertise of consulting firms is most beneficial in the design and implementation of accounting system software.

True

While there is no requirement to disclose a privacy policy on a website, it is an ethical obligation to disclose and follow the policy.

True

Within an ERP system unauthorized access to a purchase module could trigger a related unauthorized payment within accounts payable.

True

XML is a rich language that facilitates the exchange of data between organizations via web pages.

True

Y2K compatibility issues arose because computers kept dates in mm/dd/yy type formats.

True

An output of the accounting system that can be used as an input in a different part of the accounting system is referred to as:

Turnaround document

A flat file database has:

Two dimensions, rows and columns.

Relational databases are:

Two-dimensional tables which can be joined in many ways.

This type of question is completely open ended, and the respondent is free to answer in any way that he/she feels addresses the question.

Unstructured Question

Which of the following controls is not normally performed in the accounts payable department?

Unused purchase orders and receiving reports are accounted for.

The business processes that are common in company-to-company sales business types include all of the following, except:

Update affected records, such as accounts payable and cash

An enterprise resource planning (ERP) system would:

Update both accounts payable and inventory when purchased goods are received from a vendor.

The last event to occur in the purchase return process is:

Update inventory records

The custody responsibilities for cash receipts includes all of the following, except:

Updating accounts receivable records

Activities involved with the fixed assets continuance phase of the fixed assets processes include all of the following, except:

Updating depreciation prior to the disposal of fixed assets

The AICPA's Trust Services Principles practice that states the organization should use customers' personal data only in the manner described in "notice" is under the title of:

Use and retention

Independent checks on the performance of others is one of the categories of internal control. These independent checks would include all of the following, except:

Use of appropriate ID to enter restricted areas

Fraud associated with the capital and investment process is:

Usually related to management fraud.

Which of the following statements, related to a business process, is not a true statement?

Usually takes a long-period of time to complete

Capital is/are the funds:

Utilized to acquire long-term assets

The Internet:

Utilizes the World Wide Web as a backbone.

There are many risks that may affect the payroll and fixed asset transactions. Which of the following is not one of those risks?

Valid expenditures recorded properly by the wrong employee.

This type of input validation check examines a field to ensure that the data entry in the field is valid compared with a preexisting list of acceptable values

Validity Check

In entering client contact information in the computerized database of a telemarketing business, a clerk erroneously entered nonexistent area codes for a block of new clients. This error rendered the block of contacts useless to the company. Which of the following would most likely have led to discovery of this error into the company's computerized system?

Validity check

Which of the following items is not one of the source document controls?

Validity check

Because it can be expensive to develop and maintain a system that links two companies directly, the companies often use a third-party network. This third-party network provides other valuable services such as translation and encryption of the EDI data and authentication of a valid and authorized training partner. These third-party networks are called:

Value Added Networks

Internal reports of financial information:

Vary by the user.

Which of the following is NOT generally an area of measure in a balanced scorecard?

Vendor

The review of amounts charged to the company from a seller that it purchased from is called a:

Vendor audit

The expected cost based on projections of a product's required resources which includes direct materials, direct labor and overhead is referred to as:

Standard costs.

Which of the following is not a part of general accepted auditing standards?

Standards of Information Systems

The careful and responsible oversight and use by management of the assets entrusted to management is called:

Stewardship

The careful and responsible oversight and use of the assets entrusted to management is referred to as:

Stewardship

The careful and responsible oversight and use of the assets entrusted to management is called:

Stewardship

Capital funds are acquired through the issuance of:

Stocks and/or bonds.

Equity is considered:

Stocks.

The internal control process of requiring physical controls in the warehouse and receiving areas, in order to limit access to inventory items, will help to minimize the risk of:

Stolen goods

The internal control process that requires physical controls in the warehouse and shipping areas with access to inventory helps to minimize the risk of:

Stolen goods

The internal control process that requires the performance of end of period review to determine whether purchases are recorded in the proper period will help to minimize the risk of all of the following EXCEPT:

Stolen goods

Which of the following terms relates to the control of materials being held for future production?

Stores

The process of determining the strategic vision for the organization, developing the long-term objectives, creating the strategies that will achieve the vision and objections, and implementing those strategies is referred to as:

Strategic Management

The purpose of this item is to maintain the detailed information regarding routine transactions, with an account established for each entity

Subsidiary Ledger

The main difference between substantive testing and controls testing is:

Substantive testing verifies whether information is correct, whereas control tests determine whether the information is managed under a system that promotes correctness.

Suppose that during the planning phase of an audit, the auditor determines that weaknesses exist in the client's computerized systems. These weaknesses make the client company susceptible to the risk of an unauthorized break-in. Which type of audit procedures should be emphasized in the remaining phases of this audit?

Substantive tests

The auditor's test of the accuracy of monetary amounts of transactions and account balances is known as:

Substantive tests

All of the following are types of integration strategies utilized by an ERP system except:

Supply Chain Integration

The organization and control of all materials, funds, and related information in the logistics process, from the acquisition of raw materials to the delivery of finished products to the end user is referred to as:

Supply Chain Management

The entities, processes, and information flows that involve the movement of materials, funds, and related information through the full logistics process, from the acquisition of raw materials to the delivery of the finished products to the end use is a set of linked activities referred to as:

Supply chain

In order to protect data files, production programs, and accounting records from unauthorized access, each of the following may be used, except:

Surveillance cameras

In order to help safeguard the availability in an electronic business environment, a company should implement controls such as business continuity planning, backup data and systems, in order to reduce the risk of:

System failures

Accountants and auditors are less likely to use which of the following system documentation methods?

System flowcharting

Systems professionals in the design and maintenance of IT systems use this documentation method

System flowcharting

This method of system documentation is intended to show the entire system, including inputs manual and computerized processes, and outputs

System flowcharting

A process map shows a circle with a letter or number in the middle. This symbol is used to show:

That there is a break in the process

Which of the following statements related to the COSO report is false?

The COSO report has not been updated since it was issued in 1992

When there is a difference between the inventory records quantity and the physical count of inventory:

The difference is resolved through inventory reconciliation.

The term "operations" is commonly used to refer to:

The main function of the business.

Which of the following ERP approaches accomplishes the ERP implementation beginning with one department?

The modular implementation approach

Which of the following is NOT one of the reasons for increased spending on ERP systems in recent years?

The need for earnings management

The conversion process is initiated when the company recognizes:

The need to conduct operations.

Most companies can justify the use of specialized asset management software programs instead of the spreadsheets or traditional manual systems for all of the following reasons, except:

The number of different methods of accounting for depreciation

Which of the following is not true of unethical behavior?

The only category of unethical behavior for accountants is inflating revenue

In inventory systems, when the actual quantity and the accounting records quantity are compared it is referred to as:

The physical inventory reconciliation.

Overhead includes all of the following except:

The president's salary.

Auditors should develop a written audit program so that:

The procedures will achieve specific audit objectives related to specific management assertions.

Within the purchases processes, which of the following is the first document prepared and thereby the one that triggers the remaining purchasing processes?

The purchase requisition

Within cash disbursements, all of the following should be true before a check is prepared, except that:

The purchased goods have been used.

Which of the following events would not constitute the start of the purchasing process?

The purchasing manager receives a shipment of raw materials that she had ordered.

Which of the following is not a main characteristic of client-server system?

The client does not participate in the processing or data manipulation

Characteristics of a client-server system include all of the following except:

The client normally stores the large database

A company must have systems in place to take care of all activities related to both routine and non-routine processes. The activities would include all of the following, except:

Review

Which of the following internal controls wold help prevent overpayment to a vendor or duplicate payment to a vendor?

Review and cancellation of supporting documents after issuing payment.

Which of the following was NOT listed as a procedure to accomplish independent checks?

Review of auditing procedures

Which of the following reviews would be most likely to indicate that a company's property, plant, and equipment accounts are not understated?

Review of the company's repairs and maintenance expense accounts.

AICPA Trust Principles describe five categories of IT risks and controls. Which of these five categories would be described by the statement, "The system is protected against unauthorized access"?

Security

The main risk related to this category of Trust Services Principles is unauthorized access

Security

Controls meant to prevent the destruction of information as the result of unauthorized access to the IT system are referred to as:

Security controls

The AICPA's Trust Services Principles practice that states that the organization has the necessary protections to try to insure that customer data is not lost, destroyed, altered, or subject to unauthorized access is under the title of:

Security for privacy.

A new technology that is used to authenticate users is one that plugs into the USB port and eliminates the need for a card reader. This item is called a:

Security token

One of the most critical controls to prevent theft of inventory purchased is to:

Segregate inventory custody from inventory record keeping.

If an accounting supervisor were allowed to hire employees, approve the hours worked, prepare the paychecks, and deliver the paychecks, which of the categories of control activities would be violated?

Segregation of duties

An extra digit added to a coded identification number, determined by a mathematical algorithm is called a:

Self-Checking Digit Check

Data collected would be all but the:

Selling company's name.

Ethical issues associated with data collection and storage include all of the following EXCEPT:

Selling non-sensitive information only to trusted agents.

Disposing of a fixed asset could include all of the following methods, except:

Sending it to another department.

Which of the following is not a major purpose served by the continual and proper use of the IT governance committee and the SDLC?

The conversion of the system

This type of input check ensures that the batch of transactions is sorted in order, but does not help to find the missing transactions

Sequence Check

Batch Processing correlates mostly to which of the following data storage techniques?

Sequential Access

The organization of files in a computer system normally uses one of two different access methods. The access method where the files store records in sequence, with one record stored immediately after another, is referred to as:

Sequential Access

Magnetic tape storage medium allows:

Sequential access storage with sequential data processing.

Storage media and methods of processing are:

Sequential and random access storage with batch and real time data processing.

Select the true statement from the following:

Servers may contain shared files and resources.

A company that wishes to buy cloud computing services enters into an agreement with a cloud computing provider. This agreement is called a:

Service Level Agreement (SLA)

This security feature, used on wireless networks, is a password that is passed between the sending and receiving nodes of a wireless network

Service set identifier

A field is a (n):

Set of characters.

Manufacturing companies implement ERP systems for the primary purpose of

Sharing information

The purpose of tracing shipping documents to prenumbered sales invoices would be to provide evidence that:

Shipments to customers were properly invoiced.

A chronological listing of shipments that allows management to track the status of sales and to answer customer inquiries regarding order status is called a(n):

Shipping Log

The use of electronic data interchange (EDI) to conduct sales electronically has both risks and benefits. Which of the following is a benefit of EDI, rather than a risk?

Shorter inventory cycle time

Which of the following is NOT a piece of relevant information that should be entered into the fixed asset subsidiary ledger upon the acquisition of a fixed asset?

The seller of the fixed asset

All of the following are classifications of inventory EXCEPT:

Sold goods

The use of employee prepared time cards and the entering of the time worked by the payroll department is a good example of which type of input method for AIS?

Source Documents and Keying

This method of input for AIS is considered to be time consuming and error prone due to the human effort required to write in some document and to manually key in the data:

Source Documents and Keying

The paper form used to capture and record the original data of an accounting transaction is called a(n):

Source document

The record that captures the key data of a transaction is called:

Source document

Which of the following correctly states the order of steps in a manual accounting system?

Source documents, Journals, Ledgers, Reports

The processes that authorize the raising of capital, execute the raising of capital, and properly account for that capital are called:

Source of capital processes

The internal control activities within the purchasing process, related to authorization of transactions, would include which of the following?

Specific individuals should be given authoritative responsibility for preparing purchase requisitions and purchase orders which would include which items to purchase, how many items, and which vendor.

Which of the following is NOT a responsibility given to the individuals making purchases for the company?

Specifying the order and sequence of payments to vendors.

Which of the following is generally an external computer fraud, rather than an internal computer fraud?

Spoofing

A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent both sources and destinations of data is a(n):

Square with squared corners

Data is

The set of facts collected from transactions.

The disadvantages to real-time processing include:

The single database that is shared is more susceptible to unauthorized access

Real-time data item processing is more complex because:

There is duplication of effort in processing transactions.

The expanded SDLC presented in the textbook expands the processes within the system design phase. This is necessary because:

There is usually more than one software or system type that will meet the needs of the organization.

The fixed assets owned by a company are considered to be long-term because:

They are purchased with the intent of benefitting the company for a long period of time.

Which of the following is not one of the disadvantages of maintaining the legacy systems?

They are well supported and understood by existing personnel

Which of the following is not a disadvantage of maintaining legacy systems?

They contain invaluable historical data that may be difficult to integrate into newer systems

The internal control activity related to the adequate records and documents, related to sales, includes which of the following?

Those responsible for recording sales should ensure that the supporting documentation is retained and organized.

The matching of a purchase order to the related receiving report and invoice is known as:

Three-way match

SAP and PeopleSoft are part of which market segment of accounting software?

Tier 1 ERP Segment

The type of ERP system used by large, multinational corporations is known as

Tier one software

It is necessary for employees to maintain adequate records of the hours worked and the projects worked on. The record of hours worked by an employee for a specific payroll period is reported on a document called:

Time sheet

Which of the following correctly lists activities of the Payroll Process in chronological order?

Time sheet submitted by employee; time sheet approved; paycheck signed by management; update General Ledger

Internal control activities within the payroll process, identified as independent checks and reconciliations, would include which of the following?

Time sheets reconciled with the payroll register.

Source documents are usually preprinted and sequentially prenumbered. Which of the following is not one of the reasons for this prenumbering and preprinting?

To be sure that all of the documents have been recorded

The reasons to store customer names, addresses, and other similar information include all but:

To create financial reports.

There are a number of reasons that all access to an IT system be logged. Which of the following is not one of the reasons for the log to be maintained?

To establish a user profile

Select the correct statement from the following.

To review the purchases from a vendor inspect the purchases journal, to determine inventory levels of a specific item inspect the subsidiary ledger for inventory.

Which of the following statements is true regarding internal controls of capital and investment processes?

Top management fraud, rather than employee fraud, is more likely to occur.

The transactions and resulting processes related to loans, bonds payable, and stock should be executed only when

Top management or the board of directors authorize them.

In meeting the control objective of safeguarding of assets, which department should be responsible for distribution of paychecks ad custody of unclaimed paychecks, respectively? Distribution of Custody of Paychecks Unclaimed Paychecks

Treasurer Treasurer

Immediately upon receiving checks from customers in the mail, a responsible employee working in an environment of adequate internal control should prepare a listing of receipts and forward it to the company's cashier. A copy of this cash receipts listing should also be sent to the company's:

Treasurer for comparison with the monthly bank statement.

The officer within a corporation that usually has oversight responsibility for investment processes is the

Treasurer.

Which of the following, within the corporation, has the responsibility for making investment decisions?

Treasurer.

Accounting software was often not available in the early days of computers which required that the organization would develop, program, and implement their in-house accounting software.

True

Adapting to fair value measures in the preparation of IFRS-based financial statements will likely cause auditors to evaluate supporting evidence differently than if US GAAP was used.

True

Administrative processes are transactions and activities that either are specifically authorized by top managers or are used by managers to perform administrative functions.

True

Although there is no direct benefit, in terms of cash received, when a fraudster engages in earnings management, it is still unethical because it results in the falsification of the company's financial statements.

True

An alternative to batch processing is the use of electronic timekeeping devices, such as time clocks or badge readers.

True

An auditor cannot make informed decisions necessary to complete the audit without an understanding of the accounting information system

True

An enterprise resource planning (ERP) system allows a sales representative to provide the date that inventory for sale will be received from a vendor to a customer upon order placement.

True

An enterprise resource planning (ERP) system integrates all business processes and functions into a single software system using a single database.

True

An entire record forms a "database."

True

An example of good internal control is having one person responsible for the value of the total of the sales in the sales journal and another person responsible for the balance of sales in the general ledger.

True

An organization must maintain procedures to protect the output from unauthorized access in the form of written guidelines and procedures for output distribution

True

Any professionally trained accountant is able to perform an operational audit.

True

Application controls are intended to ensure that inputs and processing are accurate and complete and that outputs are properly distributed, controlled, and disposed

True

As the result of promotions or job changes, an employee may have different access or authorizations. Because of this, it is important that a company review user profiles and make changes to access and authority levels.

True

Auditors do not need to be experts on the intricacies of computer systems but they do need to understand the impact of IT on their clients' accounting systems and internal controls

True

Based on each employee's user profile, audit trails can be constructed and reported which employees initiated or conducted individual processes.

True

Batch processing is best suited to applications that have large volumes of similar transactions that can be processed as regular intervals

True

Batch processing is best suited to sequential access files

True

Batch processing occurs when similar transactions are grouped together, and that group is processed as a batch.

True

Because the evaluated receipts settlement process relies heavily on an IT system that can quickly access online purchase-order files, a system slowdown could halt all receiving activity.

True

Because the point-of-sale systems are not normally connected to outside trading partners, they pose fewer risks related to security and confidentiality than e-commerce or EDI systems.

True

Because the users of reports need the reports on an ongoing basis as part of their jobs, it is critical to have user feedback in the design of the details of the output reports.

True

Because there is no such thing as a standard cloud, it is not possible to standardize a risk assessment process and audit procedures for a cloud computing environment.

True

Business process reengineering (BPR) is the purposeful and organized changing of business processes to make them more efficient.

True

Business process reengineering means tailoring both the business process to IT and the IT process to the business process for best functionality and processing.

True

Business process reengineering should leverage the capabilities of information technology to improve the efficiency of business processes

True

CRM is a term for software solutions that help businesses manage customer relationships in an organized way.

True

Cash should be periodically verified by comparing the cash balance with the bank statement.

True

Cloud computing results in greater availability, but also requires greater security and processing integrity.

True

Collusion between employees is one of the easiest frauds to detect and prevent.

True

Collusion can make it much easier to commit and conceal a fraud or theft, even when proper internal controls are in place

True

Complete, up-to-date, and accurate documentation on production orders is needed to support the conversion process.

True

Computer logs should be maintained in order to have a complete record of who used the system and the histories of that use. This computer log would allow monitoring and identification of unauthorized accesses or uses.

True

Computer systems increase the efficiency and effectiveness of an organization but also increase their vulnerability

True

Computer-aided manufacturing (CAM) involves the complete automation of the production process, including the full replacement of human resources with computers.

True

Computer-assisted audit techniques are useful audit tools because they make it possible for auditors to use computers to audit large amounts of evidence in less time.

True

Concurrency means that all of the multiple instances of the same data are exactly alike.

True

Conflicting abilities are also referred to as incompatible duties.

True

Controlling access to the operating system is critical because that access opens access to any data or program within the system

True

Controls over cash collections are likely the most important control procedure because cash is the asset most susceptible to theft and misappropriation.

True

Controls will help to reduce risks, but it is impossible to completely eliminate risks

True

Corporate governance policies and procedures must be in place to assure that funds are expended only to the benefit the organization and its owners.

True

Customer fraud is a common problem for companies that sell merchandise online

True

Customizing an ERP system should be limited due to cost and upgrading to the system in the future.

True

Data in the data warehouse are called nonvolatile because they do not change rapidly in the same way that operational data change

True

Data must be collected to complete a transaction such as a sale.

True

Detailed customer accounts should be maintained and reconciled with customer statements regularly.

True

Diligent adherence to the SDLC process, by management, is part of fulfilling its ethical obligations of stewardship and fraud prevention.

True

Discussing the strength of encryption refers to how difficult it would be to break the code

True

Due to management's responsibility to monitor operations by examining reports that summarize the results of operations, it is necessary that the system provide timely and accurate information

True

ERP II has additional modules including customer relationship management and supply chain management for enhanced e-commerce transactions.

True

ERP implementation regarding IT infrastructure benefits include building business flexibility for current and future changes

True

ERP systems are based on a relational database system

True

ERP systems are built to interact with the IT systems of trading partners such as customers and suppliers.

True

ERP systems can grow with the business.

True

ERP systems such as SAP normally post their financial transactions in real-time for current information through all of the appropriate modules.

True

Each organization has to decide which combination of IT controls is most suitable for its IT system, making sure that the benefits of each control outweigh its costs

True

Early MRP applications utilized sales forecasts to compute material requirements for production.

True

Earnings management is the act of misstating financial information in order to improve financial statement results.

True

Employees who hack into computer networks are often more dangerous because of their knowledge of company operations

True

Even if a firm is a service or sales firm it may conduct some sort of manufacturing operation.

True

Even though a company has an obligation to pay for goods as soon as the goods are received, it is common to not record the actual liability until the invoice is received.

True

For a number of different reasons, a company may find it necessary to reject goods received which will start the purchase returns process.

True

For both source of capital processes and investment processes, the important control is the specific authorization and oversight by top management.

True

General controls apply to the IT accounting system and are not restricted to any particular accounting application

True

HIPs, or high-impact processes, are the critically important processes that must be executed correctly if the organization is to survive and thrive.

True

HTML has evolved over the years to increase functionality and security.

True

IT and business process reengineering have mutually enhancing relationships. The business processes should be supported by the IT capabilities.

True

IT systems are to be chosen and implemented to support the attainment of strategies and objectives

True

If a new cost is incurred related to an asset that is considered to enhance that, either by extending the useful life or increasing the efficiency, the fixed asset accountant must make sure the appropriate adjustments are made to the fixed asset subsidiary ledger.

True

If a sales order comes from a new customer, it is necessary to evaluate the creditworthiness of that customer before the sale is approved.

True

If an organization has the policy of allowing employees to work from home via telecommunications, they could be opening themselves up to an opportunity for a hacker to break-in to their network

True

If real-time processing is to occur, database records must be stored on random access media.

True

In a properly segregated IT system, no single person or department should develop computer programs and also have access to data that is commensurate with operations personnel

True

In centralized data processing the processing and the databases are stored and maintained in a central location.

True

In distributed data processing (DDP) and distributed databases (DDB), the processing and the databases are dispersed to different locations of the organization.

True

In most cases, a fraud will include altering accounting records to conceal the fact that a theft has occurred

True

In order to enhance controls, reconciliations should be performed by company personnel who are independent from the tasks of initiating or recording the transactions with the accounts being reconciled.

True

In order to gain a complete understanding of the system under study, the project team should seek the opinions and thoughts of those who use the system in addition to observation and documentation review.

True

In order to meets it obligation of corporate governance, the board of directors must oversee IT.

True

In order to properly carry out an audit, accountants collect and evaluate proof of procedures, transactions, and / or account balances, and compare the information with established criteria.

True

In the case of a manual accounting system, an approved journal voucher must be forwarded to the general ledger department before transactions can be recorded.

True

In the case of high-dollar assets, there should be a strict approval process that requires the authorization of top management or the initiation of the capital budgeting procedures.

True

In the detailed design phase, all of the individual steps within a process must be identified and designed.

True

Independent reconciliation of the periodic inventory counts and the inventory ledger and the general ledger will help to assure that inventory is being properly accounted for.

True

Industrial espionage can occur with or without the use of a computer

True

Information is the interpretation of data that have been processed.

True

Information risk is the chance that information used by decision makers may be inaccurate.

True

Internal controls over sales returns are similar to those for the revenue process where it is important to match receiving reports for returns with the related credit memos to ensure that the company issues credit for all returns for the correct amounts.

True

Inventory warehousing involves managing the holding area for finished goods awaiting sale.

True

It is common that personnel related expenses are one of the largest expenses reported on the company's income statement.

True

It is essential that accountants oversee the data conversion from the old system to the new system to make sure that all accounting data is completely and correctly converted.

True

It is important for accountants to consider possible threats to the IT system and to know how to implement controls to try to prevent those threats from becoming reality

True

It is important for accountants to have some understanding of basic computer terminology

True

It is important to understand that the IT governance committee delegates many of its duties by the policies that it develops

True

It is likely that the IT governance committee will go back through the phases of the SDLC to design new and improved IT systems.

True

It is necessary for a company to consider the risks of its system to determine whether the costs of implementing a control procedure are worthwhile in terms of the benefits realized from the control.

True

It is necessary that managers remember that they are stewards of funds expended by a business - that the funds are not owned by the managers.

True

It is necessary to identify the "entry points" in the IT system that make an organization susceptible to IT risks

True

It is not always possible to avoid all mistakes and frauds because there will always be human error, human nature, and it is not always cost-effective to close all the holes

True

It is not necessary to get specific authorization for each individual routine transactions.

True

It is not possible to have an internal control system that will provide absolute assurance

True

Just-in-time (JIT) production systems are concerned with minimizing or eliminating inventory levels of all inventory items.

True

Location-wise implementation and pilot implementation are both considered methods of implementation.

True

MRP II systems let vendors track customer inventory levels and trigger inventory shipments when prearranged levels are met.

True

Magnetic tape is a storage medium that allows only a sequential access type of storage.

True

Maintenance and control is concerned with maintaining the capital resources used to support production, including production facilities and other fixed assets.

True

Management assertions relate to the actual existence and proper valuation of transactions and account balances.

True

Management fraud is the intentional misstatement of financial information and may be difficult for auditors to find because the perpetrator will attempt to hide the fraud.

True

Management has an ethical obligation to create and enforce policies and practices which ensure that private customer data are not misused.

True

Management must examine feedback from the ERP system to assist in the proper management and control of operations and financial conditions.

True

Many IT systems do not use source documents; the input is automatic

True

Many companies use a tracking system for their fixed assets that would include applying a fixed asset tag, number, or label to the asset.

True

Most companies conduct business transactions with checks so that a written record is established for cash disbursements.

True

One advantage in the B2B e-business environment is that operations costs can be reduced through inventory reductions and efficiencies can be increased by location of nearby assets when needed.

True

One advantage to the use of questionnaires is that they an be answered anonymously, which allows the respondent to be more truthful without fear of negative consequences.

True

One characteristic that the Internet, intranets, and extranets have in common is that they are all networks that are intended for the sharing of information and the conducting of transactions.

True

One of the advantages of private cloud computing is expanded access

True

One of the greatest risks of ERP cloud systems is the potential service outage that might cause the system to be unavailable.

True

One of the reasons that management, not employees, initiates more unethical and fraudulent activities is that employees do not have access to much of the documentation needed to affect the event.

True

One of the sources of risk exposure related to telecommuting workers is that the company's network equipment and cabling becomes an entry point for hackers and unauthorized users

True

Online processing is best suited to situations where there is a large volume of records by only a few records are needed to process any individual transaction

True

Overtime hours are paid at a rate different from the regular hours, usually one and one-half times the standard rate.

True

Packet switching is the method used to send data over a computer network.

True

Payroll disbursements are to be authorized by the accounts payable department on the basis of the company's need to satisfy its obligation to its employees.

True

Payroll information includes personal information about employees, such as their pay rate and performance, and must be kept confidential.

True

Payroll outsourcing has become popular (and prevalent) become is offers increased convenience and confidentiality.

True

Physical controls should be in place in the company's storerooms, warehouses, and production facilities in order to safeguard the inventories held therein.

True

Preparing payroll manually is extremely time consuming due to the process of extracting all these inputs from the records and performing the mathematical computations.

True

Proper sales authorization control requires obtaining approval before processing an order and again before the order is shipped.

True

Real-time processing occurs when transactions are processed as soon as they are entered.

True

Record files related to sales can be organized by customer name or by the numerical sequence of the documents.

True

Redundancy is needed for servers, data, and networks.

True

Regardless of how effective and good the accounting system is, if top management is intent on falsifying financial statements by inflating revenue, they can usually find ways to misstate revenue.

True

Regardless of the results of the control testing, some level of substantive testing must take place.

True

Regional ISPs connect to the backbone through lines that have less speed and capacity than the backbone.

True

Risk assessment in cloud computing is particularly challenging because the threats to a company's data are uncontrolled, and often unforeseen, by the company.

True

Risk can be inherent in the company's business, due to things such as the nature of operations, or may be caused by weak internal controls.

True

Sales processes need supporting practices such as credit checks and stock authorization.

True

Scalability is one of the advantages of cloud-based databases. What this means is that as the company grows, they can easily purchase new capacity from the cloud provider.

True

Scalability, related to public cloud computing, refers to the fact that as a company can easily purchase new capacity from the cloud provider

True

Sequential access means that data are stored in sequential or chronological order.

True

Service firm internal reports are more likely to focus on sales and the status of projects.

True

In order to help safeguard the security and confidentiality in an electronic business environment, a company should implement controls such as user ID, password, log-in procedures, access levels, and authority tables in order to reduce the risk of:

Unauthorized access

The security and confidentiality risks of computer based matching would include:

Unauthorized access to the system's ordering and matching functions would allow the insertion of fictitious vendors and / or invoices.

There are a number of ways that frauds may be carried out to try to receive excess compensation. Which of the following is not one of those methods?

Understatement of job related expenses

Since the sale of goods in an ERP system may automatically trigger more production, which in turn would trigger the purchase of raw materials there is a significant need to ensure that these integrated processes are triggered at the correct time and in the correct amounts.

True

Software should never be implemented before it is tested.

True

Standard costs are expected costs based on projections of a product's required resources.

True

Standard costs include direct materials, direct labor, and overhead. \

True

Subsidiary ledgers maintain the detail information regarding routine transactions, with an account established for each entity.

True

Supply Chain Management integrates supply and demand management within and across companies.

True

Systems operators and users should not have access to the IT documentation containing details about the internal logic of computer systems.

True

The AICPA Trust Services Principles state that the customer should be given the choice regarding the collection and retention of data.

True

The ERP system can incorporate a matrix of tasks that are compatible.

True

The IT governance committee should constantly assess the long-term strategy of the company and determine the type of IT systems to purchase, develop and use.

True

The Sarbanes-Oxley Act has placed restrictions on auditors by prohibiting certain types of services historically performed by auditors for their clients.

True

The VPN, virtual private network, uses the internet and is therefore not truly private - but is virtually private

True

The accounting information system is often the tool used to commit or cover up unethical behavior

True

The accounts payable department keeps copies of purchase orders and receiving reports, that will be compared to the related invoice, to be sure that the invoices represent goods that were ordered and received.

True

The acquisition of fixed assets is normally initiated by a user department when they identify a need for a new asset, either to replace an existing asset or to enhance its current pool.

True

The acronym COBIT stands for Control Objectives for Information Technology, an extensive framework of information technology controls developed by Information Systems Audit and Control Association

True

The analysis phase is the critical-thinking stage of systems analysis.

True

The assigning of access and authority for a specific user ID is referred to as a user profile.

True

The authorization of a cash disbursement occurs when the accounts payable department matches the purchase order, receiving report, and the invoice, and then forwards the matched documents to the cash disbursements department.

True

The closer the source document matches the input screen, the easier it will be for the data entry employee to complete the input screen without errors

True

The common term for business-to-consumer e-commerce is B2C. The common term for business-to-business electronic sales is B2B.

True

The controls discussed in the chapter, related to safeguarding assets within the expenditures process and ensuring the accuracy and completeness of expenditure processes, help to enhance corporate governance structure.

True

A battery to maintain power in the event of a power outage meant to keep the computer running for several minutes after the power outage is an example of a(n):

Uninterruptible power supply

The letter UPC, when relating to bar codes, stands for:

Universal Product Code

Five different components of the accounting system were presented in the textbook. Which of the following is not one of those components?

Work steps assure that all business processes are recorded using computer-based procedures

A small piece of program code that attaches to the computer's unused memory space and replicates itself until the system becomes overloaded and shuts down is called: A. Infections

Worm

Subsidiary ledgers:

Would contain the detailed information of a customer's account.

IT governance includes all but which of the following responsibilities?

Writing programming code for IT systems

An extensible markup language designed specifically for financial reporting is:

XBRL

Select the correct statement from the following.

XML is extensible markup language while XBRL is extensible business reporting language.

An example of Cash receipts fraud would include:

an employee steals checks collected from customers

The term "ghost employee" means that:

someone who does not work for the company receives a paycheck.

Which of the following URL's would indicate that the site is using browser software that encrypts data transferred to the website?

https://misu

Auditors should perform this type of test to determine the valid use of the company's computer system, according to the authority tables.

Authenticity tests

The supply chain:

Includes manufacturing facilities

Which of the following statements does not refer to a legacy systems?

Includes source documents, journals, and ledgers

OLAP tools include all of the following EXCEPT:

Inclusion reports.

Availability risks of e-commerce, or e-business, include all of the following, except:

Incomplete audit trail

The internal control process of requiring physical controls in place in areas where fixed assets are held, will help to minimize the risk of:

Incorrect amounts

The internal control process that requires purchase return records be matched with the original purchase documentation and verified for item descriptions, quantities, dates, and prices, will help to minimize the risk of:

Incorrect amounts

The separation of the responsibility for custody of cash from the responsibility for reconciling the bank accounts will help to minimize the related risk of:

Incorrect amounts

Types of fraud that may occur in the payroll function includes all of the following, except:

Incorrectly computed tax withholdings

If an organization's IT systems are not properly controlled, they may become exposed to the risks of:

All of the above

Immediate preparation of receiving reports for all actual receipts of goods helps to minimize the risk of:

All of the above

By maintaining a well-defined, complete chart of accounts, an organization minimizes the related risk of:

Amounts posted to wrong accounts

Select the true statement from those provided below.

An ERP system is designed to be a stand-alone software application to accomplish revenue, expenditures, conversion, and administrative processes.

Operation risks with an ERP system includes all of the following EXCEPT:

An unauthorized user can affect more processes in the legacy system.

This table contains a list of valid, authorized users and the access level granted to each one

Authority table

The software that accomplishes end user tasks such as work processing, spreadsheets, and accounting functions is called:

Application Software

This type of processing control test involves a comparison of different items that are expected to have the same values, such as comparing two batches or comparing actual data against a predetermined control total.

Balancing Tests

A printed code consisting of a series of vertical, machine readable, rectangular bars and spaces, that vary in width and are arranged in a specific ways to represent letters and numbers are referred to as:

Bar Coding

All of the risks and audit procedures that apply to a PC environment may also exist in networks, but the risk of loss of much lower.

False

XML:

Facilitates the exchange of data between organizations via web pages.

A backbone provider is an organization such as the National Science Foundation (NSF) which funded the Internet and/or the WWW.

False

A bill of materials lists both physical items and skill requirements needed to construct an item of inventory.

False

Advantages of an automated system includes all of the following, except:

Increased cost of the system.

Although it is uncommon, some companies maintain separate checking accounts that are used for payroll transactions.

False

An enterprise resource planning (ERP) system would update accounts receivable and inventory when purchased goods are received from a vendor.

False

An example of unstructured data would be customer telephone numbers.

False

An extranet is similar to an internet except that it offers access to a greater number of sites than a standard Internet or WWW connection.

False

An important requirement for CPA firms is that they must be personally involved with the management of the firm that is being audited.

False

An internal auditor is not allowed to assist in the performance of a financial statement audit.

False

Application controls apply to the IT accounting system and are not restricted to any particular accounting application

False

Approvals for each journal voucher are specific authorizations.

False

There are different ways to issue a purchase order to a vendor. Which of the following is not one of the ways?

Hard copy by hand

Cleansed or scrubbed data:

Has had errors and problems fixed.

Which of the following describes a mathematical sum of data that is meaningless to the financial statements but useful for controlling the data and detecting possible missing items?

Hash Total

The totals of fields that have no apparent logical reason to be added are called:

Hash Totals

Which control total is the total of field values that are added for control purposes, but not added for any other purpose?

Hash total

Which of the following would be a correct way to compute the gross pay for an employee?

Hours Worked times Authorized Pay Rate

The function of this committee is to govern the overall development and operation of IT systems

IT Governance Committee

When companies rely on external, independent computer service centers to handle all or part of their IT needs it is referred to as:

IT Outsourcing

The security of having cash receipts deposited in the bank on a daily basis will help to minimize the related risk of:

Lost or stolen cash

An example of a one-to-one relationship would be:

One customer, one billing address.

An ERP system uses:

One database which contains all data items associated with the organization.

An example of a one-to-many relationship would be:

One employee, three timecards for the pay period.

Proper IT controls will NOT:

Prevent an employee from sharing his password.

Firewalls:

Prevent external users from accessing the extranet or intranet.

This type of control is designed to avoid errors, fraud, or events not authorized by management

Prevention

Related audit tests to review the existence and communication of company policies regarding important aspects of IT administrative control include all of the following, except:

Prevention of unauthorized access

The advantages of e-commerce, or e-business, include all of the following, except:

Repudiation of sales transactions

All ERP vendors have developed cloud-based ERP products.

True

All types of auditors should have knowledge about technology-based systems so that they can properly audit IT systems.

True

Although accountants are heavily involved in the creation, implementation, and monitoring of the control structure, management has the ultimate responsibility to establish a control environment

True

Amounts withheld from an employee paycheck will ultimately be paid to another vendor.

True

An entire set of files is a database.

True

Which of the following is NOT an objective of IT usage to support business processes?

Increased data to use in the data analytics process

An IT system that uses touch screens, bar coded products, and credit card authorization during the sale is called a(n):

Point of sales system.

An IT system that uses touch-screen cash registers as an input method is called:

Point-of-sale system

A review of the feasibility assessments and other estimates made during the projects, the purpose of which is to help the organization learn from any mistakes that were made and help the company avoid those same errors in the future.

Post-Implementation Review

Which of the following steps within the systems implementation phase could not occur concurrently with other steps, but would occur at the end?

Post-implementation review

Which of the following statements regarding the authorization of general ledger posting is NOT true?

Posting to the general ledger always requires specific authorization.

(Magnetic) Disk storage is:

Preferred over magnetic tape storage.

The purpose of this step in the systems analysis phase is to determine whether the problem or deficiency in the current system really exists and to make a "go" or a "no-go" decision.

Preliminary Investigation

Independent auditors are generally actively involved in each of the following tasks except:

Preparation of a client's financial statements and accompanying notes.

Which of the following activities is an inventory control activity?

Routing

A file is a:

Row within a record.

Important characteristics of electronic data interchange (EDI) include all of the following, except:

Sales register is used to record all transactions.

External reports do not include:

Sales reports.

Select the answer that contains only internal reports.

Sales, inventory, aged receivables.

Because it is not possible to test all transactions and balances, auditors rely on this to choose and test a limited number of items and transactions and then make conclusions about the

Sampling

The purpose of this 2002 act was to improve financial reporting and reinforce the importance of corporate ethics

Sarbanes-Oxley Act

Which of the following is not one of the approaches used to achieve the management of an IT control framework?

Sarbanes-Oxley Act section on IT Controls

A company using public cloud computing has the ability to purchase new capacity from the cloud provider, instead of buyer servers or new data storage. This ability is referred to as:

Scalability

Risks associated with public cloud computing include all of the following, except:

Scalability

In this feasibility, the project team must estimate the total amount of time necessary to implement the each alternative design.

Schedule feasibility

Frontware, which adds modern, user friendly screen interfaces to legacy systems are referred to as:

Screen scrapers

The correct sequence of the supply chain is:

Secondary suppliers, suppliers, manufacturer, warehouses, distributors, retailers, and customers.

This communication protocol is built into web server and browser software that encrypts data transferred on that website. You can determine if a website uses this technology by looking at the URL

Secure sockets layer

Select the correct statement from the following:

The accounts payable journal will not show detail of purchases from a vendor.

A web server is:

A computer and hard drive space that stores web pages and data.

Protocols can be considered:

A language native to the network so all computers can translate it.

A protocol is required so that:

Answers A, B, and C are all correct.

Fraud is:

Precluded by proper internal control processes.

The average annual cost of cyber crime to U.S. companies is:

$3.8 million

1. The AICPA's Trust Services Principles state that online privacy focuses on: 1. Name 2. Address 3. Social Security number 4. Government ID numbers 5. Employment history 6. Personal health conditions 7. Personal financial information 8. History of purchases 9. Credit records

1, 2, 3, 4, 5, 6, 7, 8, and 9.

E-commerce sites may: 1. Provide access to manufacturer information on the product. 2. May provide tax free sales of retail goods. 3. Require shipping and handling fees to be paid. 4. Provide links to live or video presentations of product information. 5. Not provide as quick order processing as the company's retail locations.

1, 2, 3, and 4 are correct.

Processes in supply chain management: 1. Involve trading processes from a supplier to the business. 2. Involve trading processes from the business to a customer. 3. Involve trading between the business and other intermediaries. 4. Do not include any transactions once raw materials are put into production.

1, 2, and 3 are correct.

Supply chain management is: 1. The management and control of all materials. 2. The management and control of all funds related to purchasing. 3. The management of information related to the logistics process. 4. Limited to the flow of materials from vendors into the production cycle.

1, 2, and 3 are correct.

Customizing an ERP system: 1. Will tailor the ERP system to the user. 2. May have a prohibitive cost. 3. May hinder future system upgrades. 4. Is recommended wherever possible.

1, 2, and 3 only.

E-business 1. Includes the sale of raw materials between companies. 2. Includes using the Internet as an electronic network. 3. Sales will usually be smaller dollar amounts with many sales. 4. Is a broader concept than e-commerce.

1, 2, and 4 only.

While using a manual general ledger system, the audit trail could consist of: 1. General ledger. 2. Electronic images. 3. Journal vouchers. 4. Paper documents. 5. Source documents. 6. Special journals. 7. Subsidiary ledgers.

1, 3, 4, 5, 6, and 7.

Database relationships may be: 1. One-to-one relationships. 2. One-to-one relationships only. 3. One-to-many relationships. 4. One-to-many relationships only. 5. Many-to-one relationships. 6. Many-to-one relationships only. 7. Many-to-many relationships. 8. Many-to-many relationships only.

1, 3, 5, and 7 only.

Business process reengineering (BPR): 1. Aligns business processes with IT systems to record processes. 2. Reengineer the underlying processes to be more effective. 3. Improves the efficiency of the underlying process through automation. 4. Requires significant investment in IT resources. 5. Does not have a mutual enhancement effect with IT.

1, 3, and 4 only.

Data conversion will: 1. Require an appropriate amount of time be devoted to the conversion. 2. Be done at a minimal cost. 3. Import data from many legacy systems into a single RDBMS. 4. Require cleansing of errors and configuration inconsistencies.

1, 3, and 4 only.

When a transaction occurs in a business, the accountant must decide if it is a regular and recurring transaction. If the transaction IS regular and recurring, it will be recorded in a ____1_____. If it is NOT regular and recurring, it will be recorded in a _____2_____.

1=Special journal; 2=General Journal

The role of the auditors is to analyze the underlying facts to decide whether information provided by management is fairly presented. Auditors design ____1_____ to analyze information in order to determine whether ____2_____ is/are valid.

1=audit tests; 2=management's assertions

As required by Sarbanes-Oxley, enhanced ERP systems provide feedback to management regarding internal controls. To effectively use the function, there are important steps that need to be taken. 1. Establish and maintain a list of compatible duties. 2. Insure that employees are given access and authority only to those parts of the system required. 3. Periodically review the user profile and change any access and authority levels as necessary. 4. Configure the ERP system to track and report any instances where an employee initiated or records any event. 5. Monitoring the periodic reports or real-time reports by the appropriate manager to determine if user profiles have changed.

2, 3, 5

Select the true statements from the following. 1.Fraud, theft, or theft of data on the Internet and WWW are reduced by its regulated and controlled state. 2.A customer may feel isolated from the product because of the inability to touch or handle the product. 3.E-commerce customers may be targeted for solicitations based on their purchasing history. 4.E-commerce customers will often incur a shipping and handling charge with purchases. 5.E-commerce customers will always find the best product at the best price.

2, 3, and 4 are all true statements.

E-business: 1. Is a narrower concept than e-commerce. 2. Services the customers and the vendors. 3. Is electronic recording and control of internal processes. 4. Uses electronic means to enhance business processes.

2, 3, and 4 only.

Proper data analysis of data warehouse files: 1. Improves short-term planning. 2. Improves long-term planning. 3. Enhances the ability to meet customer needs. 4. Increase performance.

2, 3, and 4.

While using a computerized IT accounting system, the audit trail could consist of: 1. General ledger. 2. Electronic images. 3. Journal vouchers. 4. Paper documents. 5. Source documents. 6. Special journals. 7. Subsidiary ledgers.

2.

A firm expects to sell 1000 units of its best-selling product in the coming year. Ordering costs for this product are $100 per order, and carrying costs are $2 per unit. Compute the optimum order size, using the EOQ model.

317 units

A company has the following invoices in a batch: Invoice No. Product ID Quantity Unit Price 401 H42 150 $30.00 402 K56 200 $25.00 403 H42 250 $10.00 404 L27 300 $ 5.00 Which of the following numbers represents a valid record count? A. 1

4

The reasons for storing data to complete a customer sales transactions include all of the following EXCEPT: 1. Taking the order. 2. Pulling the items from the warehouse. 3. Shipping the items to the customer. 4. Billing the customer. 5. Providing feedback to the customer on the order. 6. Updating the customer account for payment.

5

A URL is converted to an IP by:

A DNS accessed when the browser sends the command.

Select the false statement from the following.

A character is a single letter, number, or symbol.

Select the true statement from the following.

A character is a single letter, number, or symbol.

The sales and cash collections process begins when:

A customer places an order with the company

When special journals are utilized:

A general journal is still utilized for infrequent and unique journal entries.

HTML is:

A language utilized to present website words, data, and pictures.

Advantages of e-commerce include all EXCEPT:

A narrower market for goods and services.

Which of the following audit objectives relates to the management assertion of existence?

A transaction actually occurred (i.e., it is real)

Nonrepudiation means that:

A user cannot deny any particular act that he or she did on the IT system

Which of the following is not an example of a software system that supports e-business and e- commerce?

AFB

Which of the following involves the inclusion of both variable and fixed costs in the determination of unit costs for ending inventories and cost of goods sold?

Absorption costing

Ethical issues of manufacturing include all except:

Absorption costing.

The AICPA's Trust Services Principles practice that states that customers should have access to the data provided so that the customer can view, change, delete, or block further use of the data provided is under the title of:

Access

The security of assets and documents related to cash disbursements would include all of the following, except:

Access to records should be limited to persons with the authority to sign checks.

Which of the following groups of processional within a organization have a history of designing and implementing the controls to lessen risks?

Accountants

There are many reasons for accountants to become aware of potential unethical behaviors. Which of the following is not one of the reasons identified by the authors?

Accountants are responsible for identifying unethical and illegal activities

The process that must identify the transactions to be recorded, capture all the important details of the transactions, properly process the transaction details, and provide reports is termed the:

Accounting Information System

The system that captures, records, processes, and reports accounting information is referred to as a(n):

Accounting information system

Segregation of duties is accomplished by which of the following?

Accounting personnel having restricted access to physical inventory.

Which department maintains copies of purchase orders and receiving reports so that the documents can be compared before the accounting records are updated?

Accounts Payable

Which of the given departments will immediately adjust the vendor account for each purchase transaction so that the company will know the correct amount owed to the vendor?

Accounts Payable

A kickback is an example of which type of fraud?

Accounts Payable Fraud

All of the following documents are necessary in the cash receipts process except:

Accounts Payable Subsidiary Ledger

Which department is generally responsible for the notification of the need to make cash disbursements and the maintenance of vendor accounts?

Accounts payable department

The accounting record that includes the details of amounts owed to each vendor is called the:

Accounts payable subsidiary ledger

In order to properly monitor customer payments and determine the amount of an allowance for uncollectible accounts, a(n) _________ should be generated to analyze all customer balances and the respective lengths of time that have elapsed since payments were due.

Accounts receivable aging report

Sales and sales returns can affect which journals?

Accounts receivable, cash, inventory, and sales.

Unauthorized access to the operating system would allow the unauthorized user to:

All of the above

Rework refers to:

Additional procedures to bring a product up to specifications.

Techniques used for gathering evidence include all of the following, except:

Adequate planning and supervision

Activities involved with the fixed assets disposal phase of the fixed assets processes include all of the following, except:

Adjusting periodic depreciation

Which of the following is a proper description of an auditor report?

Adverse opinion - notes that there are material misstatements presented.

All of the following are external reports except:

Aged Accounts Receivable Schedule

Cost-benefit can be defined as:

Alarm systems and vaults for fine jewelry inventories.

Which of the following statements is true?

All accounting systems, whether computerized or not, must capture data, process the data, and provide outputs

Ethical responsibilities are shared by:

All concerned including employees, customers, and management.

Sequential access means:

All data items must be read in the order in which they were placed into the system

All of the following are examples of security controls except for?

All of the Above are examples of security controls

After all of the RFPs have been received, either the IT governance committee or the project team will evaluate the proposals in order to select the best software package. Things that must be considered would include:

All of the above

All of the following are environmental control issues for physical hardware except for:

All of the above

Common means of presenting the revenue and cash collections processes pictorially include:

All of the above

Confidentiality of information is an ethical consideration for which of the following party or parties?

All of the above

Considerations related to adopting or increasing cloud computing usage, include:

All of the above

Financial Stewardship can be ensured in the revenue process by establishing and maintaining which of the following?

All of the above

In a large company, there are hundreds, possibly thousands, of sales transactions each day. The company needs to have in place, systems and processes to:

All of the above

The control environment related to the fixed asset processes can be enhanced through the implementation of various access controls, such as:

All of the above

The data preparation procedures are to be well-defined so that employees will be sure of:

All of the above

The definition of fraud includes the theft of:

All of the above

A good system of internal control includes many types of documentation. Which of the following types of documentation is not part of the adequate records and documents category of internal control?

All of the following are types of documentation

A use of enterprise application integration would include:

All of the listed items would be included

With structured query language (SQL):

All of the possibilities, A, B, and C, are correct.

Which of the following process within a supply chain can benefit from IT enablement?

All process throughout the supply chain

Network databases:

Allow shared branches within the inverted tree structure.

If a company does not prepare an aging of accounts receivable, which of the following accounts is most likely to be misstated?

Allowance for uncollectible accounts

The transmission of packets:

Allows great versatility in the transmission of data.

The standard format used with electronic data interchange (EDI) allows all vendors and buyers to speak the same language. This group has developed the standard format for the common documents used in the sales process:

American National Standards Institute

Which of the following statements regarding an audit program is true?

An audit program establishes responsibility for each audit test by requiring the signature or initials of the auditor who performed the test.

The payroll process is initiated when:

An employee is hired

Which of the following is most likely to be effective in deterring fraud by upper level managers?

An enforced code of ethics

A record is:

An entire set of fields for a specific entity.

When discussing the supply chain:

An entity may not be able to directly control all of the interrelated activities within the supply chain

A process or procedure in an IT system to ensure that the person accessing the IT system is valid and authorized is called:

Authentication of users and limiting unauthorized access

This type of software should be used to avoid destruction of data programs and to maintain operation of the IT system. It continually scans the system for viruses and worms and either deletes or quarantines them

Antivirus Software

Random access means:

Any data item can be directly accessed without reading in sequence.

Internal controls over the input, processing, and output of accounting applications are called:

Application Controls

Internal controls used specifically in accounting applications to control inputs, processing, and outputs are referred to as a(n):

Application Controls

The existence of verifiable information about the accuracy of accounting records is called a(n):

Audit trail

The process where the details of individual transactions at each stage of the business process can be recreated in order to establish whether proper accounting procedures for the transaction were performed is called:

Audit trail

Which of the following is not one of the identified causes of information risk?

Audited information

This organization is part of the AICPA and was the group responsible for issuing Statements on Auditing Standards which were historically widely used in practice.

Auditing Standards Board

Many companies design their IT system so that all documents and reports can be retrieved from the system in readable form. Auditors can then compare the documents used to input the data into the system with reports generated from the system, without gaining any extensive knowledge of the computer system and does not require the evaluation of computer controls. This process is referred to as:

Auditing around the system

Which of the following is the most effective way of auditing the internal controls of an IT system?

Auditing through the computer

This approach, referred to as the whitebox approach, requires auditors to evaluate IT controls and processing so that they can determine whether the information generated from the system is reliable.

Auditing through the system

The process of user identification to ensure that only authorized users are accessing the IT system, which occurs through the use of user ID, password, and other unique identifiers, is called:

Authentication

When there is no necessity for a preexisting relationship between buyer and seller, that transaction is more likely to be classified as

B2C

Select the correct statement from the following.

B2C is considered e-commerce while B2B is considered e-business.

Select the correct statement from the following:

B2C is typically few line items per order while B2B is typically many line items per order.

The type of organization that serves as the main trunk line of the Internet is called a

Backbone provider.

Which of the following is not a method of updating legacy systems?

Backoffice ware

Which of the following is not one of the stated physical controls for inventory in a warehouse?

Backup Copies

An electronic payroll time keeping device that collects data when employee identification badges are swiped through an electronic reader are called:

Badge reader

Internal reports do not include:

Balance Sheets

Select the answer that contains only external reports.

Balance sheet, income statement, cash flow statement.

Audit trails:

Can be from the source document to the journal entry or from the journal entry to the source document.

When computerized technology is introduced into processes, the processes

Can be radically redesigned to take advantage of the speed and efficiency of computers to improve processing efficiency.

The accounting profession has accepted this report as the standard definition and description of internal control.

COSO Report

A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives related to the effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations is:

COSO's definition of internal control

Financial statement audits are required to be performed by:

CPAs

Data processing and storage:

Can be distributed to meet organizational requirements.

The proper order of activity in an accounting information system would be as follows:

Capture, Record, Process, Report

The substance of an accounting information system includes:

Capturing, recording, processing and reporting accounting information

While an employee may have access to privileged information, an example of unethical activities would be a

Car salesman viewing the credit rating of a customer with a car in for warranty repairs.

The term that refers to how many instances of an entity relates to each instance of another entity is:

Cardinality

Which of the following departments is not a part of the purchasing process?

Cash Disbursements

A chronological listing of all payments is referred to as a(n):

Cash Disbursements Journal

A special journal used to record all cash collections is called a(n):

Cash Receipts Journal

Independent checks and reconciliations, related to cash receipts, include all of the following, except:

Cash collections should be deposited in the bank in a timely manner to prevent the risk of theft.

Special journals include:

Cash disbursements journal, cash receipts journal, payroll journal, purchases journal, and sales journal.

A manager suspects that certain employees are ordering merchandise for themselves over the Internet without recording the purchase or receipt of the merchandise. When vendors' invoices arrive, one of the employees approves the invoices for payment. After the invoices are paid, the employee destroys the invoices and related vouchers. To trace whether this is actually happening, it would be best to begin tracing from the:

Cash disbursements.

The goal of a physical inventory reconciliation is to

Compare the physical count with the perpetual records.

Which of the following terms in not associated with a financial statement auditor's requirement to maintain independence?

Competence

This type of input validation check assesses the critical fields in an input screen to make sure that a value is in those fields

Completeness Check

Which programmed input validation makes sure that a value was entered in all of the critical fields?

Completeness check

Two or more computers linked together to share information and/or resources is referred to as a(n):

Computer Network

This software allows engineers to work with advanced graphics at electronic work stations to create 3-D models that depict the production environment.

Computer aided design (CAD)

The advantages of using IT-based accounting systems, where the details of transactions are entered directly into the computer include:

Computer controls can compensate for the lack of manual controls

Which of the following would normally not be found on the IT Governance Committee?

Computer input operators

This complete records of all dates, times, and uses for each person is referred to as a(n):

Computer log

Select the true statement.

Computer-aided design may be three dimensional.

_____________ integrates all of the conversion processes to allow for minimal disruptions due to reporting requirements or inventory movement issues.

Computer-integrated manufacturing systems (CIMs)

Which of the following statements is true related to manual systems?

Computerized systems often rely on some manual record keeping

Which of the following is not a risk inherent in an IT system?

Computers being stolen

Changing the accounting records to hide the existence of a fraud is termed:

Concealment

The process of matching alternatives system models to the needs identified in the system analysis phase is called:

Conceptual Design

_______ is the aggregation or collection of similar data. It is the opposite of drill down in that it takes detailed data and summarizes it into larger groups.

Consolidation

When management designs and implements effective administrative processes:

Constant monitoring is necessary.

Tables in a flat file database must:

Contain similar data in the column.

A production schedule:

Contains information from the operations list.

The data warehouse:

Contains the historical information needed for planning and analysis.

A process of constant evidence gathering and analysis to provide assurance on the information as soon as it occurs, or shortly thereafter, is referred to as:

Continuous auditing

A document completed to prepare a record of the sales return and to adjust the amount of the customer's credit status is called a(n):

Credit memorandum

The source document that initiates the recording of the return and the adjustment to the customer's credit status is the:

Credit memorandum

High-impact processes (HIPs) are:

Critical to the long-term objectives of the organization.

This document is prepared on a regular basis to accumulated and summarize all the transactions that have taken place between the customer and the company within the period.

Customer Account Statements

When a customer improperly obtains cash or property from a company, or avoids liability through deception, it is termed:

Customer fraud

The term for software solutions that help businesses manage customer relationships in an organized way is:

Customer relationship management

Supply chain management (SCM) is a critical business activity that connects a company more closely with its:

Customers and suppliers

The date that is the end of the accounting period is referred to as the:

Cutoff

When goods are received at the end of the accounting period, and the invoice is not received until after the start of the following period, a problem may arise as to when to record the liability. This is referred to as a(n):

Cutoff issue

Examples of Business Continuity include all of the following except:

Environmental Backup Recovery Plan

Software Programming involves all of the following except:

Data Conversion

This document system is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. Identify the document system

Data Flow Diagram

The process of converting data from human readable form to computer readable form is referred to as:

Data Input

In addition to testing system documentation, auditors should test the three main functions of computer applications. Which of the following is not one of these functions?

Data Storage

An integrated collection of enterprise-wide data that includes five to ten fiscal years of nonvolatile data, used to support management in decision making and planning is referred to as:

Data Warehouse

Which of the following is used to produce management reports that would be used to oversee day-to-day operations?

Data Warehouse

The record detailing the amounts and timing of depreciation for all fixed asset categories, except land and any construction-in-progress accounts, is called:

Depreciation schedule

Engineering is responsible for:

Designing the product and creating the bill of materials and the operations list.

The process of designing the outputs, inputs, user interfaces, databases, manual procedures, security and controls, and documentation of the new system is referred to as:

Detailed Design

The purpose of this phase of systems design is to create the entire set of specifications necessary to build and implement the system.

Detailed design

The systems analysis report, which is sent to the IT governance committee, will inform the committee of all of the following, except:

Detailed design

This type of control is included in the internal control system because it is not always possible to prevent all frauds. They help employees to discover or uncover errors, fraud, or unauthorized events

Detection

High-impact processes (HIPs):

Determine the structure of the data in the data warehouse.

Data mining would be useful in all of the following situations except

Determining customers' behavior patterns.

An IT governance committee has several responsibilities. Which of the following is least likely to be a responsibility of the IT governance committee?

Develop and maintain the database and ensure adequate controls over the database

The process of converting data into secret codes referred to cipher text is called:

Encryption

Which of the following is not a control intended to authenticate users?

Encryption

Large-scale IT systems should be protected by physical access controls. Which of the following is not listed as one of those controls?

Encryption of passwords

Within the planning component of the logistics function, which of the following processes is responsible for preparing bill of materials and the operations list?

Engineering

The main reason that receiving clerks are denied access to purchase order quantities and prices is to:

Ensure that the receiving clerk actually takes the time to verify the accuracy of a delivery before accepting it.

Chapter 2 discusses the different approached that can be used to enhance existing legacy systems. Which approach intends to consolidate, connect, and organize all of the computer applications, data, and business processes (both legacy and new) into a seamlessly interfaced framework of system components?

Enterprise application integration

A multi-module software system designed to manage all aspects of an enterprise usually broken down into modules such as financials, sales, human resources, and manufacturing, is referred to as a(n):

Enterprise resource planning

Instead of completely replacing their systems, organizations often try to use new technology to enhance existing systems. Which of the following is not one of the approaches taken by these organizations?

Enterprise resource planning

The _________ contains the data necessary to conduct day-to-day operations and produce management reports used to oversee day-to-day operations.

Enterprise resource planning system

A process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives is referred to as:

Enterprise risk management

The COSO report, Internal Controls- Integrated Framework, identified interrelated components of internal control. Which of the following is not one of those components?

Enterprise risk management

The rectangle used in an entity relationship diagram is used to represent a(n):

Entity

When discussing entity relationship diagrams, this is considered to be a noun, that represents items in the accounting system:

Entity

This document system is a pictorial representation of the logical structure of databases. It identifies the entities, the attributes of the entities, and the relationship between the entities

Entity Relationship Diagram

This type of system matching takes place without invoices. The receipt of goods is carefully evaluated an, if it matches the purchase order, settlement of the obligation occurs through the system.

Evaluated Receipt Settlement

An It enabled system for purchasing that is an "invoice-less" system is called a(n):

Evaluated receipt settlement

An invoice-less system in which computer hardware and software complete in invoice-less match that is a comparison of the purchase order with the goods received is termed:

Evaluated receipt settlement

Which of the following IT systems is designed to avoid the document matching process and is an "invoiceless" system?

Evaluated receipt settlement

The decision to buy or design software directly follows which step in the system design flowchart?

Evaluation and Selection

The process of assessing the feasibility and fit of each of the alternative conceptual approaches and selecting the one that best fits the organization's needs is called:

Evaluation and Selection

The process of assessing the feasibility and fit of each of the alternative conceptual approaches and selecting the one that best meets the organization's needs is termed:

Evaluation and Selection

There are four primary phases of the IT audit. Which of the following is not one of those phases?

Evidence Audit

Generalized audit software can be used to:

Examine the consistency of data maintained on computer files.

Standard costs are the:

Expected costs based on required resources.

Raw material events can be found in which two processes?

Expenditures and return processes, systems & controls and 2) conversion processes, systems & controls.

E-commerce businesses:

Experience dramatically reduced marketing costs as the result of the expanded market.

This type of audit is performed by independent auditors who are objective and neutral with respect to the company and the information being audited.

External Audit

This computer is similar to a company's intranet except that it does allow access to selected outsiders, such as buyers, suppliers, distributors, and wholesalers

Extranet

Select the correct statement from those provided below.

Extranet access is generally open to select members of the supply chain.

Hardware, software, or a combination of both that is designed to block unauthorized access to an IT system is called:

Firewall

Special journals are created, or established, to record specific types of transactions. Which of the following is not one of the special journals?

Fixed Asset Journal

A detailed listing of the company's fixed assets, divided into categories consistent with the general ledger accounts is called a:

Fixed Asset Subsidiary Ledger

Which of the following is not a part of "adequate documents and records" for fixed assets?

Fixed asset journal

When the data contained in a database are stored in large, two-dimensional tables, the database is referred to as a

Flat file database.

Special journals are:

For regular and recurring transactions.

The use of BPR(Business Process Reengineering) is a two-fold: (1) Aligns business processes with the IT systems used to recorded processes and, (2):

Improves the efficiency and effectiveness of these processes

Internal controls that apply overall to the IT accounting system, that are not restricted to any particular accounting application, are referred to as a(n):

General Controls

Internal controls that apply overall to the IT system are called:

General Controls

The automated controls that affect all computer applications are referred to as:

General Controls

In a manual system, an adjusting entry would most likely be initially recorded in a:

General Journal

Which of the following provides details for the entire set of accounts used in the organization's accounting systems?

General Ledger

Independence in mental attitude is to be maintained in all matters related to the audit engagement. This is one of the generally accepted auditing standards that is part of the:

General Standards

Auditing standards address the importance of understanding both the automated and manual procedures that make up an organization's internal controls and consider how misstatements may occur, including all of the following, except:

How financial statement are printed from the computer

Which of the following is not one of the general types of business processes identified by the testbook?

Human Resource Processes

This department is responsible for maintaining records for each job and each employee within the organization, as well as tracking job vacancies and supporting the company's recruitment efforts.

Human Resources Department

Which of the following activities is not part of the planning component of the logistics function?

Human resource management

The purpose of MRP II was to integrate all of the following into a single database EXCEPT:

Human resources

The department responsible for training production personnel is the:

Human resources department.

The responsible for managing the placement and development of sufficient qualified personnel which includes hiring and training workers as well as maintaining records of their performance is the task of the:

Human resources department.

When payroll is processed using batch processing, which of the following would not be part of the payroll process?

Human resources should prepare control totals and hash totals in order to check the system before the paychecks are generated.

For proper segregation of duties, the department that should authorize new employees for payroll would be:

Human resources.

HTTP stands for:

Hypertext transmission protocol.

Risk assessment is a process designed to:

Identify possible circumstances and events that may affect the business.

When discussing the security of assets and documents, there are many actions that can be taken. Which of the following would not be related to this category of internal control?

Identifying sources of risk and estimating the possibility of that risk

The advantages of cloud-based computing includes all of the following, EXCEPT:

Increased infrastructure - the company has more need for servers and data storage.

Which of the following is NOT a feature of an ERP system's database?

Increased need for data storage within functional areas

Select the correct statement from those provided below.

If sales and inventory are real-time, payroll and production may be batch processing in a well-designed system.

Which of the following statements, regarding ethical considerations in an accounting information system is false?

If there is only one person within the organization with responsibility for maintaining the computer systems, it is not difficult to detect instances of computer fraud

The Evaluation and Selection cycle of the expanded SDLC would not include which of the following steps?

Implement the alternative selected.

An accounting information system serves many functions- which of the following is NOT one of those functions?

Implement the start of a transaction

The big bang approach to implementation means that the company:

Implements all modules and all function areas of the ERP system at one time.

The three major concerns related to database control and security do NOT include:

Inadequate backup.

Financial pressures, market pressures, job-related failures, and addictive behaviors are all examples of which condition of the Fraud Triangle?

Incentive

The reason that detailed data must be collected and stored is: 1. The data must be stored for future transactions or follow-up. 2. The data must be incorporated into the accounting system so that regular financial statements can be prepared. 3. Management needs to examine and analyze data from transactions to operate the organization.

Include 1, 2, and 3 among other reasons.

Which of the following activities in the conversion process does NOT require express authorization?

Initiation of a sales order.

This type of control is intended to ensure the accuracy and completeness of data input procedures and the resulting data:

Input Controls

Field check, limit check, range check and sequence check are all examples of:

Input Validation Checks

Which of the following is NOT an example of a programmed input validation check that would help to detect and prevent keying errors?

Input checks

This type of application control is performed to verify the correctness of information entered into software programs. Auditors are concerned about whether errors are being prevented and detected during this stage of data processing.

Input controls

The forms, documents, screens, or electronic means used to put data into the accounting system are called:

Inputs of the system

A company in Florida provides certified flight training programs for aspiring new pilots of small aircraft. Although awarding a pilot's license requires one-on-one flight time, there is also much preparatory training conducted in classroom settings, The company needs to create a conceptual data model for its classroom training program, using an entity-relationship diagram. The company provided the following information: Floridian Flight, Inc. has 10 instructors who can tach up to 30 pilot trainees per class. The company offers 10 different courses, and each course may generate up to eight classes. Identify the entities that should be included in the entity-relationship diagram:

Instructor, Course, Enrollment, Class, Pilot Trainee

Which of the following computer assisted auditing techniques allows fictitious and real transactions to be processed together without client personnel being aware of the testing process?

Integrated test facility

Which of the following is one of the disadvantages to batch processing?

Integration across business processes is difficult in legacy systems that are batch oriented

The proper sequence of events for the accounting cycle is:

Journalize, post, trial balance, adjusting entries, financial statements, and closing entries

Closing entries are:

Journalized in the general journal.

Which of the following represents a method of managing inventory designed to minimize a company's investment in inventories by scheduling materials to arrive at the time they are needed for production?

Just-in-time (JIT)

Flat file records are:

Kept is sequential order.

A cash payment made by a vendor to an organization's employee in exchange for a sale to the organization by the vendor is termed:

Kickback

Database security includes all EXCEPT:

LAN structure.

The standard format for common forms used in the United States for electronic data interchange (EDI) data transmission is divided into three parts. Which of the following is one of those "parts"?

Labeling Interchanges

When PCs are used for accounting instead of mainframes or client-server system, they face a greater risk of loss due to which of the following:

Lack of backup control

Manufacturing has changed in recent years as a result of each of the following factors except:

Lack of economic prosperity

A situation where the organization's cash is stolen after it is entered in the accounting records is termed:

Larceny

Within the conversion processes, systems and controls result from transactions that are:

Large volumes of daily materials transactions.

Within the revenue and return processes, systems and controls result from transactions that are:

Large volumes of daily sales and cash inflow transactions.

This term refers to moving the current accounting period's cut-off date forward to include sales that correctly occur in a future period. This activity occurs so that the selling company can inflate their sales in the current period.

Leaving sales open

This piece of audit evidence is often considered to be the most important because it is a signed acknowledgment of management's responsibility for the fair presentation of the financial statements and a declaration that they have provided complete and accurate information to the auditors during all phases of the audit.

Letter of Representation

To prevent issues with segregation of duties within an ERP system, the system may do which of the following?

Limit the types of transactions each employee can perform.

Corporations with complex IT systems:

May automate their investment process.

Segregation of duties:

May be more difficult in less complex computerized accounting systems.

Financial statements:

May contain condensed data from the general ledger.

ERP implementation:

May install only selected modules.

Which of the following is one of the disadvantages of maintaining the legacy systems?

May not easily run on new hardware

Periodic inventory systems:

May not reflect current inventory levels.

Variances:

May not result in any changes in the logistics function.

Distributed data processing and databases:

May require management to enforce hardware and software configuration policies.

Which of the following is an example of a B2B transaction?

McDonalds placing an order for more hamburger rolls through their company computer

Which of the following best describes what is meant by the term "generally accepted auditing standards"?

Measures of the quality of an auditor's conduct carrying out professional responsibilities.

Personnel records will typically include all of the following, except:

Medical history subsequent to hiring

Each of the following companies was involved in fraudulent financial reporting during 2001 and 2002, except:

Microsoft Corporation

When categorizing the accounting software market, a company with revenue of $8 million most most likely purchase software from which segment?

Midmarket

A company's cash custody function should be separated from the related cash recordkeeping function in order to:

Minimize opportunities for misappropriations of cash

The theft of any item of value is referred to as:

Misappropriation of assets

Business process reengineering means:

Modifying business processes to take advantage of the capabilities of the ERP system.

The ongoing review and evaluation of a system of internal control is referred to as:

Monitoring

The activity in the conversion process that does NOT require express authorization is the:

Movement of production pieces from one stage of production to the next.

An example of many-to-many relationship would be:

Multiple vendors for multiple items.

The various types of online analytical processing (OLAP) does NOT include:

NOLAP - Notational online analytical processing.

The Internet backbone is the network between:

National backbone providers.

Y2K compatibility issues arose because:

Old computer systems kept dates in mm/dd/yy formats.

The internal control process of requiring the payroll register to be reconciled with the time sheets, will help to minimize the risk of:

Omitted paychecks

The internal control process of having the receiving reports prepared on pre-numbered forms so that the sequence of receipts can be reviewed for proper recording will help to minimize the related risk of:

Omitted purchases

The internal control process that requires vendor statements to be reviewed monthly and reconciled with accounts payable records, will help to minimize the risk of:

Omitted returns

The comparison of the shipping records with the sales journal and invoices is completed to minimize the related risk of:

Omitted transactions

The internal control process of computing and recording the gains/losses for all fixed asset disposals will minimize the risk of:

Omitted transactions

The preparation of deposit slips on prenumbered forms will help to minimize the related risk of:

Omitted transactions

The preparation of packing lists and shipping records on prenumbered forms will help to minimize the related risk of:

Omitted transactions

The preparation of production orders and routing slips on prenumbered forms minimizes the related risk of:

Omitted transactions

The internal processes of e-business do NOT include:

On-line sales to customers.

Which of the following scenarios does NOT impair the independence of a CPA firm from its client?

One of the auditors owns stock in a competitor of the client

Vertical integration of the supply chain occurs when:

One organization owns the supply chain from raw materials through distribution and sales.

Within the logistics function, segregation of duties means:

One person should not have both inventory and accounting responsibilities.

Management fraud may involve:

Overstating revenues

Each of the following items would likely be found in an employee's personnel records related to the initial hiring, except:

Overtime and commission rates

The advantage of client-server computing is:

PC clients perform as "smart" terminals that can accomplish some share of the process tasks

The proper actions and capabilities is:

Packet switching divides large messages into small bundles for tr ansmission while routers determine the best path through the network.

A ________ is prepared by warehouse personnel and lists all items included in a shipment.

Packing slip

This document, prepared by the vendor, is intended to show the quantities and descriptions of items included in the shipment.

Packing slip

Which of the following is not a document that is part of the cash collection process?

Packing slip

This is one of the computer-assisted audit techniques related to processing controls that involves processing company data through a controlled program designed to resemble the company's application. This test is run to find out whether the same results are achieved under different systems.

Parallel Simulation

A system conversion method in which the old and the new systems are operated simultaneously for a short time.

Parallel conversion

Which of the following is not part of the system design phase of the SDLC?

Parallel operation

Which of the following computer assisted auditing techniques processes actual client input data (or a copy of the real data) on a controlled program under the auditor's control to periodically test controls in the client's computer system?

Parallel simulation

Which of the following is NOT one of the rules for the effective use of passwords?

Passwords should not be case sensitive

Payroll transactions are considered:

Periodic events.

Within the administrative processes, systems and controls result from transactions that are:

Periodic.

Appropriate information for a medical facility would NOT include:

Personal spending habits.

Which of the following departments or positions most likely would approve changes in pay rates and deductions from employee salaries?

Personnel

A system conversion method in which the system is broken into modules, or parts, which are phased in incrementally and over a longer period.

Phase-in conversion

Input controls of the IT system would include all of the following EXCEPT:

Physical access controls

Which of the following statements regarding the maintenance of adequate records and documentation in the cash disbursement process is NOT true?

Physical controls should be in place in the areas where cash is retained and disbursed.

This item documents the quantities and descriptions of items ordered. Items from this document should be pulled from the warehouse shelves and packaged for the customer.

Pick List

Best of breed means:

Picking the best software on the market for a particular type of business process for this size of an organization.

A system conversion method in which the system is operated in only one or a few sub-units of the organization.

Pilot conversion

As a metalanguage, XML:

Places a data tag that the beginning and end of each data item identifying the contained data.

The component of the logistics function that directs the focus of operations is the:

Planning component.

The component of the logistics function that directs the focus of operations is referred to as:

Planning.

Capital budgeting:

Plans the capital resources needed to support operations.

Databases that reside in the cloud are called Database as a Service (DaaS). Sometimes the database is combined with an operating system and is referred to as:

Platform as a Service

A method of using hardware and software that captures retail sales transaction by standard bar coding is referred to as:

Point of Sale System

This type of highly integrated IT system processes sales at a cash register in retail stores.

Point of sale

This term refers to a system of hardware and software that captures retail sales transactions by standard bar coding

Point of sale system

Which of the following types of employees are typically required to prepare very detailed (to- the-minute) time reports, identifying the types of projects worked on and the exact time spent on each?

Production employees

The form that authorizes production activities for a particular sales order or forecasted needs is referred to as the:

Production orders.

Which of the following correctly states a reconciliation process to be completed related to payroll?

Production reports to the general ledger.

This schedule outlines the specific timing required for a sales order, including the dates and times designated for the production run.

Production schedule

The operations component of the logistics function has which of the following elements?

Production.

This concept means that the auditors should not automatically assume that their clients are honest, but that they (the auditors) must have a questioning mind and a persistent approach to evaluating evidence for possible misstatements.

Professional Skepticism

In the detailed design stage of systems design it is necessary that the various parts of the system be designed. The parts of the system to be designed at this point would include all of the following, except:

Program Code

Accountants have some form of use of the AIS in all but which role?

Programmer

The existence of IT-based business processes, that result in the details of the transactions being entered directly into the computer system, increases the likelihood of the loss or alternation of data due to all of the following, except:

Programmer Incompetence

Accountants have several possible roles related to accounting information systems. Which of the following is not normally one of those roles?

Programmer of the AIS

All of the following are implementation of software systems EXCEPT:

Progressive implementation.

The analytics module of an ERP system such as SAP would include all of the following EXCEPT:

Project portfolio management

A source document serves important functions in the accounting system. which of the following is not one of those functions?

Provides the output data for financial reports

This organization, established by the Sarbanes-Oxley Act, was organized in 2003 for the purpose of establishing auditing standards for public companies.

Public Company Accounting Oversight Board

This form of encryption uses a public key, which is known by everyone, to encrypt data, and a private key, to decode the data

Public key encryption

The form, or source document, that conveys the details about a customer's order, prepared by the customer, is referred to as:

Purchase Order

A company may reject goods received due to a number of reasons. The process related to this is referred to as:

Purchase Returns

A record keeping tool used to record purchases in a manual accounting system. This "tool" would consist of recording all of the purchased orders issued to vendors in a chronological order.

Purchase journal

The business processes that are common in company-to-company sales business are divided into three groups. Which of the following is not one of those groups?

Purchase of inventory, including ordering, delivery, and billing

Routine business transactions would include which of the following?

Purchase of merchandise inventory.

This form is issued by the buyer, and presented to the seller, to indicate the details for products or services that the seller will provide to the buyer. Information included on this form would be: products, quantities, and agreed-upon prices.

Purchase order

It is important that documentation support or agree with an invoice before payment is approved and a check is issued. Which documents should be matched to make sure that the invoice received relates to a valid order that was placed and that the goods were received?

Purchase order, receiving report, and invoice.

A company's database contains three types of records: vendors, parts, and purchasing. The vendor records include the vendor number, name, address, and terms. The parts records include part numbers, name, description, and warehouse location. Purchasing records include purchase numbers, vendor numbers (which reference the vendor record), part numbers (which reference the parts record), and quantity. What structure of database is being used?

Relational

Database management systems are categorized by the data structures they support. In which type of database management system is the data arranged in a series of tables?

Relational

ERP software operates on a(n) _________ database

Relational

A collection of data stored in several small two-dimensional tables that can be joined together in many varying ways to represent many different kinds of relationships among the data is referred to as a(n):

Relational Database

Which type of database is the most widely used database structure today?

Relational databases

The diamond used in an entity relationship diagram is used to represent a(n):

Relationship

The documentation accompanying payment that identifies the customer account number and invoice to which the payment applies is referred to as a(n):

Remittance Advice

A tear-off part of a check that has a simple explanation of the reasons for the payment is called:

Remittance advice

Companies who provide mobile devices for employees, normally has a policy that allows the company's IT professional to remove company data and applications from the mobile device. This process is referred to as:

Remove wipe

Which of the following is NOT a benefit of the electronic transfer of payroll funds?

Removes the need for bank statement reconciliations

The process of risk assessment would include all of the following actions, except:

Report the risks to the audit committee

The general guidelines, known as the generally accepted auditing standards, which include the concepts of presentation in accordance with the established criteria, the consistent application of established principles, adequate disclosure, and the expression of an opinion, relate to the:

Reporting Standards

Variances:

Represent the differences between actual costs and the standard costs applied.

The primary key of a relational database:

Represents a value that is used to sort, index, and access records with.

This document is sent to each software vendor offering a software package that meets the user and system needs and is sent to solicit proposals.

Request for Proposal

Just-in-time (JIT) production systems:

Require closely controlled inventory levels.

Capital or investment processes:

Require established procedures and internal controls even though they are considered infrequent events.

Which of the following is a characteristic of a non-routine transaction?

Required to have specific authorization.

Select the false completion to the statement which starts "A computer-based conversion process:"

Requires less data input into the system.

Data normalization:

Requires repeated groups to be deleted from the same column.

Capital or investment processes:

Requires the specific approval of top management or board of directors.

Which of the following processes focuses on product improvement?

Research and development

The responsibility to conduct make/buy decisions is usually given to:

Research and development.

Security of assets and documents include all of the following except:

Restricted movement of office supplies.

During the 1970s and 1980s, the ARPANET was:

Restricted to universities, libraries, and research organizations.

Organizational benefits of ERP implementation include all EXCEPT:

Retaining long-held work patterns and work focus.

Circumstances within a company, related to sales returns, that indicate a high level of risk include all of the following, except:

Returns are received a one location with credit memos issued at the same location.

For proper segregation of duties in cash disbursements, the person who signs checks also:

Returns the checks to accounts payable.

The expenditure and return process is similar to the _______ process, except that goods and cash flow in the opposite direction.

Revenue

When a company receives returned goods from a customer, the business process to accept the return would most likely be a(n):

Revenue process

When additional procedures are necessary to bring a defective product up to its required specifications, this is referred to as:

Rework.

Which management assertion determines that transactions and related asset accounts balances are actually owned and that liability account balances represent actual obligations?

Rights and Obligations

Over the next few years, spending on ERP systems is expected to:

Rise

The likelihood that errors or fraud may occur is referred to as:

Risk

One of the components of internal control identified by COSO required that management must be considering threats and the potential for risks, and stand ready to respond should these events occur. This component is referred to as:

Risk Assessment

Which of the following is not one of the corporate functions interrelated within the corporate governance system?

Risk Assessment

The range of actions that make up the component of internal control referred to as control activities includes each of the following, except:

Risk assessment

A fraudster uses this to alter a program to slice a small amount from several accounts, crediting those small amounts to the perpetrator's benefit.

Salami technique

A special journal that is used to record sales transactions and is periodically posted to the general ledger.

Sales Journal

A _______ is a credit to the customer account made to compensate the customer for a defective product or a late shipment.

Sales allowance

Interfaces between modules of ERP systems would be accepted for all of the following EXCEPT:

Sales and human resources.

A service firm would focus on:

Sales and project status.

Availability risks, related to the authentication of users would include:

Shutting down the system and shutting down programs

A situation where the organization's cash is stolen before it is entered in the accounting records is termed:

Skimming

Quickbooks and Peachtree would be part of which market segment of accounting software?

Small Segment

This item, that strengthens the use of passwords, is plugged into the computer's card reader and helps authenticate that the use is valid; it has an integrated circuit that displays a constantly changing ID code. These statement describe:

Smart card

This type of client terminal can accomplish some of the processing tasks in a client- server computing network:

Smart terminal

Which of the following is not an example of physical characteristics being used in biometric devices?

Social security number

There are a number of cloud computing services, and one of those services is called SaaS. This acronym stands for:

Software as a Service

Database management systems, DBMS, is (are):

Software that manages a database and controls access and use of data

The study of the current system to determine the strengths and weaknesses and the user needs of that system is called:

Systems Analysis

This phase of SDLC requires the collection of data about the system and the careful scrutiny of those data to determine areas of the system that can be improved.

Systems Analysis

The creation of the system that meets user needs and incorporates the improvements identified by the systems analysis phase is called:

Systems Design

The formal process that many organizations use to select, design, and implement IT systems is the:

Systems Development Life Cycle

The set of steps undertaken to program, test, and activate the IT system as designed in the system design phase is called:

Systems Implementation

The evaluation of long-term, strategic objectives and prioritization of the IT systems in order to assist the organizations in achieving its objectives is called:

Systems Planning

This phase of SDLC involves the planning and continuing oversight of the design, implementation, and use of the IT systems.

Systems Planning

Which is the correct flow of the SDLC?

Systems Planning, Systems Analysis, Systems Design, Systems Implementation, Operation and Maintenance

The phases of the SDLC include all of the following except:

Systems Purchasing

Which phase of the system development life cycle includes determining user needs of the IT system?

Systems analysis

Which of the following must a company have in place to capture, record, summarize and report transactions?

Systems and processes

The network lines that are used to connect regional ISPs to the backbone are usually:

T3 Lines

Structured query language (SQL):

Takes advantage of the primary record key to link tables.

Scheduling:

Takes into consideration all the open sales orders.

Which of the following statement is false related to client-server computing?

Tasks are assigned to either the server or the client based on the size of the task

The assessment of the realism of the possibility that technology exists to meet the need identified in the proposed change to the IT system is called:

Technical Feasibility

Which of the following feasibility aspects is an evaluation of whether the technology exists to meet the need identified in the proposed change to the IT system?

Technical feasibility

The work arrangement where employees work from home using some type of network connection to the office is referred to as:

Telecommuting

Each of the following are methods for implementing a new application system except:

Test

The most common way to test software is to use which of the following?

Test Data

Audit procedures designed to evaluate both general controls and application controls are referred to as:

Test of Controls

Studies show:

That for day-to-day operations unit data is the critical element.

The additive characteristic means:

That if the preceding rules are met, the rule can be met.

The acquisition of materials and supplies and the related cash disbursements is referred to as:

The Procurement Process

The choice of accounting information system will depend on all of the following except:

The ability of the company to capture information

The shortcomings of a spreadsheet-based system include all of the following, except:

The abundance of fixed asset data

Documentation of the accounting system allows:

The accountant to analyze and understand the procedures and business process and the systems that capture and record the accounting data

In order to master risks and controls and how they fit together, which of the following is NOT one of the areas to fully understand?

The accounting information system

IT systems have dramatically affected many aspects of business. Which of the following is not one of the changes?

The accounting information that is reported by the system

Internal controls related to the purchase returns would include all of the following, except:

The accounts payable employee who prepares the debit memo should also be responsible for handling the inventory and approving the return

The factor that does NOT affect internal reports is:

The audit status of the organization.

The IT auditing approach referred to as "Auditing through the system" is necessary under which of the following conditions?

The auditor wants to test computer controls as a basis for evaluating risk and reducing the amount of substantive audit testing required.

The advantage of "best of the breed" is:

The best functionality of a unique process of the organization.

The audit practice of "auditing around the computer" is also referred to as:

The black box approach

Standard costs take into consideration all of the following except:

The cost of the sales manager's salary.

The data in the data warehouse are said to be enterprise-wide because:

The data are pulled from each of the operational databases and maintained in the data warehouse for many fiscal periods

Within an ERP program:

The data warehouse contains five to ten years of transaction histories.

Select the true statement from those provided below.

The data warehouse has five to ten years of data while the operational database has current year data.

Within the revenue processes, a signed approval of a sales order indicates all of the following except:

The date of delivery.

Which of the following would represent proper segregation of duties?

The employee who opens mail containing checks prepares a list of checks received.

Good corporate governance depends mainly upon ________.

The ethical conduct of management

The systems transition responsible for moving business processes from an internal management perspective to an interactive, internal, and external perspective is?

The evolution of ERP systems into ERP II systems

Which of the following statements is NOT true regarding source of capital transactions?

The fact that these transactions and processes cannot occur without oversight by top management means other controls are not necessary.

As computerized accounting systems get more and more complex and integrated:

The level of authorization for posting gets lower in the level of responsibilities.

The four general purpose financial statements are:

The four general purpose financial statements are:

Regarding subsidiary ledgers and general ledger control accounts, which of the following is NOT true?

The general ledger maintains details of subaccounts.

Factors that indicate the need for internal controls over fixed assets processes include all of the following, except:

The high cost of assets

The control environment component of internal control was identified to have a number of different factors. Which of the following is NOT one of those factors?

The identification of sources of risk

Which of the following is not considered a cause for information risk?

The information has been tested by internal auditors and a CPA firm.

The two tiers of ERP systems are:

The large, multinational corporation tier and the midsize business tier.

Benefits of an ERP system include all of the following EXCEPT:

The real-time nature of processing increases the total processing time.

Internal control is strengthened by the use of a blind purchase order, upon which the quantity of goods ordered is intentionally left blank. This blind copy is used in which department?

The receiving department.

Select the correct statement from those provided.

The relational database model is more flexible in its queries than the hierarchal mode.

Which of the following statements best describes the risks of ERP systems?

The risks of implementing and operating ERP systems are nearly identical to the risks of implementing and operating IT systems.

The issuance and movement of materials into the various production phases is referred to as:

The routing process.

Which document provides the descriptions and quantities of materials taken into production for a specified sale or other authorized production activity?

The routing slip.

Which of the following is not an independent verification related to cash disbursements?

The stock of unused checks should be adequately secured and controlled.

If a manufacturing company's inventory of supplies consists of a large number of small items, which of the following would be considered a weakness in internal controls?

The stores function is responsible for updating perpetual records whenever inventory items are moved.

Select the true statement from the following:

The strength of Peoplesoft is its human resources capabilities.

Which of the following would be considered a vendor fraud?

The submission of duplicate or incorrect invoices

To ensure that all credit sales transactions of an entity are recorded, which of the following controls would be most effective?

The supervisor of the billing department matches prenumbered shipping documents with entries recorded in the sale journal.

Which of the following is not true of the supply chain?

The supply chain excludes customers

Which of the following is one of the advantages of maintaining a legacy system?

The system often supports unique business processes not inherent in generic accounting software

Organizations are often reluctant to abandon their legacy systems because:

The system was customized to meet specific needs

Examples of employee initiated fraud would NOT include:

The theft of cash or checks from the mailroom.

IT Controls can be divided into two categories, general controls and application controls. Which of the following is an example of a general control?

The use of passwords to allow only authorized users to log into an IT-based accounting system

IT Controls can be divided into two categories, general controls and application controls. Which of the following is an examples of a general control?

The use of passwords to allow only authorized users to log into an IT-based accounting system

When transactions are posted in a computerized accounting system:

The user can select which batches of transactions to post.

When a sales transaction has been authorized, by the signature of the designated employee, it means that the designated employee has done all of the following, except:

The vendor's credit has been approved

Which of the following is NOT part of an administrative process?

The write-off of bad debts

Accounting software traditionally uses two different types of files. The file type that is the set of relatively temporary records that will be process to update the permanent file is referred to as a(n):

Transaction File

The information from a purchase must flow into the purchase recording systems, the accounts payable and cash disbursement systems, and the inventory tracking systems. In an IT accounting system, these recording and processing systems are called:

Transaction Processing Systems

When a sale occurs, the information resulting from that sale must flow into the sales recording systems, the accounts receivable and cash collection systems, and the inventory tracking systems. In IT accounting systems, these recording and processing systems are referred to as:

Transaction Processing Systems

In automated accounting:

Transaction information may be held in a special module awaiting posting.

What common characteristic is shared by both online processing and real-time processing?

Transactions are entered and processed individually

Internal processes of the organization include all of the following EXCEPT:

Transactions involving suppliers.

Which of the following is a risk that may affect the revenue and cash collection process?

Transactions may be recorded in the wrong amount

Each category of processes in the typical purchasing system would include controls and risks. For each of the categories, the goal of the internal controls system is to reduce specific types of business risks. Which of the following is not one of those risks?

Transactions properly accumulated or transferred to the correct accounting records.

The risks that may affect the revenue and cash collection processes include all of the following, except:

Transactions recorded by the wrong company.

TCP/IP is:

Transmission control protocol/Internet protocol.

Which of the following items is not one of manual records in a manual accounting systems?

Trial Balance

Which of the following symbols would not be seen in a process map?

Triangle

A small, unauthorized program within a larger legitimate program, used to manipulate the computer system to conduct a fraud is referred to as a(n):

Trojan horse program

Which of the following would be referred to as a common carrier?

Trucking company

A benefit of a company accounting for their documents in a numerical sequence is that it is much easier to see if a document or documents are missing.

True

A business process has a well-defined beginning and end

True

A challenging area of payroll computation is computing the amount of deductions related to each employee's pay.

True

A character is a single letter, number, or symbol.

True

A cloud-based ERP system will require less infrastructure at the company.

True

A code of ethics should reduce opportunities for employees to conduct fraud if management emphasizes the cost and disciplines or discharges those who violate it

True

A company is more likely to implement internal controls if they view the cost of the controls to be less than the benefits provided.

True

A computer network coving a small geographic area is referred to as a LAN

True

A field is a set of characters that fill a space reserved for a particular kind of data.

True

A firewall can prevent the unauthorized flow of data in both directions

True

A good set of internal controls may not be as effective in reducing the chance of management fraud as it would be in reducing the chance of fraud committed by an employee

True

A hiring decision normally occurs as the result of an interview or interviews and is documented on a signed letter and / or signed employment contract.

True

A protocol is a standard data communication format that allows computers to exchange data.

True

A purchase requisition is essentially an internal document, one that does not go outside the company, whereas a purchase order is an external document, which will be presented to an entity outside the company.

True

A record is the entire set of fields for a specific entity.

True

A relational database stores data in two-dimensional tables that are joined in many ways to represent many different kinds of relationships in the data.

True

A sample is random when each item in the population has an equal chance of being chosen.

True

A system of local area networks connected over any distance via other net work connections is called a WAN, or wide area network

True

A validity check is an example of an input application control

True

A web server is a computer and hard drive space that stores web pages and data.

True

Absorption costing involves the inclusion of both variable and fixed costs in the determination of unit costs for ending inventories and cost of goods sold.

True

When the manager of the primary users of the system is satisfied with the system, an acceptance agreement will be signed , the enforce of which makes it much more likely that project teams will seek user input and that the project team will work hard to meet user needs.

User Acceptance

During the operation of an IT system, it is necessary that regular reports are received by management to monitor the performance of the system. These reports would include all of the following, except:

User Acceptance of the IT System

HTML allows:

User level computers a way to display information the way it was intended to be displayed.

The assigning of access and authority for a specific user ID is called a ________.

User profile

This should be established for every authorized user and determines each user's access level to hardware, software, and data according to the individual's job responsibilities

User profile

A company has stated that the main strategic objective is to improve the accounts payable function within the organization. There are limited resources for IT upgrades and modifications. The IT governance committee has received IT update requests from the public relations department, human services, and vendor satisfaction department. Given this information, which would likely be the first upgrade implemented?

Vendor satisfaction would be first because it would be most in line with the strategic objective of the company.

Common types of independent checks within the revenue process include all of the following, except:

Verification of the bank statement and the cash account in the general journal.

Which of the following displays the correct order of operations within the Sales Process?

Verify Prices, Prepare Sales order, verify credit limit, verify item is in stock

Client systems usually rely on the network for all EXCEPT:

Video presentation.

Which of the following is not a method of data input?

Viewed on the screen

Authorized employees may need to access the company IT system from locations outside the organization. These employees should connect to the IT system using this type of network

Virtual private network

The type of network uses tunnels, authentication, and encryption within the Internet network to isolate Internet communications so that unauthorized users cannot access or use certain data

Virtual private network

A self-replicating piece of program code that can attach itself to other programs and data and perform malicious actions is referred to as a(n):

Virus

A company must have systems in place to accomplish all of the following except:

Vocalize data.

The process of proactively examining the IT system for weaknesses that can be exploited by hackers, viruses, or malicious employees is called:

Vulnerability assessment

This method of monitoring exposure can involve either manual testing or automated software tools. The method can identify weaknesses before they become network break-ins and attempt to fix these weaknesses before they are exploited

Vulnerability assessment

Auditors may send text messages through a company's system to find out whether encryption of private information is occurring properly. In addition, special software programs are available to help auditors identify weak points in a company's security measures. These are examples of:

Vulnerability assessments

These tests of security controls analyze a company's control environment for possible weaknesses. Special software programs are available to help auditors identify weak points in their company's security measures.

Vulnerability assessments

The examination of the system to determine the adequacy of security measures and to identify security deficiencies is called:

Vulnerability testing

A character is to a field as

Water is to a pool.

Potential variations in conditions that are used to understand interactions between different parts of the business is referred to as:

What-if simulations.

Corrections to posting errors are made:

When discovered.

Data redundancy occurs:

When inventory has the same data in its files as sales has in its files.

A group of LANs connected to each other to cover a wider geographic area is called a:

Wide area network

This encryption method, used with wireless network equipment, is symmetric in that both the sending and receiving network nodes must use the same encryption key. It has been proven to be susceptible to hacking

Wired Equivalency Privacy (WEP)

This encryption method requests connection to the network via an access point and that point then requests the use identity and transmits that identity to an authentication server, substantially authenticating the computer and the user

Wireless Protection Access (WPA)

Information captured by a system is generated by financial transactions:

Within the organization and between an organization and its customers and vendors

Spending on ERP systems increased or decreased based on several factors. These factors include all of the following EXCEPT:

Y2K compliance concerns

When a valid URL is entered into your web browser:

Your computer will send an http command to a web server, directing the server to find and transmit the web page requested.

Which of the following is least likely to be an output of the accounting information system?

a bar code

Which of the following is not a good example of an effective password?

a1b2c3

In the cash receipts process, what must take place directly after preparing the cash receipts journal?

both A and B

Which of the following documents will be received by a customer after a sale?

monthly account statement

In the case of a manual accounting system, wages and payroll deductions would not be posted to the general ledger until the ________ forwards a signed journal voucher, giving the authorization.

payroll department


Kaugnay na mga set ng pag-aaral

Property/Casualty CH.6 EXAM QUESTIONS

View Set

Africa's Climate & Vegetation Reading Notes (Ch. 18.2)

View Set

Starting Out with Python, 2e Chapter 13 (Ch.12)

View Set

Orion Series 65 Quick Quiz 14, 15, 16, & 17

View Set