ACC 3202 Final
When management designs and implements effective administrative processes:
A budgeting process is a method of corporate governance.
Within ERP systems:
A single user with a password may be authorized to purchase and receive the item.
In addition to fraud, there are many kinds of unethical behaviors related to computers. Which of the following is one of those behaviors?
All of the above
The risk of an unauthorized user gaining access is likely to be a risk for which of the following areas?
All of the above
There are number of advantages to cloud computing. Which of the following is one of those advanatges?
All of the above
Unchecked risks and threats to the IT system could result in:
All of the above
Automatic integrated backup means:
All of the above are correct.
Structured data:
All of the above are true of structured data
A bank would consider which of the following as nonprivate information? A. Customer name. B. Customer address if the customer is a business.
All of the above, A, B, and C, are private and privileged types of information.
B2C e-commerce requires:
Access to the Internet.
Bank reconciliation tasks include:
Both of the above
The main reasons that it is necessary to study information-based processing and the related audit function include:
Both of the above.
The common element in B2B and B2C is:
Both require access to the business's website.
Select the true statement from those given below.
Both the capital process and the investment process require top management approval.
When absorption costing is used:
Both variable and fixed costs are included in unit costs.
The purposeful and organized changing of business processes to make the processes more efficient is known as:
Business process reengineering
Production orders:
Authorize production activities for a particular need or order.
After the accounting information has been input into the accounting system, it must be processed. Process accounting data involves:
Calculations, classification, and summarization
This phase of the fixed asset processes relates to those required to maintain accurate and up-to- data records regarding all fixed assets throughout their useful lives.
Continuance
An elaborate system of checks and balances, whereby a company's leadership is held accountable for building shareholder value and creating confidence in the financial reporting processes, is referred to as:
Corporate governance
Factors which adversely affect the implementation of an ERP system do NOT include:
Cost
In order to have the segregation of duties recommended by COSO, it would be necessary for a small organization to hire two additional individuals. At this time, there is not enough work for the one office employee to stay busy. The reason for not hiring the additional people would have to do with:
Cost versus benefit
The maximum dollar amount that a customer is allowed to carry as an accounts receivable balance:
Credit Limit
When two or more people work together to commit a fraud, it is called:
Collusion
Segregation of duties is a fundamental concept in an effective system of internal controls. Nevertheless, the effectiveness of this control can be compromised through which situation?
Collusion among employees
A record pointer is a:
Column value that points to the next address with the linked attribute.
A field is a:
Column within a record.
This type of audit is completed in order to determine whether a company has adhered to the regulations and policies established by contractual agreements, governmental agencies, or some other high authority.
Compliance Audit
To employ analytical processes on the organization's data:
Data mining is performed on the data warehouse.
The procedures to collect and prepare source documents are termed:
Data preparation procedures
A collection of several years' nonvolatile data used to support strategic decision-making is a (n)
Data warehouse.
A collection of data stored on a computer in a form that allows the data to be easily accessed, retrieved, manipulated, and stored is referred to as a(n):
Database
The security of assets and documents would include all of the following, except:
Designated members of management should be assigned responsibility for the disposal of any assets
Which of the following is a correct statement related to segregation of duties related to fixed assets?
Custody of fixed assets is to be separate from the related record keeping
The prevention of industrial espionage is aided by all EXCEPT:
Federal and state laws.
The general guidelines, known as the generally accepted auditing standards, which include the concepts of adequate planning and supervision, internal control, and evidence relate to the:
Fieldwork Standards
When creating or reading a system flowchart, the triangle symbol represents a:
File
Select the correct statement from the following:
Financial statements must be prepared before the closing entries are journalized.
Functions of corporate governance includes all of the following except:
Financial stewardship
The policies and procedures involved in purchasing property; capturing and maintaining relevant data about the assets; paying for and recording the related assets; depreciation and other expenses; and gains or losses are collectively referred to as:
Fixed asset processes
The book of original entry for any transaction not recorded in a special journal is the:
General Journal
In order to achieve the objective of managing risk, management should establish control structures that include, at a minimum:
IT controls, IT governance, corporate governance, and accounting internal controls
Which of the following is not a part of IT performance?
IT security and breach issues
Which of the following statements is false?
IT systems have not had a major impact on the input of data into the accounting information syste,
All of the following are issues with cloud computing except for:
Increased Accessibility
Which of the following is most likely to be an attribute unique to the financial statement audit work of CPAs, compared with work performed by attorneys or practitioners of other business professions?
Independence
This activity serves as a method to confirm the accuracy and completeness of data in the accounting system:
Independent checks
Although there are a number of organizations that provide detailed guidance, it is still necessary for auditors to rely on other direction regarding the types of audit tests to use and the manner in which the conclusions are drawn. These sources of information include:
Industry Guidelines
Value added networks or VANs, features all of the following EXCEPT:
Industry standard.
Regardless of whether the results are printed or retained electronically, auditors may perform all of the following procedures to test application outputs, except:
Integrated Tests
Items associated with equity include all but:
Interest
Which of the following relationships would be allowed for a CPA firm?
Internal audit outsourcing and financial information systems design and implementation.
Select the correct statement from those listed below.
Internal managers need much more frequent and detailed reports than external users.
Which of the following statements about reporting is true?
Internal reports are tailored to the specific needs of each management level and function.
The global computer network, or "information super highway", is the:
Internet
The primary difference between ERP and ERP II systems is that ERP II may include:
Internet EDI
When a company uses the:
Internet for exchanges such as B2C transactions, it must give access to potential customers.
A company's private network, accessible only to the employees of that company is the:
Intranet
A company's computer network uses web servers, HTML, and XML to serve various user groups. Which type of network best serves each of the following users? Employees Suppliers
Intranet Extranet
Which of the following correctly orders the networks from the network that allows access to the least amount of people to the greatest amount of people?
Intranet, Extranet, Internet
The separation of the custody of cash from the accounts receivable record keeping will help to minimize the related risk of:
Invalid cash receipts
In order to help safeguard the processing integrity in an electronic business environment, a company should implement input controls such as field check, validity check, limit check, reasonableness check, and computer logs in order to reduce the risk of:
Invalid data entry
The internal control process that requires that the bank reconciliation be performed monthly, will help to minimize the risk of:
Invalid payments
Investment processes:
Invest excess funds.
Earnings management:
Is the act of misstating financial information.
If one module in the ERP system fails,
It has the potential to stop or disrupt all processes across the entire enterprise
Which of the following is not an advantage of cloud computing when compared to client-server computing?
It increases the amount of computer infrastructure in a company
Which of the following statements is false, related to the authorization of transactions?
It is not possible, nor is it important, to try to ensure that an organization engage only in transactions that are authorized
The objectives of an internal control system include all of the following except:
Maintain ongoing education
This phase of the fixed asset processes relates to discarding fixed assets when they become old, outdated, inefficient, or damaged.
Disposal
Items associated with debt do NOT include:
Dividends
Packet switching is a method of:
Dividing large messages into bundles for transmission over a network.
The unique name that identifies the internet site is referred to as:
Domain name
Five different input methods were identified by the authors. Which of the following is one of those input methods?
EDI
The major difference between EDI and e-business is:
EDI uses dedicated networks and e-business uses the internet
ERP system benefits include all EXCEPT:
ERP systems are configured upon implementation to exceed any reasonable business growth in the future.
Which of the following statements, related to business processes, is false?
Each business process has a direct effect on the financial status of the organization
Operations may be performed by all of the following except:
Each of the above is a valid form of operations.
Physical controls include all but:
Each of the answers, A, B, and C are correct.
Which of the following factors influences the need to safeguard and monitor inventory movement?
Each of the answers, A, B, and C are correct.
Each table in a database must meet all of the following conditions EXCEPT:
Each row must be uniquely named
The falsification of accounting reports is referred to as:
Earnings Management
E-commerce is:
Electronically enabled transactions between a business and its customers.
A control that limits the risk of network break-ins is the coding of data that makes data unreadable to those without the appropriate key. This process does not stop the breaches, but will make the data useless.
Encryption
Closing entries:
End the fiscal period.
A set of processes, software and hardware tools, methodologies, and technologies to integrate software systems is referred to as:
Enterprise application integration
A database is a (n):
Entire set of files.
The theft of proprietary company information is called:
Espionage
As the result of the passage of the Sarbanes-Oxley Act, CPA firms have unlimited ability to provide non-audit services to their audit clients.
False
Auditors must think about how the features of a company's IT systems influence its management assertions and the general audit objectives even though these matters have little or no impact on the choice of audit methodologies used
False
Batch processing occurs when transactions are processed as soon as they are entered.
False
Because of the infrequency of payroll processing and the sequential nature of the payroll process, many companies find that real-time processing is well-suited for payroll activities.
False
Business to business sales on the internet are referred to as e-commerce.
False
Copies of invoices should be filed in the account in alphabetic order by name of the vendors.
False
Data normalization allows repeating groups such as the same vendor name in multiple locations of the primary key field of the same table.
False
Data redundancy occurs when the same customer has more than one database record.
False
E-business is a type of e-commerce
False
Establishing proper processes, internal controls, and ethical guidelines does not lead to better corporate governance, even though it does improve the financial stewardship.
False
General controls are used specifically in accounting applications to control inputs, processing, and outputs
False
General controls relate to specific software and application controls relate to all aspects of the IT environment.
False
If an employee's personal smart phone or tablet is lost or stolen, the company has the right to apply a remote wipe, to remove any company data
False
In XBRL complex financial statements are presented only in a static mode.
False
In order to fulfill the obligations of stewardship and reporting, management has to create a code of ethics
False
It is necessary for an IT system to be networked to an external internet to be open to opportunities for unauthorized access
False
Modular implementation and pilot implementation are both considered methods of implementation.
False
Of all the principles applicable to auditors, the one that generally receives the most attention is the requirement that financial statement auditors maintain integrity.
False
One advantage of the interview process is efficiency.
False
Online processing is best suited to sequential access files
False
Online processing is the opposite of real-time processing
False
Only the purchasing department should authorize the processing of a cash disbursement transaction.
False
Processes in supply chain management involve trading processes from a supplier to a business only.
False
SQL stands for Sequential Query Language.
False
Strong internal controls are just as important for small organizations with few employees paid once per month as it is for large organizations with numerous employees being paid weekly.
False
Substantive tests are also referred to as compliance tests.
False
TCP/IP is an abbreviation for terminal communications protocol/Internet protocol.
False
Telecommuting workers cause two sources of risk exposures for their organizations - the network equipment and cabling in addition to the teleworker's computer - with only "entry- point" being teleworker's computer
False
The AICPA and the Canadian Institute of Chartered Accountants worked together to develop IT guidelines, commonly referred to as COBIT
False
The IT governance committee will be constantly monitoring the IT system to look for fraud and system abuse.
False
The PCAOB/AICPA Code of Professional Conduct is made up of two sections. One section, the rules, are the foundations for the honorable behavior expected of CPAs while performing professional duties.
False
The Sarbanes-Oxley Act decreased management's responsibilities regarding the fair presentation of the financial statements.
False
The accounting department is responsible for implementing internal controls over each business process.
False
The board of directors must decide between debt, assets, or equity for capital funds.
False
The data warehouse is up dated as transactions are processed.
False
The hiring of employees is considered to be a routine process.
False
The individuals who are given the authority to establish sales prices, credit limits, and guidelines for accepting customers should be sure to keep most of the information confidential.
False
The strength of SAP is the human resources aspects of an organization.
False
When files are organized as sequential access, the sequence is normally based on one key record in each file
False
When in the systems design phase and creating an in-house accounting software, the feasibility aspect is the same as in the systems planning stage.
False
When perpetual inventory concepts are utilized, a physical inventory count to determine the quantity of inventory on hand is not required.
False
When safeguarding assets, there is no trade-off between access and efficiency
False
When the customer is billed, the accounts receivable records should be updated to reflect the decreased balance.
False
When using a SQL query language you are restricted to searching two tables for common values such as Vendor Name.
False
With a client/server system all processing is done on the server.
False
ERP modules include all EXCEPT:
Operational database
Fraudsters typically try to justify their behavior by telling themselves that they intend to repay the amount stolen or that they believe the organization owes them the amount stolen. This justification is referred to as:
Opportunity
This type of control is intended to help ensure the accuracy, completeness, and security of outputs that result from application processing:
Output Controls
There are many different types of documentation necessary to operate and maintain an accounting system. These types of documentation include all of the following, except:
Output Examples
General controls in IT systems are divided into five broad categories. Which of the following is NOT one of those categories?
Output controls
When a person alters a system's checks or reports to commit fraud it is referred to as:
Output manipulation
Reports and documents, such as income statements, aged accounts receivable reports, checks, and invoices are referred to as:
Outputs of the system
Which of the process map symbols is used to show the start and / or finish of a process?
Oval
For a given pay period, the complete listing of paychecks for the pay period is a:
Payroll register
Which of the following is not an advantage of fixed asset software systems when compared with spreadsheets?
Manual processes to link to the general ledger.
MRP applications are:
Manufacturing resources planning software
_______ is accomplished through ongoing management activities, separate evaluations, or both
Monitoring
The AICPA's Trust Services Principles practice that states that the organization should have procedures to address privacy related inquiries or disputes is under the title of:
Monitoring and enforcement.
E-commerce business benefits include all EXCEPT:
More rigid advertising and product presentation requirements.
An important requirement of CPA firms is that they must be ________ with regard to the company being audited. The requirement allows CPA firms to provide a completely unbiased opinion on the information it audits.
Neutral
Internal users: 1. Need more frequent reports than external users. 2. Need the same reports as external users to manage the operation. 3. Do not utilize nonfinancial information in the planning and control of operations. 4. Utilize nonfinancial information in the planning and control of operations.
Only 1 and 4.
An ERP system is a software system that provides each of the following EXCEPT:
Physical controls for the prevention of inventory theft.
In a manual system with proper segregation of duties, an employee in the general ledger department should only
Post transactions to the general ledger.
When the proper tone of corporate governance is in place:
Proper stewardship of assets increases.
A request for proposal (RFP) is used during the
Purchase of software
Special journals include the:
Purchases journal.
According to the textbook, after receiving a returned product and checking its condition, all of the following options are available to a company except:
Record an allowance for doubtful accounts on the product
Perpetual inventory systems:
Record changes in inventory categories whenever material is moved from one category to another.
Which of the following is NOT a direct advantage for the consumer from e-commerce?
Reduced order-processing cost
Which of the following is not an objective of IT enablement?
Reduced security problems
Two or more computer network or data servers that can run identical processes or maintain the same data are called:
Redundant servers
Which of the following is not a common form of employee fraud?
Refund fraud
Which of the following is not a part of risk analysis?
Risk management
An electronic hardware device that is located at the gateway between two or more networks is a(n):
Router.
This type of transaction is one that a business encounters on a regular, recurring basis. The volume of the transactions is so large that transactions and the related accounting activities become second nature to the employees responsible for handling them. Specific authorization for each of these transactions is not necessary. The type of transaction referred to is:
Routine transaction
Which company developed the first true ERP system?
SAP
This document is prepared and sent to the customer once the shipment has occurred. The document provides the details of the sale and requests payment.
Sales Invoice
Which of the following two terms both refer to the same document?
Sales order & purchase order
In the context of cloud computing, what does scalability mean for a growing company?
Scalability allows a growing company to purchase new capacity incrementally from a cloud provider
The assessment of the realistic possibility that the proposed IT system can be implemented within a reasonable amount of time is called:
Schedule Feasibility
The process that plans the timing for production activities is referred to as:
Scheduling.
Magnetic tape is a form of
Sequential access media.
Processing of a flat file table is:
Sequential.
Manpower displacement through automation:
Should be a concern of management.
When a person, using a computer system, pretends to be someone else, it is termed:
Spoofing
Within accounts payable, to ensure that each voucher is submitted and paid only once, each invoice approved to be paid should be:
Stamped "paid" by the check signer.
When management has designed, implemented, and continually manages processes and internal controls, it is helping to ensure proper ________.
Stewardship
The responsibility of management to safeguard assets and funds entrusted to them by the owners of an organization is referred to as:
Stewardship Responsibility
The major activities within the conversion process include all but
Strategic planning that supports the company's operational goals.
This type of question is designed such that the format and range of the answer is known ahead of time.
Structured Question
This form of encryption uses a single encryption key that must be used to encrypt data and also to decode the encrypted data
Symmetric encryption
The systematic steps undertaken to plan, prioritize, authorize, oversee, test, and implement large-scale changes to the IT system are called:
System Development Life Cycle
A detailed study of the current system to identify weaknesses to improve upon and strengths that should be maintained is referred to as:
System Survey
Clues that a ghost employee may exist in the company would include all of the following, except:
The personnel file contains no duplicate addresses
Decision makers are typically forced to rely on others for information. When the source of the information is removed from the decision maker, the information stands a greater chance of being misstated. A decision maker may become detached from the source of information due to geography, organizational layers, or other factors. This describes which cause of information risk?
The remoteness of information
Which of the following is not one of broad categories of controls?
The risk of loss due to a natural disaster
An example of vertical integration is a manufacturer who mines the raw materials, produces the product, and then sells it in company owned stores.
True
An intranet is a private network accessible only to the employees of a company.
True
An underwriter is a third party that contracts with a corporation to bring new securities issues to the public market.
True
Companies that reward management with incentives to achieve a growth in earnings is running the risk that management will also have more motivation and pressure to falsify the financial statements to show the higher amounts
True
Company to company sales normally occur on account and involve a time span given for the customer to pay the vendor. The actual number of days will depend on the credit terms and the diligence of the customer concerning on-time payments.
True
Data are the set of facts collected from transactions.
True
Data warehouse files are non-volatile, and not frequently updated while operational databases are updated with each transaction that affects them.
True
Designated members of management should be given the responsibility for authorizing the actual payments and sign their signatures on the face of the check.
True
During the operation phase of the IT system, it is necessary that management receive regular reports that will enable management to determine whether IT is aligned with business strategy and meeting the objectives of the IT system.
True
E-business is the use of electronic means to enhance business processes.
True
E-commerce is electronically enabled transactions between a business and its customers.
True
E-commerce provides the potential for much richer marketing concepts that include video, audio, product comparisons, and product testimonials or product tests.
True
E-mail spoofing is more of an irritation to an organization that a fraud threat
True
Each organization may approach IT governance in a different manner, but each organization should establish procedures for IT governance.
True
Feedback needed by management to assess, manage, and control the efficiency and effectiveness of the operations of an organization relates to both financial and operational information
True
Fixed assets are one area where earnings management may be prevalent due to the judgmental nature of the underlying data.
True
General controls must be tested before application controls.
True
General ledger employees should record journal vouchers, but they should not authorize journal vouchers, have custody of assets, or have recording responsibility for any special journals or subsidiary ledgers.
True
Historically, there have been a large number of cases of fraud, theft, manipulation, and misuse of funds in the areas of payroll and fixed assets.
True
If a vendors waits too long to send the bill to the customer due to the fact that it could cause a delay of the collection of the cash.
True
In order to match company strategy to IT systems, the company needs to have an IT governance committee and a formal process to select, design, and implement IT systems.
True
Integrated IT systems that are used to conduct internet sales in a business to customer manner are referred to as e-commerce.
True
It is necessary to use a computer to accomplish software piracy
True
Random access means that any data item on the storage media can be directly accessed without reading in sequence.
True
The "intercompany" component of electronic data interchange means that two or more companies are conducting business electronically
True
The Internet (interconnected networks) serves as the backbone for the World Wide Web (WWW).
True
The auditor's understanding of internal controls provides the basis for designing appropriate audit tests to be used in the remaining phases of the audit.
True
The corporate governance structure includes internal controls in addition to systems and processes.
True
The customer company, who uses a cloud provides, must have some IT structure to access and use the data stored in a cloud.
True
The economic feasibility study would answer the question about whether the benefits of the proposed IT system outweigh the costs.
True
The major function within the conversion process is the logistics function.
True
Today's ERP systems can be traced back to the first generation of materials requirements planning software.
True
When a client plans to implement new computerized systems, auditors will find it advantageous to review the new system before it is placed in use.
True
When a company is revising systems, there are intangible benefits that are difficult to estimate in dollars. These intangible benefits should be included in the project team's report.
True
When an invoice is paid, it should be canceled to indicate that it has been paid.
True
When audit clients use a database system, the relating data is organized in a consistent manner which tends to make it easier for auditors to select items for testing.
True
When automated matching is used, the system will not approve an invoice for payment unless the items and quantities match with the packing slip and the prices match the purchase order prices
True
Select the true statement from the following.
URL stands for uniform resource locator while http stands for hypertext transmission protocol.
Which of the following internal controls is typically associated with the maintenance of accurate inventory records?
Using physical inventory counts as a basis for adjusting the perpetual records
To maintain adequate records and documents in a manual general ledger system, there are two important requirements. These are:
Well-defined chart of accounts & adequate audit trail
An enterprise resource planning (ERP) system allows a sales representative to provide a customer with all of the following information EXCEPT:
What is the cost of the product?
Which of the following is the most common method of detecting occupational fraud?
Tip from an employee, customer, or vendor
It is the ethical responsibility of employees:
To collect only necessary data from customers
EDI systems have many advantages within the revenue and cash collection processes. Which of the following is not one of those benefits?
Trading partners gaining access to data.
This occurs when the IT system automatically makes a list of users and the actions they take within the IT system.
Transaction Logging
All of the following indicate a high level of risk associated with sales returns, EXCEPT:
Transactions may be recorded in the wrong amount
The human capital management module of an ERP such as SAP would include all of the following components except:
Workforce termination management
An example of a URL is:
http://www.cjb.org.
An example of a domain name is:
jhs-email.com.
Which of the following is not correct regarding the differences in the ways that real-time systems differ from batch systems?
(Real-Time systems)Processing choices are menu-driven (Batch systems)Processing is interactive
Which of the following is the correct chronological order of events in the purchase return process?
1 = receive return authorization; 2 = prepare debit memo; 3 = goods returned; 4 = receive credit or check
Material requirements planning (MRP) software: 1. Calculated raw materials quantities needed for manufacturing. 2. Calculated lead times on raw materials orders. 3. Calculated material needs on accounts payable data.
1 and 2 only
The speed of the U.S. Internet backbone is _______ bytes per second.
1 trillion
The suffix of the domain name will identify the type of organization that owns the rights to that domain. Which of the following is a correct example of the suffix and related organization type?
.gov = governmental organization or unit
According to the textbook, which of the following are the two specific ways in which a company may recognize the need to conduct operations? 1. A sales order is received 2. A sales forecast is made 3. A production schedule is created 4. A physical inventory count is conducted
1 & 2
A system which involves recording purchases of raw materials inventory, recording all the components of work in process, and recording the total cost of sales for products completed and sold is referred to as:
A perpetual inventory system.
Which of the following is the most significant disadvantage of auditing around the computer rather than through the computer?
A portion of the audit trail is not tested.
General controls of the IT system would include all of the following, except:
Accuracy
The risks of e-commerce, or e-business, include all of the following, except:
Accuracy
Application controls of the IT system would include:
Accuracy and Completeness
The main purpose of an audit is to assure users of the financial information about the:
Accuracy and completeness of the information.
Variances represent the differences between:
Actual costs and the standard costs applied.
Many companies use a public cloud computing model for software, data storage or both. Which of the following is an advantage to the public cloud computing model?
All of the above are advantages
The advantages to real-time processing include:
All of the above are advantages
Which of the following is a characteristic of computer fraud?
All of the above are characteristics
Automatic integrated backup
All of the above are correct.
Data reveal relationships between records. These can be thought of as:
All of the above are examples of relationships.
Which of the following is an example of a source document?
All of the above are examples of source documents
Factors that limit the effectiveness of internal controls include all of the following except:
All of the above are factors that limit the effectiveness of internal controls
Which of the following IT controls would NOT be important in an extranet?
All of the above are important IT controls.
In addition to ethical practices, management has an obligation to maintain a set of processes and procedures to assure accurate financial reporting and protection of company assets. This obligation arises because:
All of the above are reasons for the obligation.
There are a number of increased reporting requirements as the result of Sarbanes-Oxley and IFRS. These requirements have made it imperative for companies to:
All of the above are required.
There are many uses of electronic funds transfer related to the payroll process. Which of the following is not one of those uses?
All of the above are uses of electronic funds transfer.
Which of the following company activities would NOT be considered a productive activity?
All of the above, A, B, and C, are considered productive activities.
A proper corporate governance structure must be in place in order to properly deter instances of:
All of the above, A, B, and C, are correct.
General ledger employees should record journal vouchers, but they should not
All of the above, A, B, and C, are correct.
Select the correct statement from the following.
All of the above, A, B, and C, are correct.
The raising of capital:
All of the above, A, B, and C, are correct.
The internal control of cash receipts related to adequate records and documents would include which of the following?
All of the above.
The term conversion processes is often used synonymously with:
All of the above.
Which of the following statements is true regarding an operational database?
An operational database includes data for the current fiscal year and supports day -to-day operations and record keeping for the transaction processing system.
The purpose of this phase is to question the current approaches in the system and to think about better ways to carry out the steps and processes of the system.
Analysis of Systems Survey
Management would use the _____________ module for feedback from the ERP system to assist in the proper management and control of operations.
Analytics
Data mining:
Analyzes past patterns to predict future events.
IT controls can be divided into two categories. Which of the following is a correct statement of one those categories?
Application controls are used specifically in accounting applications to control inputs, processing, and output
The purchase of fixed assets is likely to require different authorization processes than the purchase of inventory. Which of the following is not likely to be part of the authorization of fixed assets?
Approval of the depreciation schedule.
The segregation of duties related to sales returns would ideally separate the function of performing the credit memo activity and all of the following, except:
Approve the credit memos
Which of the following questions is most likely to be found on an internal control questionnaire concerning a company's conversion processes?
Are approved requisitions required when materials are released from the company's warehouse into production?
A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent the flow of data is a(n):
Arrow
The use of the SDLC for IT system changes is important for several reasons. Which of the following is not part of the purposes of the SDLC processes?
As part of the audit of an IT system
Which of the following types of fraud is the most common, according to the Association of Certified Fraud Examiners?
Asset Misappropriation
Economic order quantity (EOQ) is a function:
Associated with inventory control.
Accounting services that improve the quality of information provided to the decision maker, an audit being the most common type of this service, is called:
Assurance Services
A primary objective of output controls would be:
Assure the accuracy and completeness of the output
Transactions are recorded in the special journals and subsidiary ledgers:
At the time of the transaction.
Hierarchal databases:
Are efficient in processing large volumes of transactions with explicit linkages.
Which of the following questions would most likely be included in an internal control questionnaire concerning the completeness of purchasing transactions?
Are prenumbered purchase orders, receiving reports, and vouchers used, and are the entire sequences accounted for?
The transmission of packets:
Are usually sent in sequential order.
The Phar-Mor fraud began when management:
Attempted to make the actual net income match the budgeted amounts
The oval used in an entity relationship diagram is used to represent a(n):
Attribute
When discussing entity relationship diagrams, this is considered to be a characteristic of an entity
Attribute
In database terminology, columns are also called:
Attributes
A type of assurance services that involves accumulating and analyzing support for the information provided by management is called an:
Audit
This phase of auditing occurs when the auditors evaluate all the evidence that has been accumulated and makes a conclusion based on that evidence.
Audit Completion / Reporting
The proof of the fairness of the financial information is:
Audit Evidence
During this phase of the audit, the auditor must gain a thorough understanding of the client's business and financial reporting systems. When completing this phase, the auditors review and assess the risks and controls related to the business.
Audit Planning
Audit tests developed for an audit client are documented in a(n):
Audit Program
The purpose of segregating the duties of hiring personnel and distributing payroll checks is to separate the:
Authorization of transactions from the custody of related assets.
Proper segregation of functional responsibilities calls for separation of the functions of:
Authorization, recording, and custody
A payroll voucher:
Authorizes the transfer of cash from a main operating account to a payroll account
Internal control problems would be likely to result if a company's payroll department supervisor was also responsible for:
Authorizing changes in employee pay rates.
The approval or endorsement from a responsible person or department of an organization that has been sanctioned by top management is the process of:
Authorizing transactions
The category of control activities referred to as segregation of duties requires that certain activities should be the responsibility of different person or department. The three duties that are to be separated are:
Authorizing, recording, and custody
A computer software technique in which the computer software matches a Purchase Order to its related receiving report and invoice is called a(n):
Automated matching
A system of computer hardware and software in which the software matches an invoice to its related purchase order and receiving report is called:
Automated matching
Computerization of the conversion process results in all except:
Automatic computation of materials requirements based on purchase orders.
The risk related to this category of Trust Principles is system or subsystem failure due to hardware or software problems
Availability
There are four primary functions of corporate governance. Which of the following is NOT one of those functions?
Availability
The risk that an unauthorized user would shut down systems within the IT system is a(n):
Availability risk
When a company sells items over the Internet, there are many IT risks. The risk of hardware and software failures that prevent website sales would be a(n):
Availability risk.
Establishing and maintaining a culture where ethical conduct is recognized, valued, and exemplified by all employees can be accomplished by doing all of the following except:
Avoiding some conflicts of interest
When a payment has been made, the cash disbursements clerk will clearly mark the invoice with information pertaining to the date and the check number used to satisfy the obligation. This process is called:
Cancelling the invoice
This document is a financial plan detailing all of the company's investments in fixed assets and other investments.
Capital Budget
The resource management component of the logistics function has all of the following elements except:
Capital budgeting.
The component of internal control, identified in the COSO report, that sets the tone of an organization and includes the consciousness of its employees is:
Control Environment
Not-for-profit organizations would be interested in:
Cash flows, funding sources, and expenditures.
Examples of customer fraud include all of the following except:
Cash fraud
The careful oversight of cash balances, forecasted cash payments, and forecasted cash receipts to insure that adequate cash balances exist to meet obligations is called:
Cash management
The following circumstances may indicate risks related to cash collections, except:
Centralized cash collections
Select the correct statement from the following.
Centralized data processing and databases require dependable and extensive processing power for large organizations.
OBIT is an acronym for which of the following?
Control Objectives for Business and Information Technology
The Trust Services Principles document divided the risks and controls in IT into five categories. Which of the following is not one of those categories?
Certification
GAAS, generally accepted auditing standards, provide a general framework for conducting quality audits, but the specific standards - or detailed guidance - are provided by all of the following groups, except:
Certified Fraud Examiners
Financial statement audits are performed by _________ who have extensive knowledge of generally accepted accounting principles (GAAP) in the US and/or International Financial Reporting Standards (IFRS).
Certified Public Accountants
A company should study risks common to its system prior to deciding the mix of controls needed. High-risk characteristics that might justify the need for extensive internal controls include all of the following, except:
Changes in price or vendors is frequent.
Examples of characteristics that indicate a company may be more risky with respect to the revenue process include all of the following, except:
Changes in sales prices or customers are infrequent.
Goods received are unacceptable due to may different situations. Which of the following is not one of those situations?
Changes in the company needs regarding future sales or production
In response to the need for internal controls above and beyond what was described by COSO, the Information Systems Audit and Control Association developed an extensive framework of IT controls entitled:
Control Objectives for Information Technology (COBIT)
COSO describes five components of internal control. Which of the following terms is best described as "policies and procedures that help ensure management directives are carried out and management objectives are achieved"?
Control activities
The COSO report identified a component of internal control as the policies and procedures that help ensure that management directives are carried out and that management directives are achieved The component is:
Control activities
Management has the responsibility, and the ability, to take action to reduce risks or to lessen the impact al nearly all risks an organization faces. The steps taken by management to lessen to risk or reduce the impact of the risk, are referred to as:
Controls
General controls for an IT system include:
Controls over the physical environment and over the physical access
Which of the following is not a condition in the fraud triangle?
Conversion
An example of concealment would include:
Changing the payee on a check improperly paid by the organization
Which of the following correctly orders the hierarchy of data from smallest to largest?
Character, field, record, file, database
Which of the following is not an advantage to a cloud model of e-mail?
Costs associated with maintaining are higher but are more controllable
The IT governance committee is made up of many different individuals within the organization. Which of the following would not be one of those individuals?
Chief External Auditor
The functional responsibilities within an IT system must include the proper segregation of duties. Which of the following positions is not one of the duties that is to be segregated from the others?
Chief information officer
The AICPA's Trust Services Principles practice that states the organization should ask about the collection, retention, and of the use is under the title of:
Choice and consent
The AICPA's Trust Services Principles practice that states the organization should provide the choice to its customers regarding the collection of data is under the title of:
Choice and consent
In this type of distributed system, each computer or process on the network is either a Client or a server.
Client / Server System
In order to organize the study of accounting information systems, the authors divided the systems in place into three categories. Which of the following is not one of those categories?
Client-Server Systems
This type of computing means that there are two types of computers networked together to accomplish the application processing
Client-Server computing
When an organization has this type of network, there are two types of computers networked together to accomplish the application processing:
Client-server computing
SAP R/3 operates on a:
Client-server environment with open architecture.
In a manual accounting system, the processing of accounting information includes:
Closing the necessary ledger accounts
A contemporary type of computer infrastructure that is used by an increasing number of companies involves the use of shared services, software, and/or data stored on servers at a remote location, which are accessible over a network, is referred to as:
Cloud Computing
The fastest growing area of IT is:
Cloud-based database services
A set of documented guidelines for moral and ethical behavior within an organization is termed a(n):
Code of Ethics
According to the COSO report, there are five different interrelated components of internal control. Which of the following is not one of those five components?
Code of Ethics
The company's development and adherence to this should reduce the opportunities for managements or employees to conduct fraud
Code of ethics
The AICPA's Trust Services Principles practice that states that only the data that is necessary for the purpose of conducting the transaction should be collected is under the title of:
Collection
Jamie Stark, a sales employee, stole merchandise from her employer, and Frank Adams, the accounting clerk, covered it up by altering the inventory records. This is an example of:
Collusion
With the advent of technology, the Internet, and the WWW:
Commerce is moving both from electronic to physical and from physical to electronic.
Which of the following is NOT one of the three components of electronic data interchange?
Commerce- encompasses all forms of electronic trading
A comprehensive report on enterprise risk management was issued by this organization
Committee on Sponsoring Organizations
Intranets are used for each of the following EXCEPT
Communication and collaboration.
Companies should maintain proper security barriers such as firewalls on all of the following except:
Company flash drives
This phase of the systems design for in-house development of software involves the identifying the alternative approaches to systems that will meet the needs identified in the system analysis phase.
Conceptual design
The generally accepted auditing standards are divided into three groups. Which of the following is not one of those groups?
Basic Standards
There are two modes of processing transactions in accounting systems. The mode that requires all similar transactions to be grouped together and be processes at the same time, is referred to as:
Batch Processing
An organization that has applications having large volumes of similar transactions that can be processed at regular intervals is best suited to use which method of processing?
Batch processing
When all similar transactions are grouped together for a specified time and then processed together as a group, the process is referred to as:
Batch processing
When similar transactions are grouped together for a specified time for processing, it is called:
Batch processing
Select the false statement from those provided.
Batch processing has a faster response time than real-time processing due to the grouping of like data items.
A company with revenue of $50 million would be most likely to purchase software from which one of the four market segments?
Beginning ERP Segment
This law, also known as the first-digit law, was named after a physicist who discovered a specific, but non-uniform pattern in the frequency of digits occurring as the first number in a list of numbers:
Benford's Law
Which of the following ERP implementation methods is rarely used today due to its high rate of failure?
Big Bang
More than one-half of ERP implementations by the ________ approach experienced significant failures or problems in the 1990s, and nearly one-third of these implementations abandoned in progress.
Big bang
The terms of agreement between the company and the common carrier are documented in a(n):
Bill of Lading
This document, prepared by the vendor, provides details of the items included in the delivery; and is normally signed by the receiving clerk as verification of receipt.
Bill of lading
The form that specifies the components of a product, including descriptions and quantities of materials and parts needed is the:
Bill of materials.
This type of authentication uses some unique physical characteristic of the user to identify the user and allow the appropriate access to the system
Biometric device
The smallest unit of information in a computer system can have only one of two values, zero or one, and is referred to as a(n):
Bit
The correct order of the computer data hierarchy is:
Bit, byte, field, record, file, database
This document, prepared by the purchasing department, for use by the receiving department, is copy of the purchase order that eliminates all data about the price and quantity of the items ordered.
Blind purchase order
To resolve discrepancies on invoices so that they can be paid on a timely basis, management may issue which of the following?
Blocked invoice Report
Which of the following groups has an ethical obligation to establish the proper tone at the top, strong internal controls, and high ethical standards?
Board of Directors and Management
Long-term debt results from borrowing funds via:
Bonds and loans with payment schedules several years in the future.
Which of the following independent checks would be part of the internal controls for fixed assets?
Book value of the assets should be compared to the insurance records.
Data within an ERP system may be stored in a(n):
Both A & C
Examples of data collection events are
Both A and B are examples of data collection.
The current standard HTML 5 has the following benefits over previous versions:
Both A and C
EDI via ANSI X.12 implementation is hampered by:
Both A and C above are correct answers.
Data in the data warehouse:
Both A and C are correct.
A "Where" condition within a structured query of a relational database:
Both B and C are correct.
A common interest for manufacturing, retail, and service firms is:
Both B and C.
The ways to determine a secure sockets layering connection is:
Both answers, B and C, are correct.
Which of the following statements about payroll and fixed asset processes is true?
Both have routine and non-routine processes
The need to match IT systems to organizational objectives emphasizes the need for the IT governance committee to include top management as its members because:
Both of the above
When attempting to prioritize IT projects, the IT governance committee needs to consider:
Both of the above
IT auditors may need to be called in to:
Both of the above.
Select the correct statement from those below.
Bricks and mortar refer to traditional stores while brick and click businesses are both brick and mortar and e-commerce businesses.
A prescribed sequence of work steps preformed in order to produce a desired result for the organization is called a(n):
Business Process
The fundamental rethinking and radical redesign of business processes to bring about dramatic improvements in performance is called:
Business Process Reengineering
The purposeful and organized changing of business processes to make them more efficient is referred to as:
Business Process Reengineering
The many sets of activities within the organization performed to accomplish the functions necessary to continue the daily operations are referred to as:
Business Processes
When a transaction occurs there are systematic and defined steps that take place within the organization to complete all of the underlying tasks. These "defined steps" are referred to as:
Business Processes
A proactive program for considering risks to the business continuation and the development of plans and procedures to reduce those risks is referred to as:
Business continuity planning
A prescribed sequence of work steps completed in order to produced a desired result for an organization is the definition of:
Business process
Which of the following statements is not true?
Business processes categorized as expenditure processes are not intended to be processes that serve customers
Which of the following is NOT one of the reasons for the increased spending on ERP systems since 2004?
Business processes were separated and standardized.
A unit of storage that represents one character is referred to as a:
Byte
Which of the following terms is most closely related to data redundancy?
Concurrency
If a company stores data in separate files in its different departmental locations and is able to update all files simultaneously, it would not have problems with
Concurrency.
Which of the following is NOT one of the types of input controls?
Confidentiality check
Employee Ethical considerations, related to IT governance, would include which of the following?
Confidentiality for those who serve on the project teams.
The IT system includes this type of table for software, hardware, and application programs that contain the appropriate set-up and security settings
Configuration table
Standardizing data:
Configures all of the data from numerous departments into a single data configuration.
The IT environment plays a key role in how auditors conduct their work in all but which of the following areas:
Consideration of Information Fairness
The _________ is an integrated collection of enterprise-wide data that ideally should include 5 to 10 years of nonvolatile data.
Data warehouse
A large disk storage for accounting and operating data is referred to as a(n):
Database
When a company buys data storage from a cloud provider, the arrangement is referred to as:
Database as a service
A software system that manages the interface between many users and the database is called:
Database management system
The document prepared when purchased items are returned is a(n):
Debit memo
The document that identifies the items being returned, along with the relevant information regarding the vendor, quantity and price, is called:
Debit memo
The sales journal would have columns for a:
Debit to accounts receivable and a credit to sales.
When creating or reading a system flowchart, the diamond represents a(n):
Decision
Advantages of distributed databases include all EXCEPT:
Decreased user involvement.
There are many possible indirect benefits to management when management fraud occurs. Which of the following in not an indirect benefit of management fraud?
Delayed exercise of stock options
The three phases of fixed assets processes, that span the entire useful life of the assets, include all of the following, except:
Depreciation
Management of an internet retail company is concerned about the possibility of computer data eavesdropping and wiretapping, and wants to maintain the confidentiality of its information as it is transmitted. The company should make use of:
Data encryption
Each of the following represents an application of B2C commerce EXCEPT:
Data exchanges.
The process of searching data within the data warehouse for identifiable patterns that can be used to predict future behavior is referred to as:
Data mining
The process of searching for identifiable patterns in data is called:
Data mining
Select the correct statement from the following.
Data redundancy and concurrency are not features of well-designed database management systems.
In the late 1990s, the Y2K compatibility issue was concerned primarily with computer systems':
Data storage
Which of the process map symbols is used to show a point in the process when a decision must be made?
Diamond
A character is a customer, client, or vendor.
False
A cloud provider generally provides only the data storage space.
False
A company is not obligated to pay for goods until 30 days after the goods are received.
False
A corporation's own stock that is repurchased by the company on the open market is a marketable security.
False
A data warehouse is a temperature controlled building where files and records are retained.
False
A database is often less open to unauthorized access than the physical, paper records, because the database has fewer access points
False
A financial statement audit is conducted in order for an opinion to be expressed on the fair presentation of financial statements. This goal is affected by the presence or absence of IT accounting systems.
False
A financial statement audit is part of the IT audit
False
A hacker is someone who has gained unauthorized access to the computer and must be someone outside the organization
False
A method of earnings management is to misclassify capitalized costs as repair and maintenance expenses.
False
A poor control environment can be overcome if the remaining components of internal control are strong
False
A purchase order is essentially an internal document, one that does not go outside the company, whereas a purchase requisition is an external document, which will be presented to an entity outside the company.
False
A reconciliation should be prepared by the same person who is responsible for the recording function.
False
A record pointer identifies a specific record in a flat database.
False
A router is an electronic hardware device that is connected to each computer to connect it to a network.
False
A sophisticated accounting system will provide the necessary accurate and effective feedback needed by management to assess, manage and control the operations of an organization
False
A strength of the supply chain concept is that inconsistencies or poor quality within the supply chain will be compensated by other strengths resulting in an overall satisfactory product.
False
A unique feature of the information contained in an individual personnel file is that it is accessed infrequently but is changed relatively frequently.
False
A user who logs in to the computer-based accounting system to enter invoices should also have access to the portion of the system that would allow her / him to order goods.
False
A vendor audit occurs when a vendor examines the books and records of a customer
False
A web server is a computer and hard drive space that connects to the backbone through lines that have less speed and capacity than the backbone.
False
A well-defined chart of accounts would contain an account titled "Rent."
False
Access to cash collections needs to limited to those who are expressly authorized to record the cash transactions.
False
Access to the operating system will not allow hackers access to the application software or the database
False
According to the 2010 Report to the Nation by the Association of Certified Fraud Examiners, the estimate of global losses due to fraud would total approximately $650 billion
False
According to the ACFE 2010 Report to the Nation, fraudulent financial statements account for less than 5% of the cases, and were the least costly form of fraud
False
Accounting for a fixed asset over the life of the asset would have features of non-routine transactions only.
False
Accounting for fixed assets requires the use of estimates - specifically the cost and the salvage value.
False
Accounting software is available to assist with payroll but it is not very efficient because of all the changes that occur to all payroll variables during the period.
False
All users of financial data - business managers, investors, creditors, and government agencies - have an enormous amount of data to use to make decisions. Due to the use of IT systems, it is easy to verify the accuracy and completeness of the information.
False
As a business grows, the volume and complexity of its transactions increase. At the same timed, there is a decrease in the chance that misstated information may exist undetected.
False
As a rule, the higher the risk, the more controls are generally required and the less costly its accounting system may become.
False
At a minimum, cash receipts should be deposited on a weekly basis.
False
At a minimum, those who handle cash should be the ones to reconcile the bank statement.
False
Auditing testing for any single general auditing objective would involve the same testing techniques even though there are different types of information collected to support different accounts and transactions.
False
Auditing, a monitoring activity, takes place only on a periodic basis
False
Auditors do not need to concern themselves with risks unless there is an indication that there is an internal control weakness.
False
Auditors have the primary responsibility to make sure that they comply with international standards in all cases.
False
Based on the cost/benefit concept, it is not necessary for management to consider the moral implications of replacing human resources with electronic resources.
False
Because conversion processes involve the physical movement of inventory throughout the operating facility and these movements are normally accomplished by material handling personnel the burden of sufficient internal controls is not required.
False
Because different companies conduct business in different manners, there tends to be few similarities in the way the related business processes are carried out.
False
Because intranets do not transmit information through the Internet or WWW they do not use protocols such as TCP/IP.
False
Because of computer interaction and the capability of almost instant verification business across the World Wide Web has a lower probably of fraud, hackers, and compromised customer privacy.
False
Because of regulatory and auditing issues, good corporate governance does not depend upon the ethical conduct of management.
False
Because of their access to the accounting system, internal managers need less detailed reports than external users.
False
Because of their sensitive nature, companies seldom sell or share customer lists or customer data.
False
Because of today's computing power and Internet accessibility, there has been a substantial increase in the use of centralized databases and centralized processing.
False
Because the ERP system will cleanse and correct data errors while importing legacy data into its RDBMS, a minimum of time, effort, and dollars will be spent on data conversion.
False
Because the point-of-sale systems are not normally connected to outside trading partners, they pose fewer risks related to availability.
False
Before ERP software systems, modules such as human resources were in separate software but well integrated with the accounting software
False
Before the paychecks are sent to management for authorization, the human resources department should compare the hours reported on the time sheets with the hours shown on the payroll register.
False
Best of breed means picking the best ERP software on the market for the particular type of business or organization.
False
Billing to the customer should take place prior to shipment so that the customer receives the bill before the merchandise arrives.
False
Biometric devises use unique physical characteristics to identify users. The most common method used is retina scans
False
Business process reengineering takes place at the systems design stage of the SDLC.
False
Business processes in an organization do not include events that are accounting transactions.
False
CRM success depends entirely on the implementation of the software package designed for customer relationship support.
False
Capital usually comes from assets or short-term debt.
False
Cash should be periodically verified by comparing the balance in the check book with the balance in the cash account in the general ledger.
False
Collusion can occur only when two employees who work for the same firm conspire to circumvent the internal controls to commit fraud or theft
False
Companies in the same line of business are not likely to have many differences in their purchasing habits.
False
Control tests verify whether financial information is accurate, where substantive tests determine whether the financial information is managed under a system that promotes accuracy.
False
Corporate governance policies and procedures must be in place to ensure that funds are expended to benefit managers and employees.
False
Corporate governance requires proper financial stewardship, and since inventories, fixed assets, and office supplies are the largest assets reported on a balance sheet, financial stewardship in these areas is especially important.
False
Customizing an ERP system is recommended wherever the business has an existing process to accomplish a goal and that process is not compatible with the ERP system.
False
Data collection in the system survey step of systems analysis involves documentation review only.
False
Data does not need to be stored in most cases.
False
Data mining is the process of searching an operational database for identifiable patterns in the data.
False
Deciphering renders data useless to those who do not have the correct encryption key
False
Defalcation and internal theft are names that refer to the misstatement of financial records
False
Disaster recovery planning is a proactive plan to protect IT systems and the related data
False
Due to interstate trade events and taxation issues the U.S. Government has standardized the definition of e-commerce.
False
Due to the integration of design, ERP systems do not require extensive testing if implementation does not entail best of breed or legacy modules.
False
Due to their level of integration, ERP systems have difficulties in properly segregating duties.
False
During a documentation review, the team would examine only relevant documentation of the proposed upgrade or modification.
False
E-business and EDI have much different advantages and risks to the vendor than what exists for the customer.
False
E-commerce is the use of electronic means to enhance business processes.
False
E-commerce only involves transactions between the business and its customers.
False
ERP applications use modules such as financials, human resources, data warehouse, and analytics.
False
ERP data is stored in both financial and operational databases.
False
ERP implementation costs are kept to a minimum by retaining the legacy computer hardware and operating systems.
False
ERP systems such as SAP normally batch their financial transactions for processing due to the large amounts of data.
False
ERP will automatically track and report any instances where an employee initiates or records an event with conflicting abilities. It is not necessary to configure the system to accomplish this.
False
Each business process has a direct effect on the financial status of an organization
False
Each time a new transaction is completed, parts of the data warehouse must be updated
False
Earnings management related to fixed assets would occur when reducing expenses by decreasing the useful life of the fixed assets.
False
Effective and efficient internal control often takes up valuable management time that could otherwise be spent on attention to revenue growth and cost controls.
False
Either the IT governance or the system development life cycle is necessary in the strategic management of IT systems.
False
Employees are more likely to hide or conceal fraudulent activity in the records of fixed assets and capital acquisition events than elsewhere.
False
Encryption is more important for dial-up networks than for wireless networks
False
Ethical issues related to data utilization are not a consideration for data collection.
False
Even though most companies collect order data from customers, the manner of receiving order data seldom varies.
False
External users need detailed balance information on every existing account in the general ledger.
False
Few accounting information systems rely on computer hardware and software to track business
False
Few deceptions and fraudulent acts in the business and accounting environment relate to revenue measurement and recognition.
False
For any company, and any asset, the method of depreciation and the related estimates (salvage value and useful life) are the same for financial statements and income taxes.
False
For most companies, fixed asset acquisitions are considered to be routine processes.
False
IFRS does not allow as much use of judgment as is allowed under GAAP.
False
IT general controls assist in preventing unauthorized access while providing adequate backup, and are the responsibility of the user.
False
IT governance is an issue for executives and top management. Lower level managers and the board of directors are outsiders in the process.
False
If a company's IT system fails, it would have little or no effect on the company's operations
False
If no source documents are used by the IT system, then the general controls, such as computer logging of transactions, become less important
False
If the operational feasibility determines that the operation will require new training of employees, then the proposed upgrade or modification should be rejected.
False
If the purchasing, receiving, accounts payable, and cash disbursements processes are completed by the same individuals, the internal controls will be stronger because someone in the company will have an overall view of company activities.
False
In a wireless network, signals are transmitted through the air rather than over cables. Anyone who wants to gain access to the network would need to know the password to access these "air- borne" signals
False
In general, designs that require more complex technology have a higher feasibility than designs with less complex technology.
False
In general, purchased software is more costly but more reliable than software designed in- house.
False
In general, the manual input method is less error prone that the electronic methods.
False
In many cases where revenue has been overstated by management, accountants have participated in the deception. Thankfully, once the overstatement has occurred, it will be offset by lower revenues in the subsequent year and normally will not recur.
False
In order for a code of ethics to reduce opportunities for managers and employees to commit fraud, it is necessary that management emphasizes this code. Punishment related to violations of the code are not necessary
False
In order to compute the book value of any asset, start with the cost of the asset and add the accumulated depreciation.
False
In order to have an automated matching system is necessary to have access to paper copies of purchase orders and invoices
False
In order to institute an automated matching system, all of the relevant files must exist in the same physical room.
False
In order to meet the objectives of internal controls, individuals with authoritative responsibilities need to have access to the record keeping functions.
False
In the Phar-Mor fraud case, management did not write or adopt a code of ethics
False
In the modern IT environment, it is necessary for an organization to follow each of the steps in the SDLC in the order presented.
False
Independent checks and reconciliations should be performed on a regular basis as part of the segregation of duties area of internal controls.
False
Independent checks can serve as a preventive control in that they uncover problems in the data or the processing
False
Independent reconciliation of the accounts payable subsidiary ledger to the general ledger control account will help to assure that all inventory has been properly recorded.
False
Information is the set of facts collected from transactions.
False
It is likely that an accountant will select a career path, within accounting, that will not in some way, involve the use of an accounting information system
False
It is likely that expenditure fraud and ethics violations could be eliminated by a strong, ethical "tone at the top" along with encouragement of ethical behavior by all employees, and strong internal controls.
False
It is necessary for students and accountants to understand the types of threats that may affect an accounting system, so that the threats can be avoided
False
It is necessary for the purchasing department to set up the proper procedures to avoid problems related to cutoff issues.
False
It is not necessary to control the humidity and temperature in the location where the computer system is housed
False
It is possible to completely eliminate risks with the proper controls
False
It is proper that the database administrator develop and write programs
False
It is the responsibility of the payroll department to make certain that all time sheets represent actual time worked by currently active employees.
False
It would not be necessary for the programming staff to have interaction with the accounting staff during the systems implementation process, as all systems design was previously completed.
False
Local ISPs connect to the backbone through lines that have less speed and capacity than the backbone.
False
MRP stands for Management Resource Projections.
False
Maintaining high ethics can help prevent fraud but will not help to detect fraud
False
Management must discourage illegal behavior by employees, such misuse of computers and theft through the computer systems
False
Manufacturing resource planning software systems are outgrowths of the ERP concept.
False
Many companies use a public cloud computing model for storage only
False
Members of management are not required to specifically approve an employee hired by the company when the new employee has been screened by an employment office.
False
Most of the records found in an employee's personnel file are accounting related.
False
Network operations typically involve a large number of computers, many users, and a high volume of data transfers, so any lack of network controls could cause widespread damage. Because of this, it is necessary for auditors to apply strict tests to a representative sample of the network.
False
Not all organizations require long-term, capital assets such as land, buildings, and equipment to operate.
False
Once a company has decided on the control processes needed, it is not necessary to have an ongoing assessment of risks
False
Once an organization has set up an effective system to prevent unauthorized access to the IT system, it is not necessary to continually monitor the vulnerability of that system
False
Once the SDLC has identified which types of IT systems are appropriate for the company, the IT governance committee becomes the mechanism to properly manage the development, acquisition, and implementation of the IT system.
False
Once the data from the source documents have been keyed into the computer, the source document can be destroyed
False
Once the system development life cycle has determined the priority it places on IT systems, the IT governance committee will manage the development, implementation, and use of the systems.
False
Once the systems development life cycle (SDLC) is complete, it is not necessary to restart the cycle unless something is brought to the attention of the IT governance committee to indicate that another cycle is required.
False
One of the greatest risks of ERP cloud systems is their vulnerability to hackers.
False
Operations processes authorize, execute, manage, and properly account for debt.
False
Organizations should have written procedures in place to identify when the costs related to fixed assets are capitalized (recorded to repair and maintenance expense).
False
Peoplesoft uses the terms "back office" in reference to managerial functions and "front office" in reference to customer and sales functions.
False
Perpetual inventory systems involve updating the inventory and cost of sales accounts only at the end of the period.
False
Public and Private cloud computing both have the benefits of reduced infrastructure and reduced costs
False
Random access means that you are searching for specific data but do not know where it is within the database.
False
Real-time processing occurs when similar transactions are grouped into a batch and that batch is processed as a group.
False
Reports disseminated to lower level managers are usually used to provide feedback and establish production schedules or sales goals.
False
Resources required in the conversion process include materials, labor, overhead, and fixed assets.
False
Routine transactions refer to common business transactions such as payroll and fixed asset transactions.
False
Routing is the issuance and movement of materials through the sales process
False
SAP R/3 had tremendous growth due to the use of closed architecture and client-server hardware compatibility.
False
SAP was the first "pure Internet" architecture, with no programming code residing on the client computer.
False
Sales and service is a term for software solutions that help businesses manage customer relationships in an organized way.
False
Segregation of duties require within an ERP system is difficult due to the free access allowed to employees.
False
Since ERP systems are modular the risks of implementation enterprise-wide are minimized.
False
Since database management and information is the responsibility and asset of the database owner, customers should not have the privilege to restrict information contained within it.
False
Since distributed databases are under the control of many individual sites rather than a single, centralized site, configuration, conformity, and security are less of an issue.
False
Small businesses, those having fewer than 100 employees, are less vulnerable to fraud and abuse than are larger businesses
False
Source of operational processes are those processes to authorize the raising of capital, execute the raising of capital, and to properly account for that capital.
False
Special journals are journals that are established to record the transactions of specific customers and vendors.
False
Specific internal control procedures to be performed, specifically independent checks and reconciliations, should be performed by someone who as the responsibility for the recording of the transactions and the custody of the assets received.
False
Spending for ERP and ERP II systems has been consistently growing since the mid 1990s and the Y2K events.
False
Strong corporate governance will prevent fraud, theft, and mismanagement within the expenditure process.
False
The AICPA Trust Principles failed to include any reference to the internal control structure of the IT systems.
False
The AICPA Trust Services Principles do not protect the history of purchases since these are classified as "public knowledge events."
False
The amount of IT structure maintained by a client would not change if the database is stored with a cloud provider rather than onsite.
False
The audit planning process is unlikely to vary if the company has adopted IFRS, or is in the process of convergence.
False
The best fit software is usually defined by the client's hardware and intranet structure.
False
The big bang theory is the easiest to implement since the switch from the legacy system to the ERP system is done on a single date throughout the organization.
False
The big bang theory of implementation is preferred due to the limited problems incurred in transition.
False
The cash disbursement process must be designed to ensure that the company appropriately records all accounts payable transactions.
False
The cash disbursements department should have the responsibility of signing and essentially approving all paychecks.
False
The cost of cloud computing is normally related to a period of time, and not to the use of the service.
False
The decision as to whether to adopt cloud-based ERP systems will not have much impact on the computer hardware and IT infrastructure needed.
False
The determination of user requirements is often discovered through the use of observation and documentation review.
False
The differences between Tier One and Tier Two software are becoming more definitive as the Tier One vendors attempt to attract larger companies.
False
The electronic timekeeping devices accumulated data throughout the period and automatically calculate batch totals. At this time, the data batches are not able to prepare the paychecks or the payroll register.
False
The evaluated receipt settlement system is an IT enabled system that reduces the time and cost of processing customer payments
False
The file or database storage for the new accounting system is always be different from the old system.
False
The final hub in the logistics function is sales.
False
The financial module of an ERP such as SAP might contain such components as financial accounting, management accounting, corporate governance, and inventory.
False
The general public has general access to the intranet and extranet networks.
False
The group of controls referred to as Source Document Controls does not include form design
False
The human resources department should be responsible for the record keeping function related to payroll.
False
The incorporation of cloud computing requires a careful, controlled approach to system design related to the costs and benefits. Other issues are not important.
False
The integration of an ERP system compensates for its scope, size, and complexity to make implementation less risky than most IT systems.
False
The intent of an ERP (enterprise resource planning) system is to provide a sales and inventory software application that will interact with the general ledger software with its sales and inventory transactions.
False
The internal controls within a system must be designed in the implementation stage.
False
The investment in fixed assets is often the largest asset reported on the income statement.
False
The longest encryption keys are 128 bits
False
The most common type of audit service is the operating audit performed by internal auditors.
False
The most important factor in controlling IT systems is the maintenance of the vulnerability assessment activities
False
The most popular type of type of unauthorized access is probably by a person known to the organization
False
The only method of exercising corporate governance over administrative processes and financial reporting is through the company's budgeting process.
False
The only person who can perform a financial statement audit of a publicly traded company is a government auditor who has extensive knowledge of generally accepted accounting principles.
False
The only risk related to the entry points of telecommuting workers is the interaction risk
False
The process of evaluating internal controls and designing meaningful audit tests is more complex for manual systems than for automated systems.
False
The product development module of an ERP such as SAP might contain such components as production planning, manufacturing execution, operations analysis, and enterprise asset management.
False
The purchasing process starts when the purchase invoice is submitted by the vendor.
False
The purpose of MRP II was to integrate manufacturing, engineering, marketing, finance, and human resources units to run on the same information system.
False
The real-time nature of processing increases the total processing time and precludes immediate feedback to management.
False
The requirements to frequently or infrequently access data are not relevant to the way that the data is stored due to computer access speed.
False
The responsibility for operations, compliance, and financial reporting lies with the auditors.
False
The responsibility of the auditor to search for fraud is less than the responsibility to search for errors.
False
The risk assessment is the foundation for all other components of internal control and provides the discipline and structure of all other components
False
The risks related to computerized systems are adequately covered by the COS internal control report
False
The sale of bonds should be considered a regular, recurring process since these types of transactions are recorded in the general ledger.
False
The same audit tests would test for completeness of a liability or an asset.
False
The segregation of duties states that the authorization of duties is to be separated from the recording function but not from the custody function.
False
The standard form of encryption embedded in e-commerce sites and in web browser software is "Safe Sending Language" (SSL).
False
The steps within the design phase of the SDLC are the same, whether the organization intends to purchase software or to design the software in-house.
False
The supply chain is the linked processes from the raw material vendor through the manufacturer ending at the stage of finished goods.
False
The systems development life cycle is responsible for the oversight and management of the IT governance committee.
False
The three conditions that make up the fraud triangle are theft, concealment, and conversion
False
The three primary components of the logistics function are 1) planning, 2) production, and 3) sales.
False
The use of control totals and related acknowledgments can reduce the risk of denial of service attacks by hackers.
False
The use of passwords to allow only authorized users to log into an IT system is an example of an application control
False
There are a number of methods described that are intended to limit log-ins exclusively to authorized users. The only method that is foolproof is the biometric devices
False
There is not much room for professional judgement when performing audits, as a result of the detailed guidance provided by organizations, such as the PCAOB.
False
Tier one describes software used by midsize businesses and organizations.
False
Tier two includes software often used by large, multinational corporations.
False
To increase the effectiveness of login restrictions, passwords must be unique for each user
False
Traditional EDI is a real-time processing system due to the 24 hour, 7 day a week operation of computers and servers.
False
Traditional accounting software is much more comprehensive and encompassing that ERP software
False
Training of employees will be minimal due to BPR and system's integration.
False
Unethical and fraudulent behaviors are much more likely to be initiated by employees, not management.
False
When ERP implementation is started, all of the legacy system must be replaced for proper operation.
False
When a client changes the type of hardware or software used or in other ways modifies its IT environment, the auditors need to test only the new system in order to determine the effectiveness of the controls.
False
When a client company is using IT outsourcing, and that service center has its own auditors who report on internal control, the third-party report (from the independent auditors) cannot be used as audit evidence without the auditor performing an adequate amount of compliance testing.
False
When a company implements an evaluated receipt settlement results in the increase in the strength of the internal controls.
False
When a credit memorandum has a reference to the original sales invoice and approved price list it will assure that the correct customer receives credit for the return.
False
When a new asset is requested, and the cost is below a preestablished amount, it is necessary for specific authorization of the purchase.
False
When a sales order has been entered into the system, the customer's credit status must be checked. For existing customers, the sale on account should be approved only if the customer has exceeded their credit limit.
False
When an auditor is engaged to audit a company that uses cloud computing, the auditor must rely on the SOC reports provided by the service company's auditors.
False
When data and processing are distributed across several computers, as occurs in a system of distributed processing, the failure of one site will be harmful and bring down the entire system.
False
When the IT governance committee has made the decision as to which IT upgrades and/or modifications are to be made, their job is complete.
False
Whenever a sales order is received, it is necessary to check the inventory to make sure that the items ordered are in stock. If the items are in stock, a packing slip will be prepared.
False
With the proper training of employees and the adequate controls, it would be possible to eliminate all errors
False
Within are relational database a record may have more than one primary key.
False
Which of the following is NOT one of the types of control totals?
Digit Count
A retail store chain is developing a new integrated computer system for sales and inventories in its store locations. Which of the following implementation methods would involve the most risk?
Direct cutover
A system conversion method in which on a chose date the old system operation is terminated and all processing begins on the new system.
Direct cutover conversion
The AICPA's Trust Services Principles practice that states that organizations should receive explicit or implicit consent of the customer before providing information to third parties is under the title of:
Disclosure to third parties
In this type of client-server computing, the client PC participates in application processing - including the updates and changes to data that reside on the server
Distributed application
A set of small databases where data are collected, processed, and stored on multiple computers within a network is a:
Distributed database.
In this type of client-server computing, the client PC manipulates data for presentation but does not do any other significant processing
Distributed presentation
Client-server computing can be divided into two levels. These two levels are known as _________ and ________
Distributed presentation; distributed application
Within the cloud computing environment, the service provider is responsible to make sure that all relevant risks have been identified and controlled. Because of this, the company using the cloud computing does not need to repeat that evaluation
False
This type of external computer fraud is intended to overwhelm an intended target computer system with so much bogus network traffic so that the system is unable to respond to valid traffic
DoS Attack
The documenting system that shows the flow of documents and information among departments or units within an organization is called a:
Document Flowchart
Which of the following is not one of the popular documentation methods for processes and systems presented in the textbook?
Document creation map
The operations list is the:
Document of instructions utilized to assemble a product.
In an audit of financial statement in accordance with generally accepted auditing standards, an auditor is required to:
Document the auditor's understanding of the client company's internal controls.
The detailed examination of documentation that exists about the system to gain an understanding of the system under study is called a(n):
Documentation Review
Within the systems analysis phase of the SDLC, which of the following data collection methods does not involve any feedback from users of the IT system?
Documentation review
Which of the following function to store, index, and provide the IP address for each domain name?
Domain name servers
OLAP tools include all of the following EXCEPT:
Drill up.
This control requires the approval and signature of two authorized persons, on checks over the predetermined threshold amount, which reduces the risk of significant fraud or error.
Dual Signature
All of the following are operation risks of ERP systems except:
Duplicate Information
The internal control process of requiring management approval of fixed asset changes prior to recording the transaction, will help to minimize the risk of:
Duplicate transactions
The use of electronic means to enhance processes is termed:
E-business
What is the main difference between e-business and e-commerce?
E-business refers to all forms of electronic business transactions and processing, whereas e-commerce is a type of e-business specific to online buying and selling
This type of highly integrated IT system incorporates electronic processing of sales-related activities and, generally, the sales processes are transacted over the internet.
E-commerce
Which of the following statements is true?
E-commerce is a subset of e-business.
All of the following are true statements about e-commerce EXCEPT:
E-commerce sales reduce the opportunity for fraud, theft of assets, and theft of data.
Businesses that are purely web-based are called:
E-tailers
Which of the following is not an example of employee fraud?
Earnings management
The act of misstating financial information in order to improve financial statement results is referred to as:
Earnings management.
Advantages of distributed databases include all EXCEPT:
Eased managerial obligations.
The assessment of the costs and benefits associated with the proposed IT system is referred to as:
Economic Feasibility
Typical steps within the systems analysis phase of the SDLC would not include which of the following?
Economic Feasibility
The purpose of this analysis is to determine which of the alternative designs is the most cost effective.
Economic feasibility
One inventory control function that is important to the conversion process is the determination of _______, or the most efficient quantity of products to purchase.
Economic order quantities
Which of the following is not an advantage of using real-time data processing?
Efficiency for use with large volumes of data
When a company has an e-business transaction with a supplier, it could be using
Either the Internet or an extranet.
The company-to-company transfer of standard business documents in electronic form is called:
Electronic Data Interchange
The inter-company, computer-to-computer transfer of business documents in a standard business format is referred to as:
Electronic Data Interchange
One of the newest technologies related to payables is one where invoices are exchanged and payments are made via the internet. The name given to this process is:
Electronic Invoice Presentment and Payment (EIPP)
The intercompany, computer-to-computer transfer of business documents in a standard business format is called:
Electronic data interchange
This type of highly integrated IT system, inter-company, computer-to-computer, communicates sales documents electronically with a standard business format.
Electronic data interchange
This system enables a vendor to present an invoice to its trading partner via the internet, eliminating the paper, printing, and postage costs of traditional paper invoicing
Electronic invoice presentation and payment
Each of the following represents a characteristic of B2B commerce EXCEPT:
Electronic retailing.
An electronic payroll time keeping device that collects time and attendance data when employees enter their time sheets is called:
Electronic time clock
Which of the following is NOT one of the three rules of data normalization?
Eliminate blank fields
An alternative power supply that provides electrical power in the event that a main source is lost is called:
Emergency power supply
One of the most effective ways a client can protect its computer system is to place environmental controls in the computer center. Environmental controls include:
Emergency power supply
With the proper implementation of an ERP system:
Employee IDs, passwords, and segregated duties aid in internal control measures.
The theft of assets by a non-management employee is termed:
Employee fraud
Select the true statement from the following.
Employee fraud is more prevalent in the routine processes. Management fraud is more prevalent in administrative processes and reporting.
According to the authors of this textbook, which of the following is not one of general categories of people who commit fraud?
Employees
A company's internal controls policies may mandate the distribution of paychecks by an independent paymaster in order to determine that:
Employees included in the period's payroll register actually exist and are currently employed.
Which of the following statements is not true with regard to a relational database?
It stores data in a tree formation.
For which of the following computerized conversion systems is Wal-Mart well known?
JIT
This item would include explanations concerning the qualifications and responsibilities of each position shown on organization chart. The item is also supported by policies and procedures manuals that outline specific activities performed by each position.
Job profile
What company developed the first true ERP systems?
Peoplesoft
The first "pure Internet" architecture, with no programming code residing on the client computer was:
Peoplesoft.
There were four market segments identified by the authors in chapter 2. Which of the following is not one of those segments?
Legacy Company Sytems
The modern integrated systems discussed by the authors include different types of architectures or model. Which of the following is not one of those models?
Legacy accounting
An existing system within the organization that uses older technology is called a(n):
Legacy system
Which of the following is not one of the advantages of maintaining the legacy systems?
Legacy systems are inexpensive to maintain
Features that assist management and accountants, as the result of the point-of-sale systems, include all of the following, except:
List prices can be changed by the check-out clerks to take advantage of any price changes.
This type of computer network is one that spans a relatively small are- often confined to a single building or group of buildings, and are intended to connect computers within an organization
Local Area Network
The proper sequence of Internet connectivity between users is:
Local ISP to regional ISP to national backbone provider to network access points to national backbone provider to regional ISP to local ISP.
Which of the following connects individual users to the Internet using dial-up modems, digital subscriber lines, or cable TV lines?
Local ISPs
A computer network covering a small geographic area, which, in most cases, are within a single building or a local group of buildings is called a:
Local area network
When one site is utilized as the pilot approach to ERP, the implementation method is referred to as:
Location-wise implementation
This term relates to making the computer recognize a user in order to create a connection at the beginning of the computer session
Login
The major function within the conversion process is the:
Logistics function.
The process of logical, systematic flow of resources throughout the organization is referred to as
Logistics.
There are two modes of processing transactions in accounting systems. The mode that will record transactions, one at a time, is referred to as:
Online Processing
In order to smooth out the payroll process and avoid the heavy workload that falls at the end of the payroll period, many companies will use this type of system - one that integrates their human resources and payroll functions. This system makes real-time personnel data available and the general ledger and production system can be automatically updated at the end of the payroll period.
Online Software Systems
The risk related to this category of Trust Services Principles is that personal information about customers may be used inappropriately or accessed by those either inside or outside the company
Online privacy
The existence of IT-based business processes often result in details of transactions being entered directly into the computer system, results in a lack of physical evidence to visibly view. This situation is referred to as:
Loss of Audit Trail Visibility
The reconciliation of time sheets with production reports for work-in-process and finished inventories minimizes the related risk of all of the following EXCEPT:
Lost or stolen inventory
Conditions that warrant the need for strong controls relating to the payroll process include all of the following EXCEPT:
Low employee turnover
The original purpose of ARPANET was to share military research data among four universities. Which of the following was not one of the four universities?
MIT
Select the correct statement from those provided below.
MRP II allows interaction between suppliers and their customers via the internet or other electronic means.
Which of the following is NOT one of the three critical actions that a company can undertake to assist with fraud prevention and fraud detection?
Maintain an accounting information system
It is necessary for a company to maintain good control over their accounts payable and paying by the due date, for all of the following reasons, except:
Maintain relationships with customers
The planning component of the logistics function has all of the following elements except:
Maintenance and control.
The process that is concerned with maintaining the capital resources used to support production is referred to as:
Maintenance and control.
Within the cash disbursement process, specific steps should be taken to enhance the effectiveness and efficiency of making payments to vendors. Which of the following is NOT one of those steps?
Maintenance of the general ledger
When an organization hires consultants to assist with any phase or any phases of the SDLC, there are at least four ethical obligations. Which of the following is not one of those obligations?
Make an honest effort to participate, learn the new system processes, and properly use the new system.
Which individual or group has the responsibility to establish, enforce, and exemplify the principles of ethical conduct within an organization?
Management
Claims regarding the condition of the business organization and in terms of its operations, financial results, and compliance with laws and regulations, are referred to as:
Management Assertions
Internal controls can be effective in preventing or detecting all of the following types of fraud except:
Management Fraud
Management circumvention of systems or internal controls that are in place is termed:
Management override
Some of the AICPA trust services principles may include:
Management, choice & consent, use & retention, access, disclosure to third parties, and monitoring & enforcement.
The AICPA's Trust Services Principles practice that states a specific person or persons should be assigned the responsibility to insure that privacy practices are followed by employees is under the title of:
Management.
Internal control activities within the payroll process, identified as authorization, would include which of the following?
Manager approval of payroll prior to signing checks
Select the true statement from those listed below.
Managers need the information associated with their area of responsibility.
Select the true statement from those provided below.
Managers require access to historical data this is generally not available to other individuals.
Hierarchical databases are NOT:
Many-to-one relationships.
Accounting software traditionally uses two different types of files. The file type that is relatively permanent and used to maintain the detailed data for each major process is a(n):
Master File
The chart of accounts would be a good example of a:
Master File
When a vendor returns a request for proposal, it will include all of the following, except:
Match of the system and user needs
All of the following are disadvantages of e-commerce EXCEPT:
Faster order processing prevents good assurance of order correctness.
The realistic possibility of affording, implementing, and using the IT systems being considered is referred to as:
Feasibility
When high-dollar fixed assets are purchased, there should be a strict approval process which would include three formal steps. Which of the following is not one of those steps?
Feasibility study.
All of the following are disadvantages to a cloud-based system except:
Fewer IT employees would be needed to maintain the system
The separation of the responsibility for the authorization of new customers from the custody of inventory will help to minimize the related risk of:
Fictitious customers
The internal control activity requiring that the manager approves payroll prior to signing paycheck is intended to minimize the risk of:
Fictitious employee
The internal control activity requiring the preparation of a bank reconciliation will minimize the risk of all of the following EXCEPT:
Fictitious employees
The internal control process of requiring an independent paymaster, will help to minimize the risk of:
Fictitious employees
The internal control process of separating the custody of inventory from the accounts payable record keeping will help to minimize the risk of:
Fictitious purchases
The internal control process that requires the segregation of the authorization of purchase returns and the accounts payable record keeping and the custody of inventory, will help to minimize the risk of:
Fictitious returns
Which programmed input validation check determines whether the appropriate type of data, either alphabetic or numeric, was entered?
Field check
Each record is made up of related:
Fields
Internal control activities within the purchasing process, identified as adequate records and documents, would include which of the following?
Files are to be maintained for purchase requisitions, purchase orders, receiving reports, and invoices.
Uploading data is putting:
Files from each HIP system into the data warehouse.
The correct statement regarding the supply chain and B2C is the supply chain extends from the secondary supplier and ends with the:
Final customer while B2C is from the retailer to the final consumer.
This type of audit is completed to determine whether or not the client has prepared and presented its financial statements fairly, in accordance with established financial accounting criteria.
Financial Statement Audit
The first part of the strict approval process for high-dollar fixed assets is the investment analysis. Which of the following is part of that analysis?
Financial justification
The bill of materials is the:
Form that specifies the components of a product.
The theft, concealment, and conversion of personal gain of another's money, physical assets, or information is termed:
Fraud
General controls are divided into five broad categories. Which of the following is not one of these categories?
Fraud Prevention
The audit is to be performed by a person or persons having adequate technical training and proficiency as an auditor. This is one of the generally accepted auditing standards that is part of the:
General Standards
The ________ provide(s) details for all the account within the chart of accounts and is the entire set of T-accounts for the organization.
General ledger
The ten standards that provide broad guidelines for an auditor's professional responsibilities are referred to as:
Generally accepted auditing standards
Which of the following is least likely to be part of an accounting information system function
Generation of data to be part of the information system
An entity who receives a paycheck, but who does not actually work for the company is called:
Ghost employee
The purpose of the data warehouse does NOT include:
Giving managers rich sources of current trends and data.
The purpose of tracing sales invoices to shipping documents would be to provide evidence that:
Goods billed to customers were shipped.
This type of auditor conducts audits of government agencies or income tax returns.
Government Auditor
Which of the following would be a correct way to compute the net pay for an employee?
Gross Pay minus Authorized Deductions
Which of the following statements is true of unstructured data? 1. Unstructured data does not easily fit into rows and columns of fixed length 2. An example of unstructured data is the free-form text of an online customer's review of a product 3. Accounting data is unstructured data 4. An example of unstructured data would be a 10-digit phone number
Only 1 & 2.
Unethical or fraudulent behavior within the administrative process 1. Can occur in administrative processing of an organization. 2. Can occur in the reporting functions of an organization. 3. Are much more likely to be initiated by management. 4. Are much more likely to be initiated by employees.
Only 1, 2, and 3 are correct.
The external general purpose financial statements/reports are the: 1. Aged accounts payable report. 2. Aged accounts receivable report. 3. Balance sheet. 4. Income statement. 5. Inventory statement. 6. Statement of cash flows. 7. Statement of retained earnings.
Only 3, 4, 6, and 7.
Companies that engage in e-commerce, B2C sales with consumers:
Have the same kind of obligations to conduct their business ethically as companies transacting business any other way.
The independence of a CPA could be impaired by:
Having the ability to influence the client's decisions
This section of the common forms used as the standard format in EDI data transmission contains data about the file or transmission and identify the end of a particular transaction.
Header and Trailer Data
Internet EDI, or EDIINT, features all of the following EXCEPT:
Heavy infrastructure.
Today's automated accounting process:
Helps the user by identifying modules for activities.
Select the true statement from the following.
High-impact processes (HIPs) and user's needs determine the data in the data warehouse.
A backbone provider is an organization that provides:
High-speed access to regional ISP users.
All of the following steps come after the evaluation of RFPs and Software in the system design process except:
Hiring a consultant
To fulfill the management obligations that are an integral part of IT governance, management need not focus on:
Hiring an acceptable IT manager
A consulting firm helping a company with the implementation of an ERP system will typically perform all of the following actions except:
Hiring specialized technicians to maintain the system
When accounting software is used to prepare the periodic payroll, which of the following items is necessary to input for each employee?
Hours Worked
Business process reengineering means:
Matching the IT and business processes to achieve the greatest mutual benefit from each.
_________________ involves the automated scheduling of production orders and movement of materials in the production process.
Material resource planning (MRP)
During the planning phase of the audit, auditors estimate the monetary amounts that are large enough to make a difference in decision making. This amount is referred to as:
Materiality
Whenever a company grants credit to customers, there is a danger that customers will not pay. In fact, most companies have occasional problems with customers who fail to pay which leads to writing off the accounts receivable. Proper controls related to these uncollectible accounts include all of the following, except:
Mathematical verification of the cash receipts journal and the accounts receivable ledger.
In a properly controlled system of administrative and reporting functions, 1. Employees have access to related assets or source documents. 2. Administrative processes are tightly controlled by supervisors. 3. Employees have the authority to initiate processes such as investing. 4. On processes such as sales and cash receipts employees are given general authorization to initiate and process transactions.
Only 4 is true.
Detailed information from a sale may be used by: 1. The sales department. 2. The accounts receivable section. 3. The inventory department. 4. General ledger accountants. 5. Customer service.
Only by 1, 2, 3, and 5.
Posting to the general ledger occurs:
Only when proper authorization has been given.
Before forwarding customer data, an organization should receive explicit or implicit consent of the customer. This describes which of the AICPA Trust Services Principles online privacy practices?
Onward transfer and disclosure
A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent a data store or the storage of data is a(n):
Open-ended rectangle
The software that controls the basic input and output activities of the computer are called:
Operating System
The types of concepts commonly found in a code of ethics would not include:
Operating at a profit in all reporting periods
During this phase of the SDLC, management should request and receive ongoing reports about the performance of the IT system.
Operation and Maintenance
The regular, ongoing, functioning of the IT system and the processes to fix smaller problems, or bugs, in the IT system is called:
Operation and Maintenance
This type of audit is completed to assess the operating policies and procedures of a client for efficiency and effectiveness.
Operational Audit
Which of the following types of audits is most likely to be conducted for the purpose of identifying areas for cost savings?
Operational Audits
This type of database contains that data that are continually updated as transactions are processed and includes data for the current fiscal year and supports day-to-day operations is referred to as a(n):
Operational Database
The assessment of the realism of the possibility that the current employees will be able to operate the proposed IT system is referred to as:
Operational Feasibility
During this process, the project team must consider the number of employees, their capabilities and expertise, and any supporting systems necessary to operate each alternative design.
Operational feasibility
The form that describes the chain of events that constitute a product's production is referred to as the:
Operations list.
All of the following are reasons why it is not possible to eliminate all fraud risks, except
Opportunity
Circumstances that provide access to the assets or records that are the objects of the fraudulent activity describes which condition of the Fraud Triangle?
Opportunity
The ERP program that uses the term "back office" in reference to managerial functions and "front office" in reference to customer and sales functions is:
Oracle Applications
The Point-of-sales (POS) systems capture all relevant sales data at the point of sale - the cash register. The data that is captured includes all of the following, except:
Ordering for low-inventory items
The document is prepared in order to map out the jobs and reporting relationships within an organization. This may include only top branches of an organization or may include all positions within the company.
Organization Chart
This type of address is the unique information that allows a specific website or server to be located.
IP
This type of auditor specializes in the information systems assurance, control, and security. They may work for CPA firms, government agencies, or with the internal audit group.
IT Auditor
Which of the following is not one of the three primary types of audits?
IT Audits
Many companies use independent, internet-based service providers to handle their payroll processing. These payroll providers specialize in offering solutions and constant access to payroll information.
Outsourcing of Payroll Services
Internal control activities within the payroll process, identified as adequate records and documents, would include which of the following?
Paychecks are prepared on prenumbered checks
Which of the following is not an independent check within payroll processes?
Paychecks are prepared on prenumbered checks.
This individual is responsible for distributing the signed paychecks on the designated pay day.
Paymaster
Common expenditure processes would include all of the following, except:
Payment received on account
This record, prepared by the cash disbursements department, provides a listing of al paychecks written, in check-number sequence, with the total supporting the amount of payroll funds to transfer to the payroll bank account.
Payroll Disbursements Journal
An integrated IT system of payroll and human resources may have extra risks above those of a manual system. Passwords and access logs are controls that should be used in these integrated systems to lessen the risk of:
Payroll data that does not reconcile to time cards.
Internal control activities within the payroll process, identified as segregation of duties, would include which of the following?
Payroll preparation, authorization of new hiring and pay rates, information systems, and general accounting should all be performed by different departments and / or different people.
A structure of relationships and processes to direct and control the enterprise in order to achieve the enterprise's goals by adding value while balancing risk versus return over IT and its processes is called:
IT Governance
The proper management, control, and use of IT system are known as:
IT Governance
A group of senior managers selected to oversee the strategic management of IT is called:
IT Governance Committee
The two broad categories of general controls that relate to IT systems include which of the following:
IT administration and the related operating systems development and maintenance processes
The policies and procedures that employees following in acquiring and maintaining human resources, capturing and maintaining employee data, paying employees for time worked, and recorded the related cash payroll liabilities and expenses are collectively referred to as:
Payroll processes
This record, prepared by the payroll department, is a complete listing of salary or wage detail for all employees for a given time.
Payroll register
This document authorizes the transfer of cash from the company's main operating account into the payroll cash account.
Payroll voucher
Intentionally attempting to circumvent IT system access controls to determine whether there are weaknesses in any controls is called:
Penetration testing
The process of legitimately attempting to hack into an IT system to find whether weaknesses can be exploited by unauthorized hackers is referred to as:
Penetration testing
These tests of the security controls involve various methods of entering the company's system to determine whether controls are working as intended.
Penetration tests
Which of the following is a general control to test for external access to a client's computerized systems?
Penetration tests
The rule in the PCAOB/AICPA Code of Professional Conduct that is referred to as Responsibilities, can be stated as:
In carrying out their professional duties, CPAs should exercise sensitive professional and moral judgments in all their activities.
Which of the following is not considered a benefit of using computerized conversion systems?
Increased sales and cost of sales
Management misstatement of financial statements often occurs in order to receive indirect benefits such as:
Increased stock prices
Which control activity is intended to serve as a method to confirm the accuracy or completeness of data in the accounting system?
Independent checks and reconciliations
The theft of proprietary company information, by digging through the trash of the intended target company is called what?
Industrial Espionage
The chance that information used by decision makers may be inaccurate is referred to as:
Information Risk
This organization issues guidelines for conducting the IT audit. The standards issued address practices related to control and security of the IT system.
Information Systems Audit and Control Association
Using IT systems to enhance efficiency and effectiveness of internal or supply chain processes is called:
Information Technology Enablement
Which of the following is not one of the advantages of batch processing?
Information can be provided to users on a timely basis
Which of the following best describes the relationship between data and information?
Information is interpreted data.
This type of auditor is an employee of the company he / she audits.
Internal Auditor
The COSO report is also known as:
Internal Control Integrated Framework
The COSO report written for the purpose of assisting managers in the challenge of managing risk in their organization is entitled:
Internal Control- Integrated Framework
A company's _______ encompasses the tone of an organization and sets the basis for how risk is viewed and addresses by an entity's people
Internal Environment
The primary objective of compliance testing in a financial statement audit is to determine whether:
Internal controls are functioning as designed.
Many different types of output are generated by an accounting information system. The authors identified general categories of output. The category that would include any document that management determines would be useful to the business is:
Internal reports
This organization was established by the IFAC to set International Standards on Auditing (ISAs) that contribute to the uniform application of auditing practices on a worldwide basis.
International Auditing and Assurance Standards Board (IAASB)
Which of the following is NOT one of the approaches to cloud computing?
Internet Clouds
What does IP stand for?
Internet protocol
Information is the:
Interpretation of data that have been processed.
Face-to-face, verbal questioning of users of an IT system to determine facts or beliefs about the system are called:
Interviews
Specific software tools that monitor data flow within a network and alert the IT staff to hacking attempts or other unauthorized access attempts is called:
Intrusion detection
This type of software alerts the organization to hacking or other unauthorized use of the system or network.
Intrusion detection
Input controls such as field check, validity check, limit check, and reasonableness check are useful in IT systems of purchase to lessen which of the following risks?
Invalid data entered by vendors
IT controls over computer records and physical controls in general ledger storage areas minimize the related risk of:
Invalid general ledger postings
The internal control process that requires the approval of a cash disbursement transaction to take place prior to the preparation of the check, will help to minimize the risk of:
Invalid payments
The internal control process that requires purchase records to be matched and verified for item descriptions, quantities, dates, authorized prices, and mathematical accuracy, will help to minimize the risk of:
Invalid purchases
The internal control process that requires the approval of the purchase return transaction take place before the preparation of the debit memo, will help to minimize the risk of:
Invalid returns
The separation of the custody of inventory from the accounts receivable record keeping will help to minimize the related risk of:
Invalid returns
The risks that may affect the revenue and cash collection processes include all of the following, except:
Invalid transactions may have been omitted from the records.
The financials module of an ERP such as SAP would include all of the following components EXCEPT:
Inventory
All of the following are General controls except for:
Inventory Controls
The responsibility for managing and recording the movement of inventory in the many different directions that it may go throughout the conversion process is assigned to the:
Inventory control department.
The four primary functions of corporate governance do not include:
Inventory control.
Which of the following is NOT a special journal?
Inventory journal.
In following proper segregation of duties, those who handle cash should not be granted any of the following authorities EXCEPT:
Inventory management duties
Which of the following is not one of the general categories of business processes?
Inventory processes
The _______ function concerns the control of raw materials inventory held in storage or in holding areas, waiting for processing.
Inventory stores
Select the true statement from the choices below.
Inventory stores are concerned with raw materials and warehousing is concerned with finished goods.
When a point of sale system is used and a customer checks out through a cash register, which of the following processes occurs?
Inventory values are updated
Which of the following involves managing the holding area for finished goods awaiting sale?
Inventory warehousing
The account that a manufacturing operation and a retail firm would have in common would be:
Inventory.
The authors presented their "picture" of internal control as a series of umbrellas which represent different types of controls. Which of the following is not one of those types of controls?
Investigation
The IT Governance Committee has several important responsibilities. Which of the following is not normally one of those responsibilities?
Investing excess IT funds in long-term investments
Which of the following statements is false?
New programs sold by software development companies are not as user friendly as the legacy systems
Output from an accounting information system would NOT include:
Invoices from vendors
Perpetual inventory systems:
Involve every level of inventory necessary for production.
XBRL:
Is a language that allows data extraction from financial statements.
The Internet:
Is a series of networks connected to provide a global connectivity.
Which of the following questions would be least likely to appear on an internal control questionnaire regarding the initiation and execution of new property, plant, and equipment purchases?
Is access to the assets restricted and monitored?
SSL - secure sockets layering:
Is an encryption system in which the web server and the user's browser exchange data in encrypted form.
The supply chain:
Is both an internal and external process.
Today's automated accounting process:
Is built on an operational structure similar to manual accounting.
Security of source documents:
Is essential for both manual general ledger systems and IT accounting systems.
A router:
Is hardware that connects two or more networks.
The loss of transaction processing efficiency:
Is minimized because of the increased computing power available.
Which of the following companies would be most likely to use a Tier Two ERP software?
None of the Above
Hacking can be prevented by using which of the following?
None of the above
What time frame is required for a business processing system to be considered a "legacy system"?
None of the above
Which of the following statements is FALSE?
None of the above are false.
Notable differences between the acquisition of fixed assets and the acquisition of inventory includes:
None of the above.
The most difficult type of misstatement to discover is fraud that is concealed by:
Nonrecorded transactions
This term means that a user cannot deny any particular act that he or she did on the IT system is referred to as:
Nonrepudiation
Which of the following statements is true?
Nonroutine transactions are entered in the general journal.
Data within the data warehouse is:
Nonvolatile - it does not change rapidly.
The AICPA's Trust Services Principles practice that states a company should have policies and practices to maintain the privacy of customer data is under the title of:
Notice
Watching the steps that employees take as they process transactions in the system is referred to as:
Observation
Which of the following procedures would be most useful in determining the effectiveness of a company's internal controls regarding the existence or occurrence of payroll transactions?
Observe the segregation of duties concerning personnel responsibilities and payroll disbursement.
Which of the following audit procedures is most likely to be performed during the planning phase of the audit?
Obtain an understanding of the client's risk assessment process.
Batch processing:
Occurs when similar transactions are grouped together and processed as a group.
Real-time processing:
Occurs when the transaction is processed immediately.
Assets to be included in the fixed asset pool would include all of the following, except:
Office Supplies
A company's conversion processes includes all of the following except:
Office supplies.
The decision to raise or acquire capital funds is:
Is the responsibility of the board of directors.
E-commerce:
Is the sale of goods or services to an end-user consumer.
Direct access:
Is the same as random access.
Drill down within OLAP is:
Is the successive expansion of data as lower levels of data are exposed.
The chance for fraud or ethical lapses will not be reduced if management:
Is unethical
Routing is the:
Issuance and movement of materials into the various production phases.
Select the correct statement from those listed below.
Issuance of bonds and the origination of loans are considered debt while the issuance of stock is considered equity.
Which of the following statements concerning an operations list is true?
It is an engineering document that describes the chain of events within a company's conversion process.
The use of the smart card or security tokens is referred to as a two factor authorization because:
It is based on something the user has, the token or card, and something the user knows, the password
Which of the following is a disadvantage of purchased accounting software, compared with software developed in-house?
It is custom designed for that company
Payroll outsourcing has become popular due to all of the following reasons EXCEPT:
It offers full protection from internet fraud
Which of the following relationships does not violate the rules of segregation of duties
Preparation of the sales order and sales invoice.
Which of the following correctly lists activities within the conversion process in chronological order?
Prepare bill of materials, prepare purchase requisition, initiate production, inspect goods
Bar codes can be used in a number of different instances for input:
Prepare financial staments
Which of the following correctly lists the correct chronological order of data flow in the fixed asset acquisitions process?
Prepare requisition; approve purchase; prepare purchase order; receive goods
Which of the following objectives were not identified as necessary to be provided by an effective accounting system?
Prepare the appropriate documents
In a system of proper internal controls, the same employee should not be allowed to:
Prepare voucher packages and sign checks.
Inventory status reports are:
Prepared at various stages of the production process.
Personnel who work in the receiving area should complete all of the following processes, except:
Preparing an invoice
The recording responsibilities for cash receipts includes all of the following, except:
Preparing bank deposits
A large part of the work performed by an auditor in the audit planning process is the gathering of evidence about the company's internal controls. This can be completed in any of the following ways, except:
Preparing memos to summarize their findings
In order to ensure that all records are updated only for authorized transactions, appropriate individuals should be assigned all of the following duties, except:
Preparing the bank reconciliation.
The establishment of log-in procedures can help prevent or lessen security risks and are referred to as:
Preventive controls
Sales orders are calculated based on current selling prices of the items sold. The source of these prices, which would include the entire set of pre-established and approved prices for each product, is referred to as a(n):
Price list
All types of auditors must follow guidelines promoting ethical conduct. For financial statement auditors, the PCAOB/AICPA has established a Code of Professional Conduct, commonly called the Code of Ethics, which consists of two sections. Which of the following correctly states the two sections?
Principles and rules
The purpose of the feasibility study is to assist in
Prioritizing IT requested changes
To avoid the risks associated with a public cloud, many companies establish their own computing cloud structure. The cloud is developed, owned, maintained, and used by the user company. This cloud is referred to as:
Private cloud
An extranet is a:
Private network accessible by select members of the supply chain.
An intranet is a:
Private network accessible only to the employees of a company.
When creating or reading a system flowchart, the rectangle represents a(n):
Process
A pictorial representation of business processes in which the actual flow and sequence of events in the process are presented in the diagram form - the start of the process, the steps within the process, and the finish of the process is referred to as:
Process Map
In documenting systems, which pictorial method is described as a method that diagrams the actual flow and sequence of events?
Process map
The policies and procedures that employees follow when completing the purchase of goods or materials, capturing vendor data and purchase quantities, and routing the resulting purchasing documents to the proper departments within the company are called:
Processes
These controls are intended to prevent, detect, or correct errors that occur during the processing of an application
Processing Controls
This type of control is intended to ensure the accuracy and completeness of processing that occurs in accounting applications:
Processing Controls
The accuracy, completeness, and timeliness of the process in IT systems is referred to as:
Processing Integrity Risks
IT audit procedures typically include a combination of data accuracy tests where the data processed by computer applications are reviewed for correct dollar amounts or other numerical values. These procedures are referred to as:
Processing controls
AICPA Trust Principles identify five categories of risks and controls. Which category is best described by the statement, "Information process could be inaccurate, incomplete, or not properly authorized"?
Processing integrity
The risk related to this category of Trust Services Principles could be inaccurate, incomplete, or improperly authorized information
Processing integrity
When a company sells items over the Internet, it is usually called e-commerce. There are many IT risks related to Internet sales. The risk of invalid data entered by a customer would be a(n):
Processing integrity risk.
In today's IT environment:
Processing speed is compromised for query capability with relational databases.
The sales and services module of an ERP such as SAP would include all of the following components EXCEPT:
Procurement
Credit cards given to employees by the organization in order for the employees to make designated purchases are called:
Procurement Cards
Which of the following is NOT a primary component of the logistics function?
Production
Which of the following is not a method of unethically inflating sales revenue?
Promotional price discounts
An example of an independent verification in the sale process is:
Proof of recorded dates, quantities, and prices on an invoice.
One of the most effective ways a client can protect its computer system is to place physical controls in the computer center. Physical controls include all of the following, except:
Proper temperature control
Regional ISPs:
Provide the connection between local ISPs and national backbone providers.
This form is prepared to document the need to make a purchase and requests that the specific items and quantities be purchased.
Purchase requisition
Internal control activities within the purchasing process, identified as segregation of duties, would include all of the following, except:
Purchasing records and programs must be protected from unauthorized access.
Which of the following is not an example of cloud computing?
Purchasing songs from iTunes and downloading those those songs onto your computer
The final hub in the logistics function is:
Quality control.
The final hub in the logistics function which involves a follow-up to production, where the products are inspected before they are moved to the warehouse or shipping area is referred to as:
Quality control.
The AICPA's Trust Services Principles practice that states that all customer data collected remains "accurate, complete, current, relevant, and reliable" is under the title of:
Quality.
A written, rather than an oral, form or questioning of users to determine facts or beliefs about a system is referred to as a(n):
Questionnaire
The organization of files in a computer system normally uses one of two different access methods. The access method method where the files are not stored in sequence, one record not stored immediately after another, is referred to as:
Random Access
(Magnetic) Disk storage is:
Random access.
Physical inventory counts should only include:
Raw materials, work-in-process, and finished goods.
During substantive testing, if material misstatements have been found to exist, which of the following actions should be taken next?
Re-evaluate the audit risk in the planning phase
The management assertion related to valuation of transactions and account balances would include all of the following, except:
Real
A type of online processing where a transaction is processed immediately so that the output is available immediately is termed:
Real-Time Processing
The processing system where transactions are processed immediately and where output is available immediately is referred to as:
Real-time processing
Select the true statement from those provided.
Real-time processing fails to attain the efficiency of batch processing.
Select the false statement from those provided.
Real-time processing must use sequential storage concepts.
This level of assurance means that controls achieve a sensible balance of reducing risk when compared with the cost of the control
Reasonable assurance
Which programmed input validation check compares the value in a field with related fields which determine whether the value is appropriate?
Reasonableness check
Under a system of sound internal controls, if a company sold defective goods, the return of those goods from the customer should be accepted by the:
Receiving Clerk
The textbook referred to the three primary categories of processes in the typical purchasing system. Which of the following in not one of those categories?
Receiving Processes
A document prepared that lists the chronological sequence of all returned items is referred to as a(n):
Receiving log
This document, prepared and maintained by the receiving department, is a sequential listing of all receipts.
Receiving log
A source document prepared by the personnel in the receiving dock that documents the quantity and condition of the items received is called a(n):
Receiving report
Work steps that are internal controls within the business process would include:
Reconciling a cash register at the end of each day
A set of related fields is referred to as a:
Record
The authorization of sales returns requires that certain individuals within the company be assigned the authority for all of the following, except:
Record the Credit Memos
The AICPA Trust Services Principles categorizes IT controls and risks into categories. Which of the following is not one of those categories?
Recovery
Which of the process map symbols is used to show a task or activity in the process?
Rectangle
A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent any task or function performed is a(n):
Rectangle with rounded corners
Which of the following advantages is least likely to be experienced by a company implementing an enterprise resource planning (ERP) system?
Reduced cost
IT systems permit or allow all of the following except:
Reduced internal security measures.
The advantages and disadvantages of modular implementation are:
Reduces the risks associated with installation and operation of the system, but full system integration is not available.
Many IT systems have redundant data storage such that two or more disks are exact mirror images. This is accomplished by the use of:
Redundant arrays of independent disks
Each of the following is an online privacy practice recommended by the AICPA Trust Services Principles Privacy Framework except:
Redundant data should be eliminated from the database.
The Sarbanes-Oxley act was passed in 2002 as a Congress's response to the many situations of fraudulent financial reporting discovered during 2001. The intention of the Act was:
Reform accounting, financial reporting, and auditing functions of companies that are publicly traded
The difference between a general authorization and a specific authorization is that with a general authorization, a transaction is allowed if it falls within specified parameters, whereas with a specific authorization, explicit authorization is needed for that singe transaction to be completed
True
The differentiating factor between B2C and B2B is where B2C might purchase two books; a B2B purchase might involve ten thousand books.
True
The exact steps in the SDLC and/or their sequence are not as important as is the need to formalize and conduct those steps completely and consistently.
True
The existence of good internal controls do not ensure high sales and profits.
True
The face-to-face nature of an interview is advantageous due to the fact that the interviewer can clear up any misunderstandings as they occur and can follow up with more questions, depending on the response of the interviewee.
True
The form authorization and control includes the requirement that source documents should be prenumbered and are to be used in sequence
True
The intent of an ERP (enterprise resource planning) system is to provide a single software application for revenue, expenditures, conversion, and administrative processes.
True
The internal control activity, related to the authorization of transactions, requires that only specific individuals within the company should have the authoritative responsibility for establishing sales prices and credit terms.
True
The last step of the systems analysis phase is to prepare a systems analysis report that will be delivered to the IT governance committee.
True
The longer the encryption key is bits, the more difficult it will be to break the code
True
The longest and most costly part of the SDLC is the operation and maintenance.
True
The most common method for decision makers to reduce information risk is to rely on information that has been audited by an independent party.
True
The most common method for detecting occupational fraud is a tip - from an employee, a customer, vendor, or anonymous source
True
The most effective measure to prevent management fraud is to establish a professional internal audit staff that periodically checks up on management and reports directly to the audit committee of the board of directors
True
The organization should institute procedures to insure that all customer data collected retains accuracy, is complete, is current, is relevant, and is reliable".
True
The paymaster should be independent from the departmental supervision responsibilities, so that it can be determined that the paychecks are being distributed to active employees.
True
The payroll process starts when an employee is hired by the organization.
True
The purpose of observation in the system survey is to enable the project team to gain an understanding of the processing steps within the system.
True
The real-time nature of processing decreases the total processing time and allows more immediate feedback to management.
True
The remittance advice sent by the customer with the related payment is used by the vendor to properly apply the payment to the customer's account.
True
The remoteness of information, one of the causes of information risk, can relate to geographic distance or organizational layers.
True
The research and development effort is part of the planning process rather than the operations process.
True
The rethinking and designing that occur during business process reengineering are aided by the use of information technology
True
The risk related to confidentiality category of Trust Principles is that confidential information about the company or its business partners may be subject to unauthorized access during its transmission or storage in the IT system
True
The role of the auditor is to analyze the underlying facts to decide whether information provided by management is fairly presented.
True
The strength of Peoplesoft is the human resources aspects of an organization.
True
The supply chain may be larger at either or both ends as more than one vendor may supply the same materials and more than one customer may purchase the finished products.
True
The tone at the top of the organization tends to flow through the entire organization and affects behavior at all levels
True
The use of a blind purchase order forces the receiving clerk to perform an independent check of the quantity and quality of the delivery.
True
The use of dual firewalls - one between the internet and the web server and one between the web server and the organization's network - can help prevent unauthorized from accessing the organization's internal network of computers
True
The use of estimates when accounting for fixed assets requires that the estimates may need to be changed as time passes and new information is discovered.
True
The use of generalized audit software is especially useful when there are large volumes of data and when there is a need for accurate information.
True
The use of passwords to allow only authorized users to log into an IT system is an example of a general control
True
The user ID and password for a particular user should not allow access to the configuration tables unless that user is authorized to change the configuration settings
True
The workstations and the network cabling and connections represent spots were an intruder could tap into the network for unauthorized access
True
Those who handle cash should not have access to the related accounting records.
True
Tier one includes software often used by large, multinational corporations.
True
Tier two describes software used by midsize businesses and organizations.
True
To "drill down" is the process of successive expansion of data into more detail, going from high- level data to successively lower levels of data.
True
To database user, the question of how or where data is stored continues to be less important.
True
To increase the effectiveness of login restrictions, user Ids must be unique for each user
True
To set a proper ethical tone, top managements should measure several factors of managerial performance without over-emphasizing profitability or cost cutting.
True
To the extent possible, IT systems should be installed in locations away from any location likely to be affected by natural disasters
True
To verify the accuracy of application software, an organization should be sure the software is tested before it is implemented and must regularly test it after implementation
True
Tools commonly used in data mining are OLAP, ROLAP, and MOLAP.
True
Unauthorized access is a concern when an IT system is networked to either internal networks or the Internet
True
Using a unique service set identifier (SSID) makes it more difficult for an outsider to access the wireless network
True
What a customer refers to as a purchase order is referred to as a sales order by the vendor.
True
When an automated matching system is used, all of the relevant files must be online (or in databases). The system can then access the online purchase order and receiving files and check the match of items, quantities, and prices.
True
When an organization uses a separate checking account to handle payroll transactions, it is easier to account for the payroll transactions and to distinguish them from cash disbursements for other business purposes.
True
When files are organized as sequential access, and the user needs to access record number 250, the previous 249 records will be read by the computer before reading record number 250
True
When management does not act ethically, fraud is more likely to occur
True
When preparing the cash disbursement journals, it is important that the records have the actual date of cash disbursement, as is shown on the check.
True
When the IT governance committee uses both the strategic match and the feasibility study, they will be better able to prioritize proposed changes to the IT systems.
True
When the company is a vendor, goods flow into the company and cash is paid out.
True
When top management behaves ethically and encourages ethical behavior, there are usually fewer cases of frauds, errors, or other ethical problems.
True
While it is not necessary to hire a consulting firm, many organizations find that the special expertise of consulting firms is most beneficial in the design and implementation of accounting system software.
True
While there is no requirement to disclose a privacy policy on a website, it is an ethical obligation to disclose and follow the policy.
True
Within an ERP system unauthorized access to a purchase module could trigger a related unauthorized payment within accounts payable.
True
XML is a rich language that facilitates the exchange of data between organizations via web pages.
True
Y2K compatibility issues arose because computers kept dates in mm/dd/yy type formats.
True
An output of the accounting system that can be used as an input in a different part of the accounting system is referred to as:
Turnaround document
A flat file database has:
Two dimensions, rows and columns.
Relational databases are:
Two-dimensional tables which can be joined in many ways.
This type of question is completely open ended, and the respondent is free to answer in any way that he/she feels addresses the question.
Unstructured Question
Which of the following controls is not normally performed in the accounts payable department?
Unused purchase orders and receiving reports are accounted for.
The business processes that are common in company-to-company sales business types include all of the following, except:
Update affected records, such as accounts payable and cash
An enterprise resource planning (ERP) system would:
Update both accounts payable and inventory when purchased goods are received from a vendor.
The last event to occur in the purchase return process is:
Update inventory records
The custody responsibilities for cash receipts includes all of the following, except:
Updating accounts receivable records
Activities involved with the fixed assets continuance phase of the fixed assets processes include all of the following, except:
Updating depreciation prior to the disposal of fixed assets
The AICPA's Trust Services Principles practice that states the organization should use customers' personal data only in the manner described in "notice" is under the title of:
Use and retention
Independent checks on the performance of others is one of the categories of internal control. These independent checks would include all of the following, except:
Use of appropriate ID to enter restricted areas
Fraud associated with the capital and investment process is:
Usually related to management fraud.
Which of the following statements, related to a business process, is not a true statement?
Usually takes a long-period of time to complete
Capital is/are the funds:
Utilized to acquire long-term assets
The Internet:
Utilizes the World Wide Web as a backbone.
There are many risks that may affect the payroll and fixed asset transactions. Which of the following is not one of those risks?
Valid expenditures recorded properly by the wrong employee.
This type of input validation check examines a field to ensure that the data entry in the field is valid compared with a preexisting list of acceptable values
Validity Check
In entering client contact information in the computerized database of a telemarketing business, a clerk erroneously entered nonexistent area codes for a block of new clients. This error rendered the block of contacts useless to the company. Which of the following would most likely have led to discovery of this error into the company's computerized system?
Validity check
Which of the following items is not one of the source document controls?
Validity check
Because it can be expensive to develop and maintain a system that links two companies directly, the companies often use a third-party network. This third-party network provides other valuable services such as translation and encryption of the EDI data and authentication of a valid and authorized training partner. These third-party networks are called:
Value Added Networks
Internal reports of financial information:
Vary by the user.
Which of the following is NOT generally an area of measure in a balanced scorecard?
Vendor
The review of amounts charged to the company from a seller that it purchased from is called a:
Vendor audit
The expected cost based on projections of a product's required resources which includes direct materials, direct labor and overhead is referred to as:
Standard costs.
Which of the following is not a part of general accepted auditing standards?
Standards of Information Systems
The careful and responsible oversight and use by management of the assets entrusted to management is called:
Stewardship
The careful and responsible oversight and use of the assets entrusted to management is referred to as:
Stewardship
The careful and responsible oversight and use of the assets entrusted to management is called:
Stewardship
Capital funds are acquired through the issuance of:
Stocks and/or bonds.
Equity is considered:
Stocks.
The internal control process of requiring physical controls in the warehouse and receiving areas, in order to limit access to inventory items, will help to minimize the risk of:
Stolen goods
The internal control process that requires physical controls in the warehouse and shipping areas with access to inventory helps to minimize the risk of:
Stolen goods
The internal control process that requires the performance of end of period review to determine whether purchases are recorded in the proper period will help to minimize the risk of all of the following EXCEPT:
Stolen goods
Which of the following terms relates to the control of materials being held for future production?
Stores
The process of determining the strategic vision for the organization, developing the long-term objectives, creating the strategies that will achieve the vision and objections, and implementing those strategies is referred to as:
Strategic Management
The purpose of this item is to maintain the detailed information regarding routine transactions, with an account established for each entity
Subsidiary Ledger
The main difference between substantive testing and controls testing is:
Substantive testing verifies whether information is correct, whereas control tests determine whether the information is managed under a system that promotes correctness.
Suppose that during the planning phase of an audit, the auditor determines that weaknesses exist in the client's computerized systems. These weaknesses make the client company susceptible to the risk of an unauthorized break-in. Which type of audit procedures should be emphasized in the remaining phases of this audit?
Substantive tests
The auditor's test of the accuracy of monetary amounts of transactions and account balances is known as:
Substantive tests
All of the following are types of integration strategies utilized by an ERP system except:
Supply Chain Integration
The organization and control of all materials, funds, and related information in the logistics process, from the acquisition of raw materials to the delivery of finished products to the end user is referred to as:
Supply Chain Management
The entities, processes, and information flows that involve the movement of materials, funds, and related information through the full logistics process, from the acquisition of raw materials to the delivery of the finished products to the end use is a set of linked activities referred to as:
Supply chain
In order to protect data files, production programs, and accounting records from unauthorized access, each of the following may be used, except:
Surveillance cameras
In order to help safeguard the availability in an electronic business environment, a company should implement controls such as business continuity planning, backup data and systems, in order to reduce the risk of:
System failures
Accountants and auditors are less likely to use which of the following system documentation methods?
System flowcharting
Systems professionals in the design and maintenance of IT systems use this documentation method
System flowcharting
This method of system documentation is intended to show the entire system, including inputs manual and computerized processes, and outputs
System flowcharting
A process map shows a circle with a letter or number in the middle. This symbol is used to show:
That there is a break in the process
Which of the following statements related to the COSO report is false?
The COSO report has not been updated since it was issued in 1992
When there is a difference between the inventory records quantity and the physical count of inventory:
The difference is resolved through inventory reconciliation.
The term "operations" is commonly used to refer to:
The main function of the business.
Which of the following ERP approaches accomplishes the ERP implementation beginning with one department?
The modular implementation approach
Which of the following is NOT one of the reasons for increased spending on ERP systems in recent years?
The need for earnings management
The conversion process is initiated when the company recognizes:
The need to conduct operations.
Most companies can justify the use of specialized asset management software programs instead of the spreadsheets or traditional manual systems for all of the following reasons, except:
The number of different methods of accounting for depreciation
Which of the following is not true of unethical behavior?
The only category of unethical behavior for accountants is inflating revenue
In inventory systems, when the actual quantity and the accounting records quantity are compared it is referred to as:
The physical inventory reconciliation.
Overhead includes all of the following except:
The president's salary.
Auditors should develop a written audit program so that:
The procedures will achieve specific audit objectives related to specific management assertions.
Within the purchases processes, which of the following is the first document prepared and thereby the one that triggers the remaining purchasing processes?
The purchase requisition
Within cash disbursements, all of the following should be true before a check is prepared, except that:
The purchased goods have been used.
Which of the following events would not constitute the start of the purchasing process?
The purchasing manager receives a shipment of raw materials that she had ordered.
Which of the following is not a main characteristic of client-server system?
The client does not participate in the processing or data manipulation
Characteristics of a client-server system include all of the following except:
The client normally stores the large database
A company must have systems in place to take care of all activities related to both routine and non-routine processes. The activities would include all of the following, except:
Review
Which of the following internal controls wold help prevent overpayment to a vendor or duplicate payment to a vendor?
Review and cancellation of supporting documents after issuing payment.
Which of the following was NOT listed as a procedure to accomplish independent checks?
Review of auditing procedures
Which of the following reviews would be most likely to indicate that a company's property, plant, and equipment accounts are not understated?
Review of the company's repairs and maintenance expense accounts.
AICPA Trust Principles describe five categories of IT risks and controls. Which of these five categories would be described by the statement, "The system is protected against unauthorized access"?
Security
The main risk related to this category of Trust Services Principles is unauthorized access
Security
Controls meant to prevent the destruction of information as the result of unauthorized access to the IT system are referred to as:
Security controls
The AICPA's Trust Services Principles practice that states that the organization has the necessary protections to try to insure that customer data is not lost, destroyed, altered, or subject to unauthorized access is under the title of:
Security for privacy.
A new technology that is used to authenticate users is one that plugs into the USB port and eliminates the need for a card reader. This item is called a:
Security token
One of the most critical controls to prevent theft of inventory purchased is to:
Segregate inventory custody from inventory record keeping.
If an accounting supervisor were allowed to hire employees, approve the hours worked, prepare the paychecks, and deliver the paychecks, which of the categories of control activities would be violated?
Segregation of duties
An extra digit added to a coded identification number, determined by a mathematical algorithm is called a:
Self-Checking Digit Check
Data collected would be all but the:
Selling company's name.
Ethical issues associated with data collection and storage include all of the following EXCEPT:
Selling non-sensitive information only to trusted agents.
Disposing of a fixed asset could include all of the following methods, except:
Sending it to another department.
Which of the following is not a major purpose served by the continual and proper use of the IT governance committee and the SDLC?
The conversion of the system
This type of input check ensures that the batch of transactions is sorted in order, but does not help to find the missing transactions
Sequence Check
Batch Processing correlates mostly to which of the following data storage techniques?
Sequential Access
The organization of files in a computer system normally uses one of two different access methods. The access method where the files store records in sequence, with one record stored immediately after another, is referred to as:
Sequential Access
Magnetic tape storage medium allows:
Sequential access storage with sequential data processing.
Storage media and methods of processing are:
Sequential and random access storage with batch and real time data processing.
Select the true statement from the following:
Servers may contain shared files and resources.
A company that wishes to buy cloud computing services enters into an agreement with a cloud computing provider. This agreement is called a:
Service Level Agreement (SLA)
This security feature, used on wireless networks, is a password that is passed between the sending and receiving nodes of a wireless network
Service set identifier
A field is a (n):
Set of characters.
Manufacturing companies implement ERP systems for the primary purpose of
Sharing information
The purpose of tracing shipping documents to prenumbered sales invoices would be to provide evidence that:
Shipments to customers were properly invoiced.
A chronological listing of shipments that allows management to track the status of sales and to answer customer inquiries regarding order status is called a(n):
Shipping Log
The use of electronic data interchange (EDI) to conduct sales electronically has both risks and benefits. Which of the following is a benefit of EDI, rather than a risk?
Shorter inventory cycle time
Which of the following is NOT a piece of relevant information that should be entered into the fixed asset subsidiary ledger upon the acquisition of a fixed asset?
The seller of the fixed asset
All of the following are classifications of inventory EXCEPT:
Sold goods
The use of employee prepared time cards and the entering of the time worked by the payroll department is a good example of which type of input method for AIS?
Source Documents and Keying
This method of input for AIS is considered to be time consuming and error prone due to the human effort required to write in some document and to manually key in the data:
Source Documents and Keying
The paper form used to capture and record the original data of an accounting transaction is called a(n):
Source document
The record that captures the key data of a transaction is called:
Source document
Which of the following correctly states the order of steps in a manual accounting system?
Source documents, Journals, Ledgers, Reports
The processes that authorize the raising of capital, execute the raising of capital, and properly account for that capital are called:
Source of capital processes
The internal control activities within the purchasing process, related to authorization of transactions, would include which of the following?
Specific individuals should be given authoritative responsibility for preparing purchase requisitions and purchase orders which would include which items to purchase, how many items, and which vendor.
Which of the following is NOT a responsibility given to the individuals making purchases for the company?
Specifying the order and sequence of payments to vendors.
Which of the following is generally an external computer fraud, rather than an internal computer fraud?
Spoofing
A Data Flow Diagram is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. The symbol used to represent both sources and destinations of data is a(n):
Square with squared corners
Data is
The set of facts collected from transactions.
The disadvantages to real-time processing include:
The single database that is shared is more susceptible to unauthorized access
Real-time data item processing is more complex because:
There is duplication of effort in processing transactions.
The expanded SDLC presented in the textbook expands the processes within the system design phase. This is necessary because:
There is usually more than one software or system type that will meet the needs of the organization.
The fixed assets owned by a company are considered to be long-term because:
They are purchased with the intent of benefitting the company for a long period of time.
Which of the following is not one of the disadvantages of maintaining the legacy systems?
They are well supported and understood by existing personnel
Which of the following is not a disadvantage of maintaining legacy systems?
They contain invaluable historical data that may be difficult to integrate into newer systems
The internal control activity related to the adequate records and documents, related to sales, includes which of the following?
Those responsible for recording sales should ensure that the supporting documentation is retained and organized.
The matching of a purchase order to the related receiving report and invoice is known as:
Three-way match
SAP and PeopleSoft are part of which market segment of accounting software?
Tier 1 ERP Segment
The type of ERP system used by large, multinational corporations is known as
Tier one software
It is necessary for employees to maintain adequate records of the hours worked and the projects worked on. The record of hours worked by an employee for a specific payroll period is reported on a document called:
Time sheet
Which of the following correctly lists activities of the Payroll Process in chronological order?
Time sheet submitted by employee; time sheet approved; paycheck signed by management; update General Ledger
Internal control activities within the payroll process, identified as independent checks and reconciliations, would include which of the following?
Time sheets reconciled with the payroll register.
Source documents are usually preprinted and sequentially prenumbered. Which of the following is not one of the reasons for this prenumbering and preprinting?
To be sure that all of the documents have been recorded
The reasons to store customer names, addresses, and other similar information include all but:
To create financial reports.
There are a number of reasons that all access to an IT system be logged. Which of the following is not one of the reasons for the log to be maintained?
To establish a user profile
Select the correct statement from the following.
To review the purchases from a vendor inspect the purchases journal, to determine inventory levels of a specific item inspect the subsidiary ledger for inventory.
Which of the following statements is true regarding internal controls of capital and investment processes?
Top management fraud, rather than employee fraud, is more likely to occur.
The transactions and resulting processes related to loans, bonds payable, and stock should be executed only when
Top management or the board of directors authorize them.
In meeting the control objective of safeguarding of assets, which department should be responsible for distribution of paychecks ad custody of unclaimed paychecks, respectively? Distribution of Custody of Paychecks Unclaimed Paychecks
Treasurer Treasurer
Immediately upon receiving checks from customers in the mail, a responsible employee working in an environment of adequate internal control should prepare a listing of receipts and forward it to the company's cashier. A copy of this cash receipts listing should also be sent to the company's:
Treasurer for comparison with the monthly bank statement.
The officer within a corporation that usually has oversight responsibility for investment processes is the
Treasurer.
Which of the following, within the corporation, has the responsibility for making investment decisions?
Treasurer.
Accounting software was often not available in the early days of computers which required that the organization would develop, program, and implement their in-house accounting software.
True
Adapting to fair value measures in the preparation of IFRS-based financial statements will likely cause auditors to evaluate supporting evidence differently than if US GAAP was used.
True
Administrative processes are transactions and activities that either are specifically authorized by top managers or are used by managers to perform administrative functions.
True
Although there is no direct benefit, in terms of cash received, when a fraudster engages in earnings management, it is still unethical because it results in the falsification of the company's financial statements.
True
An alternative to batch processing is the use of electronic timekeeping devices, such as time clocks or badge readers.
True
An auditor cannot make informed decisions necessary to complete the audit without an understanding of the accounting information system
True
An enterprise resource planning (ERP) system allows a sales representative to provide the date that inventory for sale will be received from a vendor to a customer upon order placement.
True
An enterprise resource planning (ERP) system integrates all business processes and functions into a single software system using a single database.
True
An entire record forms a "database."
True
An example of good internal control is having one person responsible for the value of the total of the sales in the sales journal and another person responsible for the balance of sales in the general ledger.
True
An organization must maintain procedures to protect the output from unauthorized access in the form of written guidelines and procedures for output distribution
True
Any professionally trained accountant is able to perform an operational audit.
True
Application controls are intended to ensure that inputs and processing are accurate and complete and that outputs are properly distributed, controlled, and disposed
True
As the result of promotions or job changes, an employee may have different access or authorizations. Because of this, it is important that a company review user profiles and make changes to access and authority levels.
True
Auditors do not need to be experts on the intricacies of computer systems but they do need to understand the impact of IT on their clients' accounting systems and internal controls
True
Based on each employee's user profile, audit trails can be constructed and reported which employees initiated or conducted individual processes.
True
Batch processing is best suited to applications that have large volumes of similar transactions that can be processed as regular intervals
True
Batch processing is best suited to sequential access files
True
Batch processing occurs when similar transactions are grouped together, and that group is processed as a batch.
True
Because the evaluated receipts settlement process relies heavily on an IT system that can quickly access online purchase-order files, a system slowdown could halt all receiving activity.
True
Because the point-of-sale systems are not normally connected to outside trading partners, they pose fewer risks related to security and confidentiality than e-commerce or EDI systems.
True
Because the users of reports need the reports on an ongoing basis as part of their jobs, it is critical to have user feedback in the design of the details of the output reports.
True
Because there is no such thing as a standard cloud, it is not possible to standardize a risk assessment process and audit procedures for a cloud computing environment.
True
Business process reengineering (BPR) is the purposeful and organized changing of business processes to make them more efficient.
True
Business process reengineering means tailoring both the business process to IT and the IT process to the business process for best functionality and processing.
True
Business process reengineering should leverage the capabilities of information technology to improve the efficiency of business processes
True
CRM is a term for software solutions that help businesses manage customer relationships in an organized way.
True
Cash should be periodically verified by comparing the cash balance with the bank statement.
True
Cloud computing results in greater availability, but also requires greater security and processing integrity.
True
Collusion between employees is one of the easiest frauds to detect and prevent.
True
Collusion can make it much easier to commit and conceal a fraud or theft, even when proper internal controls are in place
True
Complete, up-to-date, and accurate documentation on production orders is needed to support the conversion process.
True
Computer logs should be maintained in order to have a complete record of who used the system and the histories of that use. This computer log would allow monitoring and identification of unauthorized accesses or uses.
True
Computer systems increase the efficiency and effectiveness of an organization but also increase their vulnerability
True
Computer-aided manufacturing (CAM) involves the complete automation of the production process, including the full replacement of human resources with computers.
True
Computer-assisted audit techniques are useful audit tools because they make it possible for auditors to use computers to audit large amounts of evidence in less time.
True
Concurrency means that all of the multiple instances of the same data are exactly alike.
True
Conflicting abilities are also referred to as incompatible duties.
True
Controlling access to the operating system is critical because that access opens access to any data or program within the system
True
Controls over cash collections are likely the most important control procedure because cash is the asset most susceptible to theft and misappropriation.
True
Controls will help to reduce risks, but it is impossible to completely eliminate risks
True
Corporate governance policies and procedures must be in place to assure that funds are expended only to the benefit the organization and its owners.
True
Customer fraud is a common problem for companies that sell merchandise online
True
Customizing an ERP system should be limited due to cost and upgrading to the system in the future.
True
Data in the data warehouse are called nonvolatile because they do not change rapidly in the same way that operational data change
True
Data must be collected to complete a transaction such as a sale.
True
Detailed customer accounts should be maintained and reconciled with customer statements regularly.
True
Diligent adherence to the SDLC process, by management, is part of fulfilling its ethical obligations of stewardship and fraud prevention.
True
Discussing the strength of encryption refers to how difficult it would be to break the code
True
Due to management's responsibility to monitor operations by examining reports that summarize the results of operations, it is necessary that the system provide timely and accurate information
True
ERP II has additional modules including customer relationship management and supply chain management for enhanced e-commerce transactions.
True
ERP implementation regarding IT infrastructure benefits include building business flexibility for current and future changes
True
ERP systems are based on a relational database system
True
ERP systems are built to interact with the IT systems of trading partners such as customers and suppliers.
True
ERP systems can grow with the business.
True
ERP systems such as SAP normally post their financial transactions in real-time for current information through all of the appropriate modules.
True
Each organization has to decide which combination of IT controls is most suitable for its IT system, making sure that the benefits of each control outweigh its costs
True
Early MRP applications utilized sales forecasts to compute material requirements for production.
True
Earnings management is the act of misstating financial information in order to improve financial statement results.
True
Employees who hack into computer networks are often more dangerous because of their knowledge of company operations
True
Even if a firm is a service or sales firm it may conduct some sort of manufacturing operation.
True
Even though a company has an obligation to pay for goods as soon as the goods are received, it is common to not record the actual liability until the invoice is received.
True
For a number of different reasons, a company may find it necessary to reject goods received which will start the purchase returns process.
True
For both source of capital processes and investment processes, the important control is the specific authorization and oversight by top management.
True
General controls apply to the IT accounting system and are not restricted to any particular accounting application
True
HIPs, or high-impact processes, are the critically important processes that must be executed correctly if the organization is to survive and thrive.
True
HTML has evolved over the years to increase functionality and security.
True
IT and business process reengineering have mutually enhancing relationships. The business processes should be supported by the IT capabilities.
True
IT systems are to be chosen and implemented to support the attainment of strategies and objectives
True
If a new cost is incurred related to an asset that is considered to enhance that, either by extending the useful life or increasing the efficiency, the fixed asset accountant must make sure the appropriate adjustments are made to the fixed asset subsidiary ledger.
True
If a sales order comes from a new customer, it is necessary to evaluate the creditworthiness of that customer before the sale is approved.
True
If an organization has the policy of allowing employees to work from home via telecommunications, they could be opening themselves up to an opportunity for a hacker to break-in to their network
True
If real-time processing is to occur, database records must be stored on random access media.
True
In a properly segregated IT system, no single person or department should develop computer programs and also have access to data that is commensurate with operations personnel
True
In centralized data processing the processing and the databases are stored and maintained in a central location.
True
In distributed data processing (DDP) and distributed databases (DDB), the processing and the databases are dispersed to different locations of the organization.
True
In most cases, a fraud will include altering accounting records to conceal the fact that a theft has occurred
True
In order to enhance controls, reconciliations should be performed by company personnel who are independent from the tasks of initiating or recording the transactions with the accounts being reconciled.
True
In order to gain a complete understanding of the system under study, the project team should seek the opinions and thoughts of those who use the system in addition to observation and documentation review.
True
In order to meets it obligation of corporate governance, the board of directors must oversee IT.
True
In order to properly carry out an audit, accountants collect and evaluate proof of procedures, transactions, and / or account balances, and compare the information with established criteria.
True
In the case of a manual accounting system, an approved journal voucher must be forwarded to the general ledger department before transactions can be recorded.
True
In the case of high-dollar assets, there should be a strict approval process that requires the authorization of top management or the initiation of the capital budgeting procedures.
True
In the detailed design phase, all of the individual steps within a process must be identified and designed.
True
Independent reconciliation of the periodic inventory counts and the inventory ledger and the general ledger will help to assure that inventory is being properly accounted for.
True
Industrial espionage can occur with or without the use of a computer
True
Information is the interpretation of data that have been processed.
True
Information risk is the chance that information used by decision makers may be inaccurate.
True
Internal controls over sales returns are similar to those for the revenue process where it is important to match receiving reports for returns with the related credit memos to ensure that the company issues credit for all returns for the correct amounts.
True
Inventory warehousing involves managing the holding area for finished goods awaiting sale.
True
It is common that personnel related expenses are one of the largest expenses reported on the company's income statement.
True
It is essential that accountants oversee the data conversion from the old system to the new system to make sure that all accounting data is completely and correctly converted.
True
It is important for accountants to consider possible threats to the IT system and to know how to implement controls to try to prevent those threats from becoming reality
True
It is important for accountants to have some understanding of basic computer terminology
True
It is important to understand that the IT governance committee delegates many of its duties by the policies that it develops
True
It is likely that the IT governance committee will go back through the phases of the SDLC to design new and improved IT systems.
True
It is necessary for a company to consider the risks of its system to determine whether the costs of implementing a control procedure are worthwhile in terms of the benefits realized from the control.
True
It is necessary that managers remember that they are stewards of funds expended by a business - that the funds are not owned by the managers.
True
It is necessary to identify the "entry points" in the IT system that make an organization susceptible to IT risks
True
It is not always possible to avoid all mistakes and frauds because there will always be human error, human nature, and it is not always cost-effective to close all the holes
True
It is not necessary to get specific authorization for each individual routine transactions.
True
It is not possible to have an internal control system that will provide absolute assurance
True
Just-in-time (JIT) production systems are concerned with minimizing or eliminating inventory levels of all inventory items.
True
Location-wise implementation and pilot implementation are both considered methods of implementation.
True
MRP II systems let vendors track customer inventory levels and trigger inventory shipments when prearranged levels are met.
True
Magnetic tape is a storage medium that allows only a sequential access type of storage.
True
Maintenance and control is concerned with maintaining the capital resources used to support production, including production facilities and other fixed assets.
True
Management assertions relate to the actual existence and proper valuation of transactions and account balances.
True
Management fraud is the intentional misstatement of financial information and may be difficult for auditors to find because the perpetrator will attempt to hide the fraud.
True
Management has an ethical obligation to create and enforce policies and practices which ensure that private customer data are not misused.
True
Management must examine feedback from the ERP system to assist in the proper management and control of operations and financial conditions.
True
Many IT systems do not use source documents; the input is automatic
True
Many companies use a tracking system for their fixed assets that would include applying a fixed asset tag, number, or label to the asset.
True
Most companies conduct business transactions with checks so that a written record is established for cash disbursements.
True
One advantage in the B2B e-business environment is that operations costs can be reduced through inventory reductions and efficiencies can be increased by location of nearby assets when needed.
True
One advantage to the use of questionnaires is that they an be answered anonymously, which allows the respondent to be more truthful without fear of negative consequences.
True
One characteristic that the Internet, intranets, and extranets have in common is that they are all networks that are intended for the sharing of information and the conducting of transactions.
True
One of the advantages of private cloud computing is expanded access
True
One of the greatest risks of ERP cloud systems is the potential service outage that might cause the system to be unavailable.
True
One of the reasons that management, not employees, initiates more unethical and fraudulent activities is that employees do not have access to much of the documentation needed to affect the event.
True
One of the sources of risk exposure related to telecommuting workers is that the company's network equipment and cabling becomes an entry point for hackers and unauthorized users
True
Online processing is best suited to situations where there is a large volume of records by only a few records are needed to process any individual transaction
True
Overtime hours are paid at a rate different from the regular hours, usually one and one-half times the standard rate.
True
Packet switching is the method used to send data over a computer network.
True
Payroll disbursements are to be authorized by the accounts payable department on the basis of the company's need to satisfy its obligation to its employees.
True
Payroll information includes personal information about employees, such as their pay rate and performance, and must be kept confidential.
True
Payroll outsourcing has become popular (and prevalent) become is offers increased convenience and confidentiality.
True
Physical controls should be in place in the company's storerooms, warehouses, and production facilities in order to safeguard the inventories held therein.
True
Preparing payroll manually is extremely time consuming due to the process of extracting all these inputs from the records and performing the mathematical computations.
True
Proper sales authorization control requires obtaining approval before processing an order and again before the order is shipped.
True
Real-time processing occurs when transactions are processed as soon as they are entered.
True
Record files related to sales can be organized by customer name or by the numerical sequence of the documents.
True
Redundancy is needed for servers, data, and networks.
True
Regardless of how effective and good the accounting system is, if top management is intent on falsifying financial statements by inflating revenue, they can usually find ways to misstate revenue.
True
Regardless of the results of the control testing, some level of substantive testing must take place.
True
Regional ISPs connect to the backbone through lines that have less speed and capacity than the backbone.
True
Risk assessment in cloud computing is particularly challenging because the threats to a company's data are uncontrolled, and often unforeseen, by the company.
True
Risk can be inherent in the company's business, due to things such as the nature of operations, or may be caused by weak internal controls.
True
Sales processes need supporting practices such as credit checks and stock authorization.
True
Scalability is one of the advantages of cloud-based databases. What this means is that as the company grows, they can easily purchase new capacity from the cloud provider.
True
Scalability, related to public cloud computing, refers to the fact that as a company can easily purchase new capacity from the cloud provider
True
Sequential access means that data are stored in sequential or chronological order.
True
Service firm internal reports are more likely to focus on sales and the status of projects.
True
In order to help safeguard the security and confidentiality in an electronic business environment, a company should implement controls such as user ID, password, log-in procedures, access levels, and authority tables in order to reduce the risk of:
Unauthorized access
The security and confidentiality risks of computer based matching would include:
Unauthorized access to the system's ordering and matching functions would allow the insertion of fictitious vendors and / or invoices.
There are a number of ways that frauds may be carried out to try to receive excess compensation. Which of the following is not one of those methods?
Understatement of job related expenses
Since the sale of goods in an ERP system may automatically trigger more production, which in turn would trigger the purchase of raw materials there is a significant need to ensure that these integrated processes are triggered at the correct time and in the correct amounts.
True
Software should never be implemented before it is tested.
True
Standard costs are expected costs based on projections of a product's required resources.
True
Standard costs include direct materials, direct labor, and overhead. \
True
Subsidiary ledgers maintain the detail information regarding routine transactions, with an account established for each entity.
True
Supply Chain Management integrates supply and demand management within and across companies.
True
Systems operators and users should not have access to the IT documentation containing details about the internal logic of computer systems.
True
The AICPA Trust Services Principles state that the customer should be given the choice regarding the collection and retention of data.
True
The ERP system can incorporate a matrix of tasks that are compatible.
True
The IT governance committee should constantly assess the long-term strategy of the company and determine the type of IT systems to purchase, develop and use.
True
The Sarbanes-Oxley Act has placed restrictions on auditors by prohibiting certain types of services historically performed by auditors for their clients.
True
The VPN, virtual private network, uses the internet and is therefore not truly private - but is virtually private
True
The accounting information system is often the tool used to commit or cover up unethical behavior
True
The accounts payable department keeps copies of purchase orders and receiving reports, that will be compared to the related invoice, to be sure that the invoices represent goods that were ordered and received.
True
The acquisition of fixed assets is normally initiated by a user department when they identify a need for a new asset, either to replace an existing asset or to enhance its current pool.
True
The acronym COBIT stands for Control Objectives for Information Technology, an extensive framework of information technology controls developed by Information Systems Audit and Control Association
True
The analysis phase is the critical-thinking stage of systems analysis.
True
The assigning of access and authority for a specific user ID is referred to as a user profile.
True
The authorization of a cash disbursement occurs when the accounts payable department matches the purchase order, receiving report, and the invoice, and then forwards the matched documents to the cash disbursements department.
True
The closer the source document matches the input screen, the easier it will be for the data entry employee to complete the input screen without errors
True
The common term for business-to-consumer e-commerce is B2C. The common term for business-to-business electronic sales is B2B.
True
The controls discussed in the chapter, related to safeguarding assets within the expenditures process and ensuring the accuracy and completeness of expenditure processes, help to enhance corporate governance structure.
True
A battery to maintain power in the event of a power outage meant to keep the computer running for several minutes after the power outage is an example of a(n):
Uninterruptible power supply
The letter UPC, when relating to bar codes, stands for:
Universal Product Code
Five different components of the accounting system were presented in the textbook. Which of the following is not one of those components?
Work steps assure that all business processes are recorded using computer-based procedures
A small piece of program code that attaches to the computer's unused memory space and replicates itself until the system becomes overloaded and shuts down is called: A. Infections
Worm
Subsidiary ledgers:
Would contain the detailed information of a customer's account.
IT governance includes all but which of the following responsibilities?
Writing programming code for IT systems
An extensible markup language designed specifically for financial reporting is:
XBRL
Select the correct statement from the following.
XML is extensible markup language while XBRL is extensible business reporting language.
An example of Cash receipts fraud would include:
an employee steals checks collected from customers
The term "ghost employee" means that:
someone who does not work for the company receives a paycheck.
Which of the following URL's would indicate that the site is using browser software that encrypts data transferred to the website?
https://misu
Auditors should perform this type of test to determine the valid use of the company's computer system, according to the authority tables.
Authenticity tests
The supply chain:
Includes manufacturing facilities
Which of the following statements does not refer to a legacy systems?
Includes source documents, journals, and ledgers
OLAP tools include all of the following EXCEPT:
Inclusion reports.
Availability risks of e-commerce, or e-business, include all of the following, except:
Incomplete audit trail
The internal control process of requiring physical controls in place in areas where fixed assets are held, will help to minimize the risk of:
Incorrect amounts
The internal control process that requires purchase return records be matched with the original purchase documentation and verified for item descriptions, quantities, dates, and prices, will help to minimize the risk of:
Incorrect amounts
The separation of the responsibility for custody of cash from the responsibility for reconciling the bank accounts will help to minimize the related risk of:
Incorrect amounts
Types of fraud that may occur in the payroll function includes all of the following, except:
Incorrectly computed tax withholdings
If an organization's IT systems are not properly controlled, they may become exposed to the risks of:
All of the above
Immediate preparation of receiving reports for all actual receipts of goods helps to minimize the risk of:
All of the above
By maintaining a well-defined, complete chart of accounts, an organization minimizes the related risk of:
Amounts posted to wrong accounts
Select the true statement from those provided below.
An ERP system is designed to be a stand-alone software application to accomplish revenue, expenditures, conversion, and administrative processes.
Operation risks with an ERP system includes all of the following EXCEPT:
An unauthorized user can affect more processes in the legacy system.
This table contains a list of valid, authorized users and the access level granted to each one
Authority table
The software that accomplishes end user tasks such as work processing, spreadsheets, and accounting functions is called:
Application Software
This type of processing control test involves a comparison of different items that are expected to have the same values, such as comparing two batches or comparing actual data against a predetermined control total.
Balancing Tests
A printed code consisting of a series of vertical, machine readable, rectangular bars and spaces, that vary in width and are arranged in a specific ways to represent letters and numbers are referred to as:
Bar Coding
All of the risks and audit procedures that apply to a PC environment may also exist in networks, but the risk of loss of much lower.
False
XML:
Facilitates the exchange of data between organizations via web pages.
A backbone provider is an organization such as the National Science Foundation (NSF) which funded the Internet and/or the WWW.
False
A bill of materials lists both physical items and skill requirements needed to construct an item of inventory.
False
Advantages of an automated system includes all of the following, except:
Increased cost of the system.
Although it is uncommon, some companies maintain separate checking accounts that are used for payroll transactions.
False
An enterprise resource planning (ERP) system would update accounts receivable and inventory when purchased goods are received from a vendor.
False
An example of unstructured data would be customer telephone numbers.
False
An extranet is similar to an internet except that it offers access to a greater number of sites than a standard Internet or WWW connection.
False
An important requirement for CPA firms is that they must be personally involved with the management of the firm that is being audited.
False
An internal auditor is not allowed to assist in the performance of a financial statement audit.
False
Application controls apply to the IT accounting system and are not restricted to any particular accounting application
False
Approvals for each journal voucher are specific authorizations.
False
There are different ways to issue a purchase order to a vendor. Which of the following is not one of the ways?
Hard copy by hand
Cleansed or scrubbed data:
Has had errors and problems fixed.
Which of the following describes a mathematical sum of data that is meaningless to the financial statements but useful for controlling the data and detecting possible missing items?
Hash Total
The totals of fields that have no apparent logical reason to be added are called:
Hash Totals
Which control total is the total of field values that are added for control purposes, but not added for any other purpose?
Hash total
Which of the following would be a correct way to compute the gross pay for an employee?
Hours Worked times Authorized Pay Rate
The function of this committee is to govern the overall development and operation of IT systems
IT Governance Committee
When companies rely on external, independent computer service centers to handle all or part of their IT needs it is referred to as:
IT Outsourcing
The security of having cash receipts deposited in the bank on a daily basis will help to minimize the related risk of:
Lost or stolen cash
An example of a one-to-one relationship would be:
One customer, one billing address.
An ERP system uses:
One database which contains all data items associated with the organization.
An example of a one-to-many relationship would be:
One employee, three timecards for the pay period.
Proper IT controls will NOT:
Prevent an employee from sharing his password.
Firewalls:
Prevent external users from accessing the extranet or intranet.
This type of control is designed to avoid errors, fraud, or events not authorized by management
Prevention
Related audit tests to review the existence and communication of company policies regarding important aspects of IT administrative control include all of the following, except:
Prevention of unauthorized access
The advantages of e-commerce, or e-business, include all of the following, except:
Repudiation of sales transactions
All ERP vendors have developed cloud-based ERP products.
True
All types of auditors should have knowledge about technology-based systems so that they can properly audit IT systems.
True
Although accountants are heavily involved in the creation, implementation, and monitoring of the control structure, management has the ultimate responsibility to establish a control environment
True
Amounts withheld from an employee paycheck will ultimately be paid to another vendor.
True
An entire set of files is a database.
True
Which of the following is NOT an objective of IT usage to support business processes?
Increased data to use in the data analytics process
An IT system that uses touch screens, bar coded products, and credit card authorization during the sale is called a(n):
Point of sales system.
An IT system that uses touch-screen cash registers as an input method is called:
Point-of-sale system
A review of the feasibility assessments and other estimates made during the projects, the purpose of which is to help the organization learn from any mistakes that were made and help the company avoid those same errors in the future.
Post-Implementation Review
Which of the following steps within the systems implementation phase could not occur concurrently with other steps, but would occur at the end?
Post-implementation review
Which of the following statements regarding the authorization of general ledger posting is NOT true?
Posting to the general ledger always requires specific authorization.
(Magnetic) Disk storage is:
Preferred over magnetic tape storage.
The purpose of this step in the systems analysis phase is to determine whether the problem or deficiency in the current system really exists and to make a "go" or a "no-go" decision.
Preliminary Investigation
Independent auditors are generally actively involved in each of the following tasks except:
Preparation of a client's financial statements and accompanying notes.
Which of the following activities is an inventory control activity?
Routing
A file is a:
Row within a record.
Important characteristics of electronic data interchange (EDI) include all of the following, except:
Sales register is used to record all transactions.
External reports do not include:
Sales reports.
Select the answer that contains only internal reports.
Sales, inventory, aged receivables.
Because it is not possible to test all transactions and balances, auditors rely on this to choose and test a limited number of items and transactions and then make conclusions about the
Sampling
The purpose of this 2002 act was to improve financial reporting and reinforce the importance of corporate ethics
Sarbanes-Oxley Act
Which of the following is not one of the approaches used to achieve the management of an IT control framework?
Sarbanes-Oxley Act section on IT Controls
A company using public cloud computing has the ability to purchase new capacity from the cloud provider, instead of buyer servers or new data storage. This ability is referred to as:
Scalability
Risks associated with public cloud computing include all of the following, except:
Scalability
In this feasibility, the project team must estimate the total amount of time necessary to implement the each alternative design.
Schedule feasibility
Frontware, which adds modern, user friendly screen interfaces to legacy systems are referred to as:
Screen scrapers
The correct sequence of the supply chain is:
Secondary suppliers, suppliers, manufacturer, warehouses, distributors, retailers, and customers.
This communication protocol is built into web server and browser software that encrypts data transferred on that website. You can determine if a website uses this technology by looking at the URL
Secure sockets layer
Select the correct statement from the following:
The accounts payable journal will not show detail of purchases from a vendor.
A web server is:
A computer and hard drive space that stores web pages and data.
Protocols can be considered:
A language native to the network so all computers can translate it.
A protocol is required so that:
Answers A, B, and C are all correct.
Fraud is:
Precluded by proper internal control processes.
The average annual cost of cyber crime to U.S. companies is:
$3.8 million
1. The AICPA's Trust Services Principles state that online privacy focuses on: 1. Name 2. Address 3. Social Security number 4. Government ID numbers 5. Employment history 6. Personal health conditions 7. Personal financial information 8. History of purchases 9. Credit records
1, 2, 3, 4, 5, 6, 7, 8, and 9.
E-commerce sites may: 1. Provide access to manufacturer information on the product. 2. May provide tax free sales of retail goods. 3. Require shipping and handling fees to be paid. 4. Provide links to live or video presentations of product information. 5. Not provide as quick order processing as the company's retail locations.
1, 2, 3, and 4 are correct.
Processes in supply chain management: 1. Involve trading processes from a supplier to the business. 2. Involve trading processes from the business to a customer. 3. Involve trading between the business and other intermediaries. 4. Do not include any transactions once raw materials are put into production.
1, 2, and 3 are correct.
Supply chain management is: 1. The management and control of all materials. 2. The management and control of all funds related to purchasing. 3. The management of information related to the logistics process. 4. Limited to the flow of materials from vendors into the production cycle.
1, 2, and 3 are correct.
Customizing an ERP system: 1. Will tailor the ERP system to the user. 2. May have a prohibitive cost. 3. May hinder future system upgrades. 4. Is recommended wherever possible.
1, 2, and 3 only.
E-business 1. Includes the sale of raw materials between companies. 2. Includes using the Internet as an electronic network. 3. Sales will usually be smaller dollar amounts with many sales. 4. Is a broader concept than e-commerce.
1, 2, and 4 only.
While using a manual general ledger system, the audit trail could consist of: 1. General ledger. 2. Electronic images. 3. Journal vouchers. 4. Paper documents. 5. Source documents. 6. Special journals. 7. Subsidiary ledgers.
1, 3, 4, 5, 6, and 7.
Database relationships may be: 1. One-to-one relationships. 2. One-to-one relationships only. 3. One-to-many relationships. 4. One-to-many relationships only. 5. Many-to-one relationships. 6. Many-to-one relationships only. 7. Many-to-many relationships. 8. Many-to-many relationships only.
1, 3, 5, and 7 only.
Business process reengineering (BPR): 1. Aligns business processes with IT systems to record processes. 2. Reengineer the underlying processes to be more effective. 3. Improves the efficiency of the underlying process through automation. 4. Requires significant investment in IT resources. 5. Does not have a mutual enhancement effect with IT.
1, 3, and 4 only.
Data conversion will: 1. Require an appropriate amount of time be devoted to the conversion. 2. Be done at a minimal cost. 3. Import data from many legacy systems into a single RDBMS. 4. Require cleansing of errors and configuration inconsistencies.
1, 3, and 4 only.
When a transaction occurs in a business, the accountant must decide if it is a regular and recurring transaction. If the transaction IS regular and recurring, it will be recorded in a ____1_____. If it is NOT regular and recurring, it will be recorded in a _____2_____.
1=Special journal; 2=General Journal
The role of the auditors is to analyze the underlying facts to decide whether information provided by management is fairly presented. Auditors design ____1_____ to analyze information in order to determine whether ____2_____ is/are valid.
1=audit tests; 2=management's assertions
As required by Sarbanes-Oxley, enhanced ERP systems provide feedback to management regarding internal controls. To effectively use the function, there are important steps that need to be taken. 1. Establish and maintain a list of compatible duties. 2. Insure that employees are given access and authority only to those parts of the system required. 3. Periodically review the user profile and change any access and authority levels as necessary. 4. Configure the ERP system to track and report any instances where an employee initiated or records any event. 5. Monitoring the periodic reports or real-time reports by the appropriate manager to determine if user profiles have changed.
2, 3, 5
Select the true statements from the following. 1.Fraud, theft, or theft of data on the Internet and WWW are reduced by its regulated and controlled state. 2.A customer may feel isolated from the product because of the inability to touch or handle the product. 3.E-commerce customers may be targeted for solicitations based on their purchasing history. 4.E-commerce customers will often incur a shipping and handling charge with purchases. 5.E-commerce customers will always find the best product at the best price.
2, 3, and 4 are all true statements.
E-business: 1. Is a narrower concept than e-commerce. 2. Services the customers and the vendors. 3. Is electronic recording and control of internal processes. 4. Uses electronic means to enhance business processes.
2, 3, and 4 only.
Proper data analysis of data warehouse files: 1. Improves short-term planning. 2. Improves long-term planning. 3. Enhances the ability to meet customer needs. 4. Increase performance.
2, 3, and 4.
While using a computerized IT accounting system, the audit trail could consist of: 1. General ledger. 2. Electronic images. 3. Journal vouchers. 4. Paper documents. 5. Source documents. 6. Special journals. 7. Subsidiary ledgers.
2.
A firm expects to sell 1000 units of its best-selling product in the coming year. Ordering costs for this product are $100 per order, and carrying costs are $2 per unit. Compute the optimum order size, using the EOQ model.
317 units
A company has the following invoices in a batch: Invoice No. Product ID Quantity Unit Price 401 H42 150 $30.00 402 K56 200 $25.00 403 H42 250 $10.00 404 L27 300 $ 5.00 Which of the following numbers represents a valid record count? A. 1
4
The reasons for storing data to complete a customer sales transactions include all of the following EXCEPT: 1. Taking the order. 2. Pulling the items from the warehouse. 3. Shipping the items to the customer. 4. Billing the customer. 5. Providing feedback to the customer on the order. 6. Updating the customer account for payment.
5
A URL is converted to an IP by:
A DNS accessed when the browser sends the command.
Select the false statement from the following.
A character is a single letter, number, or symbol.
Select the true statement from the following.
A character is a single letter, number, or symbol.
The sales and cash collections process begins when:
A customer places an order with the company
When special journals are utilized:
A general journal is still utilized for infrequent and unique journal entries.
HTML is:
A language utilized to present website words, data, and pictures.
Advantages of e-commerce include all EXCEPT:
A narrower market for goods and services.
Which of the following audit objectives relates to the management assertion of existence?
A transaction actually occurred (i.e., it is real)
Nonrepudiation means that:
A user cannot deny any particular act that he or she did on the IT system
Which of the following is not an example of a software system that supports e-business and e- commerce?
AFB
Which of the following involves the inclusion of both variable and fixed costs in the determination of unit costs for ending inventories and cost of goods sold?
Absorption costing
Ethical issues of manufacturing include all except:
Absorption costing.
The AICPA's Trust Services Principles practice that states that customers should have access to the data provided so that the customer can view, change, delete, or block further use of the data provided is under the title of:
Access
The security of assets and documents related to cash disbursements would include all of the following, except:
Access to records should be limited to persons with the authority to sign checks.
Which of the following groups of processional within a organization have a history of designing and implementing the controls to lessen risks?
Accountants
There are many reasons for accountants to become aware of potential unethical behaviors. Which of the following is not one of the reasons identified by the authors?
Accountants are responsible for identifying unethical and illegal activities
The process that must identify the transactions to be recorded, capture all the important details of the transactions, properly process the transaction details, and provide reports is termed the:
Accounting Information System
The system that captures, records, processes, and reports accounting information is referred to as a(n):
Accounting information system
Segregation of duties is accomplished by which of the following?
Accounting personnel having restricted access to physical inventory.
Which department maintains copies of purchase orders and receiving reports so that the documents can be compared before the accounting records are updated?
Accounts Payable
Which of the given departments will immediately adjust the vendor account for each purchase transaction so that the company will know the correct amount owed to the vendor?
Accounts Payable
A kickback is an example of which type of fraud?
Accounts Payable Fraud
All of the following documents are necessary in the cash receipts process except:
Accounts Payable Subsidiary Ledger
Which department is generally responsible for the notification of the need to make cash disbursements and the maintenance of vendor accounts?
Accounts payable department
The accounting record that includes the details of amounts owed to each vendor is called the:
Accounts payable subsidiary ledger
In order to properly monitor customer payments and determine the amount of an allowance for uncollectible accounts, a(n) _________ should be generated to analyze all customer balances and the respective lengths of time that have elapsed since payments were due.
Accounts receivable aging report
Sales and sales returns can affect which journals?
Accounts receivable, cash, inventory, and sales.
Unauthorized access to the operating system would allow the unauthorized user to:
All of the above
Rework refers to:
Additional procedures to bring a product up to specifications.
Techniques used for gathering evidence include all of the following, except:
Adequate planning and supervision
Activities involved with the fixed assets disposal phase of the fixed assets processes include all of the following, except:
Adjusting periodic depreciation
Which of the following is a proper description of an auditor report?
Adverse opinion - notes that there are material misstatements presented.
All of the following are external reports except:
Aged Accounts Receivable Schedule
Cost-benefit can be defined as:
Alarm systems and vaults for fine jewelry inventories.
Which of the following statements is true?
All accounting systems, whether computerized or not, must capture data, process the data, and provide outputs
Ethical responsibilities are shared by:
All concerned including employees, customers, and management.
Sequential access means:
All data items must be read in the order in which they were placed into the system
All of the following are examples of security controls except for?
All of the Above are examples of security controls
After all of the RFPs have been received, either the IT governance committee or the project team will evaluate the proposals in order to select the best software package. Things that must be considered would include:
All of the above
All of the following are environmental control issues for physical hardware except for:
All of the above
Common means of presenting the revenue and cash collections processes pictorially include:
All of the above
Confidentiality of information is an ethical consideration for which of the following party or parties?
All of the above
Considerations related to adopting or increasing cloud computing usage, include:
All of the above
Financial Stewardship can be ensured in the revenue process by establishing and maintaining which of the following?
All of the above
In a large company, there are hundreds, possibly thousands, of sales transactions each day. The company needs to have in place, systems and processes to:
All of the above
The control environment related to the fixed asset processes can be enhanced through the implementation of various access controls, such as:
All of the above
The data preparation procedures are to be well-defined so that employees will be sure of:
All of the above
The definition of fraud includes the theft of:
All of the above
A good system of internal control includes many types of documentation. Which of the following types of documentation is not part of the adequate records and documents category of internal control?
All of the following are types of documentation
A use of enterprise application integration would include:
All of the listed items would be included
With structured query language (SQL):
All of the possibilities, A, B, and C, are correct.
Which of the following process within a supply chain can benefit from IT enablement?
All process throughout the supply chain
Network databases:
Allow shared branches within the inverted tree structure.
If a company does not prepare an aging of accounts receivable, which of the following accounts is most likely to be misstated?
Allowance for uncollectible accounts
The transmission of packets:
Allows great versatility in the transmission of data.
The standard format used with electronic data interchange (EDI) allows all vendors and buyers to speak the same language. This group has developed the standard format for the common documents used in the sales process:
American National Standards Institute
Which of the following statements regarding an audit program is true?
An audit program establishes responsibility for each audit test by requiring the signature or initials of the auditor who performed the test.
The payroll process is initiated when:
An employee is hired
Which of the following is most likely to be effective in deterring fraud by upper level managers?
An enforced code of ethics
A record is:
An entire set of fields for a specific entity.
When discussing the supply chain:
An entity may not be able to directly control all of the interrelated activities within the supply chain
A process or procedure in an IT system to ensure that the person accessing the IT system is valid and authorized is called:
Authentication of users and limiting unauthorized access
This type of software should be used to avoid destruction of data programs and to maintain operation of the IT system. It continually scans the system for viruses and worms and either deletes or quarantines them
Antivirus Software
Random access means:
Any data item can be directly accessed without reading in sequence.
Internal controls over the input, processing, and output of accounting applications are called:
Application Controls
Internal controls used specifically in accounting applications to control inputs, processing, and outputs are referred to as a(n):
Application Controls
The existence of verifiable information about the accuracy of accounting records is called a(n):
Audit trail
The process where the details of individual transactions at each stage of the business process can be recreated in order to establish whether proper accounting procedures for the transaction were performed is called:
Audit trail
Which of the following is not one of the identified causes of information risk?
Audited information
This organization is part of the AICPA and was the group responsible for issuing Statements on Auditing Standards which were historically widely used in practice.
Auditing Standards Board
Many companies design their IT system so that all documents and reports can be retrieved from the system in readable form. Auditors can then compare the documents used to input the data into the system with reports generated from the system, without gaining any extensive knowledge of the computer system and does not require the evaluation of computer controls. This process is referred to as:
Auditing around the system
Which of the following is the most effective way of auditing the internal controls of an IT system?
Auditing through the computer
This approach, referred to as the whitebox approach, requires auditors to evaluate IT controls and processing so that they can determine whether the information generated from the system is reliable.
Auditing through the system
The process of user identification to ensure that only authorized users are accessing the IT system, which occurs through the use of user ID, password, and other unique identifiers, is called:
Authentication
When there is no necessity for a preexisting relationship between buyer and seller, that transaction is more likely to be classified as
B2C
Select the correct statement from the following.
B2C is considered e-commerce while B2B is considered e-business.
Select the correct statement from the following:
B2C is typically few line items per order while B2B is typically many line items per order.
The type of organization that serves as the main trunk line of the Internet is called a
Backbone provider.
Which of the following is not a method of updating legacy systems?
Backoffice ware
Which of the following is not one of the stated physical controls for inventory in a warehouse?
Backup Copies
An electronic payroll time keeping device that collects data when employee identification badges are swiped through an electronic reader are called:
Badge reader
Internal reports do not include:
Balance Sheets
Select the answer that contains only external reports.
Balance sheet, income statement, cash flow statement.
Audit trails:
Can be from the source document to the journal entry or from the journal entry to the source document.
When computerized technology is introduced into processes, the processes
Can be radically redesigned to take advantage of the speed and efficiency of computers to improve processing efficiency.
The accounting profession has accepted this report as the standard definition and description of internal control.
COSO Report
A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives related to the effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations is:
COSO's definition of internal control
Financial statement audits are required to be performed by:
CPAs
Data processing and storage:
Can be distributed to meet organizational requirements.
The proper order of activity in an accounting information system would be as follows:
Capture, Record, Process, Report
The substance of an accounting information system includes:
Capturing, recording, processing and reporting accounting information
While an employee may have access to privileged information, an example of unethical activities would be a
Car salesman viewing the credit rating of a customer with a car in for warranty repairs.
The term that refers to how many instances of an entity relates to each instance of another entity is:
Cardinality
Which of the following departments is not a part of the purchasing process?
Cash Disbursements
A chronological listing of all payments is referred to as a(n):
Cash Disbursements Journal
A special journal used to record all cash collections is called a(n):
Cash Receipts Journal
Independent checks and reconciliations, related to cash receipts, include all of the following, except:
Cash collections should be deposited in the bank in a timely manner to prevent the risk of theft.
Special journals include:
Cash disbursements journal, cash receipts journal, payroll journal, purchases journal, and sales journal.
A manager suspects that certain employees are ordering merchandise for themselves over the Internet without recording the purchase or receipt of the merchandise. When vendors' invoices arrive, one of the employees approves the invoices for payment. After the invoices are paid, the employee destroys the invoices and related vouchers. To trace whether this is actually happening, it would be best to begin tracing from the:
Cash disbursements.
The goal of a physical inventory reconciliation is to
Compare the physical count with the perpetual records.
Which of the following terms in not associated with a financial statement auditor's requirement to maintain independence?
Competence
This type of input validation check assesses the critical fields in an input screen to make sure that a value is in those fields
Completeness Check
Which programmed input validation makes sure that a value was entered in all of the critical fields?
Completeness check
Two or more computers linked together to share information and/or resources is referred to as a(n):
Computer Network
This software allows engineers to work with advanced graphics at electronic work stations to create 3-D models that depict the production environment.
Computer aided design (CAD)
The advantages of using IT-based accounting systems, where the details of transactions are entered directly into the computer include:
Computer controls can compensate for the lack of manual controls
Which of the following would normally not be found on the IT Governance Committee?
Computer input operators
This complete records of all dates, times, and uses for each person is referred to as a(n):
Computer log
Select the true statement.
Computer-aided design may be three dimensional.
_____________ integrates all of the conversion processes to allow for minimal disruptions due to reporting requirements or inventory movement issues.
Computer-integrated manufacturing systems (CIMs)
Which of the following statements is true related to manual systems?
Computerized systems often rely on some manual record keeping
Which of the following is not a risk inherent in an IT system?
Computers being stolen
Changing the accounting records to hide the existence of a fraud is termed:
Concealment
The process of matching alternatives system models to the needs identified in the system analysis phase is called:
Conceptual Design
_______ is the aggregation or collection of similar data. It is the opposite of drill down in that it takes detailed data and summarizes it into larger groups.
Consolidation
When management designs and implements effective administrative processes:
Constant monitoring is necessary.
Tables in a flat file database must:
Contain similar data in the column.
A production schedule:
Contains information from the operations list.
The data warehouse:
Contains the historical information needed for planning and analysis.
A process of constant evidence gathering and analysis to provide assurance on the information as soon as it occurs, or shortly thereafter, is referred to as:
Continuous auditing
A document completed to prepare a record of the sales return and to adjust the amount of the customer's credit status is called a(n):
Credit memorandum
The source document that initiates the recording of the return and the adjustment to the customer's credit status is the:
Credit memorandum
High-impact processes (HIPs) are:
Critical to the long-term objectives of the organization.
This document is prepared on a regular basis to accumulated and summarize all the transactions that have taken place between the customer and the company within the period.
Customer Account Statements
When a customer improperly obtains cash or property from a company, or avoids liability through deception, it is termed:
Customer fraud
The term for software solutions that help businesses manage customer relationships in an organized way is:
Customer relationship management
Supply chain management (SCM) is a critical business activity that connects a company more closely with its:
Customers and suppliers
The date that is the end of the accounting period is referred to as the:
Cutoff
When goods are received at the end of the accounting period, and the invoice is not received until after the start of the following period, a problem may arise as to when to record the liability. This is referred to as a(n):
Cutoff issue
Examples of Business Continuity include all of the following except:
Environmental Backup Recovery Plan
Software Programming involves all of the following except:
Data Conversion
This document system is used by systems professionals to show the logical design of a system. The advantage of the method is that it uses only four symbols. Identify the document system
Data Flow Diagram
The process of converting data from human readable form to computer readable form is referred to as:
Data Input
In addition to testing system documentation, auditors should test the three main functions of computer applications. Which of the following is not one of these functions?
Data Storage
An integrated collection of enterprise-wide data that includes five to ten fiscal years of nonvolatile data, used to support management in decision making and planning is referred to as:
Data Warehouse
Which of the following is used to produce management reports that would be used to oversee day-to-day operations?
Data Warehouse
The record detailing the amounts and timing of depreciation for all fixed asset categories, except land and any construction-in-progress accounts, is called:
Depreciation schedule
Engineering is responsible for:
Designing the product and creating the bill of materials and the operations list.
The process of designing the outputs, inputs, user interfaces, databases, manual procedures, security and controls, and documentation of the new system is referred to as:
Detailed Design
The purpose of this phase of systems design is to create the entire set of specifications necessary to build and implement the system.
Detailed design
The systems analysis report, which is sent to the IT governance committee, will inform the committee of all of the following, except:
Detailed design
This type of control is included in the internal control system because it is not always possible to prevent all frauds. They help employees to discover or uncover errors, fraud, or unauthorized events
Detection
High-impact processes (HIPs):
Determine the structure of the data in the data warehouse.
Data mining would be useful in all of the following situations except
Determining customers' behavior patterns.
An IT governance committee has several responsibilities. Which of the following is least likely to be a responsibility of the IT governance committee?
Develop and maintain the database and ensure adequate controls over the database
The process of converting data into secret codes referred to cipher text is called:
Encryption
Which of the following is not a control intended to authenticate users?
Encryption
Large-scale IT systems should be protected by physical access controls. Which of the following is not listed as one of those controls?
Encryption of passwords
Within the planning component of the logistics function, which of the following processes is responsible for preparing bill of materials and the operations list?
Engineering
The main reason that receiving clerks are denied access to purchase order quantities and prices is to:
Ensure that the receiving clerk actually takes the time to verify the accuracy of a delivery before accepting it.
Chapter 2 discusses the different approached that can be used to enhance existing legacy systems. Which approach intends to consolidate, connect, and organize all of the computer applications, data, and business processes (both legacy and new) into a seamlessly interfaced framework of system components?
Enterprise application integration
A multi-module software system designed to manage all aspects of an enterprise usually broken down into modules such as financials, sales, human resources, and manufacturing, is referred to as a(n):
Enterprise resource planning
Instead of completely replacing their systems, organizations often try to use new technology to enhance existing systems. Which of the following is not one of the approaches taken by these organizations?
Enterprise resource planning
The _________ contains the data necessary to conduct day-to-day operations and produce management reports used to oversee day-to-day operations.
Enterprise resource planning system
A process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives is referred to as:
Enterprise risk management
The COSO report, Internal Controls- Integrated Framework, identified interrelated components of internal control. Which of the following is not one of those components?
Enterprise risk management
The rectangle used in an entity relationship diagram is used to represent a(n):
Entity
When discussing entity relationship diagrams, this is considered to be a noun, that represents items in the accounting system:
Entity
This document system is a pictorial representation of the logical structure of databases. It identifies the entities, the attributes of the entities, and the relationship between the entities
Entity Relationship Diagram
This type of system matching takes place without invoices. The receipt of goods is carefully evaluated an, if it matches the purchase order, settlement of the obligation occurs through the system.
Evaluated Receipt Settlement
An It enabled system for purchasing that is an "invoice-less" system is called a(n):
Evaluated receipt settlement
An invoice-less system in which computer hardware and software complete in invoice-less match that is a comparison of the purchase order with the goods received is termed:
Evaluated receipt settlement
Which of the following IT systems is designed to avoid the document matching process and is an "invoiceless" system?
Evaluated receipt settlement
The decision to buy or design software directly follows which step in the system design flowchart?
Evaluation and Selection
The process of assessing the feasibility and fit of each of the alternative conceptual approaches and selecting the one that best fits the organization's needs is called:
Evaluation and Selection
The process of assessing the feasibility and fit of each of the alternative conceptual approaches and selecting the one that best meets the organization's needs is termed:
Evaluation and Selection
There are four primary phases of the IT audit. Which of the following is not one of those phases?
Evidence Audit
Generalized audit software can be used to:
Examine the consistency of data maintained on computer files.
Standard costs are the:
Expected costs based on required resources.
Raw material events can be found in which two processes?
Expenditures and return processes, systems & controls and 2) conversion processes, systems & controls.
E-commerce businesses:
Experience dramatically reduced marketing costs as the result of the expanded market.
This type of audit is performed by independent auditors who are objective and neutral with respect to the company and the information being audited.
External Audit
This computer is similar to a company's intranet except that it does allow access to selected outsiders, such as buyers, suppliers, distributors, and wholesalers
Extranet
Select the correct statement from those provided below.
Extranet access is generally open to select members of the supply chain.
Hardware, software, or a combination of both that is designed to block unauthorized access to an IT system is called:
Firewall
Special journals are created, or established, to record specific types of transactions. Which of the following is not one of the special journals?
Fixed Asset Journal
A detailed listing of the company's fixed assets, divided into categories consistent with the general ledger accounts is called a:
Fixed Asset Subsidiary Ledger
Which of the following is not a part of "adequate documents and records" for fixed assets?
Fixed asset journal
When the data contained in a database are stored in large, two-dimensional tables, the database is referred to as a
Flat file database.
Special journals are:
For regular and recurring transactions.
The use of BPR(Business Process Reengineering) is a two-fold: (1) Aligns business processes with the IT systems used to recorded processes and, (2):
Improves the efficiency and effectiveness of these processes
Internal controls that apply overall to the IT accounting system, that are not restricted to any particular accounting application, are referred to as a(n):
General Controls
Internal controls that apply overall to the IT system are called:
General Controls
The automated controls that affect all computer applications are referred to as:
General Controls
In a manual system, an adjusting entry would most likely be initially recorded in a:
General Journal
Which of the following provides details for the entire set of accounts used in the organization's accounting systems?
General Ledger
Independence in mental attitude is to be maintained in all matters related to the audit engagement. This is one of the generally accepted auditing standards that is part of the:
General Standards
Auditing standards address the importance of understanding both the automated and manual procedures that make up an organization's internal controls and consider how misstatements may occur, including all of the following, except:
How financial statement are printed from the computer
Which of the following is not one of the general types of business processes identified by the testbook?
Human Resource Processes
This department is responsible for maintaining records for each job and each employee within the organization, as well as tracking job vacancies and supporting the company's recruitment efforts.
Human Resources Department
Which of the following activities is not part of the planning component of the logistics function?
Human resource management
The purpose of MRP II was to integrate all of the following into a single database EXCEPT:
Human resources
The department responsible for training production personnel is the:
Human resources department.
The responsible for managing the placement and development of sufficient qualified personnel which includes hiring and training workers as well as maintaining records of their performance is the task of the:
Human resources department.
When payroll is processed using batch processing, which of the following would not be part of the payroll process?
Human resources should prepare control totals and hash totals in order to check the system before the paychecks are generated.
For proper segregation of duties, the department that should authorize new employees for payroll would be:
Human resources.
HTTP stands for:
Hypertext transmission protocol.
Risk assessment is a process designed to:
Identify possible circumstances and events that may affect the business.
When discussing the security of assets and documents, there are many actions that can be taken. Which of the following would not be related to this category of internal control?
Identifying sources of risk and estimating the possibility of that risk
The advantages of cloud-based computing includes all of the following, EXCEPT:
Increased infrastructure - the company has more need for servers and data storage.
Which of the following is NOT a feature of an ERP system's database?
Increased need for data storage within functional areas
Select the correct statement from those provided below.
If sales and inventory are real-time, payroll and production may be batch processing in a well-designed system.
Which of the following statements, regarding ethical considerations in an accounting information system is false?
If there is only one person within the organization with responsibility for maintaining the computer systems, it is not difficult to detect instances of computer fraud
The Evaluation and Selection cycle of the expanded SDLC would not include which of the following steps?
Implement the alternative selected.
An accounting information system serves many functions- which of the following is NOT one of those functions?
Implement the start of a transaction
The big bang approach to implementation means that the company:
Implements all modules and all function areas of the ERP system at one time.
The three major concerns related to database control and security do NOT include:
Inadequate backup.
Financial pressures, market pressures, job-related failures, and addictive behaviors are all examples of which condition of the Fraud Triangle?
Incentive
The reason that detailed data must be collected and stored is: 1. The data must be stored for future transactions or follow-up. 2. The data must be incorporated into the accounting system so that regular financial statements can be prepared. 3. Management needs to examine and analyze data from transactions to operate the organization.
Include 1, 2, and 3 among other reasons.
Which of the following activities in the conversion process does NOT require express authorization?
Initiation of a sales order.
This type of control is intended to ensure the accuracy and completeness of data input procedures and the resulting data:
Input Controls
Field check, limit check, range check and sequence check are all examples of:
Input Validation Checks
Which of the following is NOT an example of a programmed input validation check that would help to detect and prevent keying errors?
Input checks
This type of application control is performed to verify the correctness of information entered into software programs. Auditors are concerned about whether errors are being prevented and detected during this stage of data processing.
Input controls
The forms, documents, screens, or electronic means used to put data into the accounting system are called:
Inputs of the system
A company in Florida provides certified flight training programs for aspiring new pilots of small aircraft. Although awarding a pilot's license requires one-on-one flight time, there is also much preparatory training conducted in classroom settings, The company needs to create a conceptual data model for its classroom training program, using an entity-relationship diagram. The company provided the following information: Floridian Flight, Inc. has 10 instructors who can tach up to 30 pilot trainees per class. The company offers 10 different courses, and each course may generate up to eight classes. Identify the entities that should be included in the entity-relationship diagram:
Instructor, Course, Enrollment, Class, Pilot Trainee
Which of the following computer assisted auditing techniques allows fictitious and real transactions to be processed together without client personnel being aware of the testing process?
Integrated test facility
Which of the following is one of the disadvantages to batch processing?
Integration across business processes is difficult in legacy systems that are batch oriented
The proper sequence of events for the accounting cycle is:
Journalize, post, trial balance, adjusting entries, financial statements, and closing entries
Closing entries are:
Journalized in the general journal.
Which of the following represents a method of managing inventory designed to minimize a company's investment in inventories by scheduling materials to arrive at the time they are needed for production?
Just-in-time (JIT)
Flat file records are:
Kept is sequential order.
A cash payment made by a vendor to an organization's employee in exchange for a sale to the organization by the vendor is termed:
Kickback
Database security includes all EXCEPT:
LAN structure.
The standard format for common forms used in the United States for electronic data interchange (EDI) data transmission is divided into three parts. Which of the following is one of those "parts"?
Labeling Interchanges
When PCs are used for accounting instead of mainframes or client-server system, they face a greater risk of loss due to which of the following:
Lack of backup control
Manufacturing has changed in recent years as a result of each of the following factors except:
Lack of economic prosperity
A situation where the organization's cash is stolen after it is entered in the accounting records is termed:
Larceny
Within the conversion processes, systems and controls result from transactions that are:
Large volumes of daily materials transactions.
Within the revenue and return processes, systems and controls result from transactions that are:
Large volumes of daily sales and cash inflow transactions.
This term refers to moving the current accounting period's cut-off date forward to include sales that correctly occur in a future period. This activity occurs so that the selling company can inflate their sales in the current period.
Leaving sales open
This piece of audit evidence is often considered to be the most important because it is a signed acknowledgment of management's responsibility for the fair presentation of the financial statements and a declaration that they have provided complete and accurate information to the auditors during all phases of the audit.
Letter of Representation
To prevent issues with segregation of duties within an ERP system, the system may do which of the following?
Limit the types of transactions each employee can perform.
Corporations with complex IT systems:
May automate their investment process.
Segregation of duties:
May be more difficult in less complex computerized accounting systems.
Financial statements:
May contain condensed data from the general ledger.
ERP implementation:
May install only selected modules.
Which of the following is one of the disadvantages of maintaining the legacy systems?
May not easily run on new hardware
Periodic inventory systems:
May not reflect current inventory levels.
Variances:
May not result in any changes in the logistics function.
Distributed data processing and databases:
May require management to enforce hardware and software configuration policies.
Which of the following is an example of a B2B transaction?
McDonalds placing an order for more hamburger rolls through their company computer
Which of the following best describes what is meant by the term "generally accepted auditing standards"?
Measures of the quality of an auditor's conduct carrying out professional responsibilities.
Personnel records will typically include all of the following, except:
Medical history subsequent to hiring
Each of the following companies was involved in fraudulent financial reporting during 2001 and 2002, except:
Microsoft Corporation
When categorizing the accounting software market, a company with revenue of $8 million most most likely purchase software from which segment?
Midmarket
A company's cash custody function should be separated from the related cash recordkeeping function in order to:
Minimize opportunities for misappropriations of cash
The theft of any item of value is referred to as:
Misappropriation of assets
Business process reengineering means:
Modifying business processes to take advantage of the capabilities of the ERP system.
The ongoing review and evaluation of a system of internal control is referred to as:
Monitoring
The activity in the conversion process that does NOT require express authorization is the:
Movement of production pieces from one stage of production to the next.
An example of many-to-many relationship would be:
Multiple vendors for multiple items.
The various types of online analytical processing (OLAP) does NOT include:
NOLAP - Notational online analytical processing.
The Internet backbone is the network between:
National backbone providers.
Y2K compatibility issues arose because:
Old computer systems kept dates in mm/dd/yy formats.
The internal control process of requiring the payroll register to be reconciled with the time sheets, will help to minimize the risk of:
Omitted paychecks
The internal control process of having the receiving reports prepared on pre-numbered forms so that the sequence of receipts can be reviewed for proper recording will help to minimize the related risk of:
Omitted purchases
The internal control process that requires vendor statements to be reviewed monthly and reconciled with accounts payable records, will help to minimize the risk of:
Omitted returns
The comparison of the shipping records with the sales journal and invoices is completed to minimize the related risk of:
Omitted transactions
The internal control process of computing and recording the gains/losses for all fixed asset disposals will minimize the risk of:
Omitted transactions
The preparation of deposit slips on prenumbered forms will help to minimize the related risk of:
Omitted transactions
The preparation of packing lists and shipping records on prenumbered forms will help to minimize the related risk of:
Omitted transactions
The preparation of production orders and routing slips on prenumbered forms minimizes the related risk of:
Omitted transactions
The internal processes of e-business do NOT include:
On-line sales to customers.
Which of the following scenarios does NOT impair the independence of a CPA firm from its client?
One of the auditors owns stock in a competitor of the client
Vertical integration of the supply chain occurs when:
One organization owns the supply chain from raw materials through distribution and sales.
Within the logistics function, segregation of duties means:
One person should not have both inventory and accounting responsibilities.
Management fraud may involve:
Overstating revenues
Each of the following items would likely be found in an employee's personnel records related to the initial hiring, except:
Overtime and commission rates
The advantage of client-server computing is:
PC clients perform as "smart" terminals that can accomplish some share of the process tasks
The proper actions and capabilities is:
Packet switching divides large messages into small bundles for tr ansmission while routers determine the best path through the network.
A ________ is prepared by warehouse personnel and lists all items included in a shipment.
Packing slip
This document, prepared by the vendor, is intended to show the quantities and descriptions of items included in the shipment.
Packing slip
Which of the following is not a document that is part of the cash collection process?
Packing slip
This is one of the computer-assisted audit techniques related to processing controls that involves processing company data through a controlled program designed to resemble the company's application. This test is run to find out whether the same results are achieved under different systems.
Parallel Simulation
A system conversion method in which the old and the new systems are operated simultaneously for a short time.
Parallel conversion
Which of the following is not part of the system design phase of the SDLC?
Parallel operation
Which of the following computer assisted auditing techniques processes actual client input data (or a copy of the real data) on a controlled program under the auditor's control to periodically test controls in the client's computer system?
Parallel simulation
Which of the following is NOT one of the rules for the effective use of passwords?
Passwords should not be case sensitive
Payroll transactions are considered:
Periodic events.
Within the administrative processes, systems and controls result from transactions that are:
Periodic.
Appropriate information for a medical facility would NOT include:
Personal spending habits.
Which of the following departments or positions most likely would approve changes in pay rates and deductions from employee salaries?
Personnel
A system conversion method in which the system is broken into modules, or parts, which are phased in incrementally and over a longer period.
Phase-in conversion
Input controls of the IT system would include all of the following EXCEPT:
Physical access controls
Which of the following statements regarding the maintenance of adequate records and documentation in the cash disbursement process is NOT true?
Physical controls should be in place in the areas where cash is retained and disbursed.
This item documents the quantities and descriptions of items ordered. Items from this document should be pulled from the warehouse shelves and packaged for the customer.
Pick List
Best of breed means:
Picking the best software on the market for a particular type of business process for this size of an organization.
A system conversion method in which the system is operated in only one or a few sub-units of the organization.
Pilot conversion
As a metalanguage, XML:
Places a data tag that the beginning and end of each data item identifying the contained data.
The component of the logistics function that directs the focus of operations is the:
Planning component.
The component of the logistics function that directs the focus of operations is referred to as:
Planning.
Capital budgeting:
Plans the capital resources needed to support operations.
Databases that reside in the cloud are called Database as a Service (DaaS). Sometimes the database is combined with an operating system and is referred to as:
Platform as a Service
A method of using hardware and software that captures retail sales transaction by standard bar coding is referred to as:
Point of Sale System
This type of highly integrated IT system processes sales at a cash register in retail stores.
Point of sale
This term refers to a system of hardware and software that captures retail sales transactions by standard bar coding
Point of sale system
Which of the following types of employees are typically required to prepare very detailed (to- the-minute) time reports, identifying the types of projects worked on and the exact time spent on each?
Production employees
The form that authorizes production activities for a particular sales order or forecasted needs is referred to as the:
Production orders.
Which of the following correctly states a reconciliation process to be completed related to payroll?
Production reports to the general ledger.
This schedule outlines the specific timing required for a sales order, including the dates and times designated for the production run.
Production schedule
The operations component of the logistics function has which of the following elements?
Production.
This concept means that the auditors should not automatically assume that their clients are honest, but that they (the auditors) must have a questioning mind and a persistent approach to evaluating evidence for possible misstatements.
Professional Skepticism
In the detailed design stage of systems design it is necessary that the various parts of the system be designed. The parts of the system to be designed at this point would include all of the following, except:
Program Code
Accountants have some form of use of the AIS in all but which role?
Programmer
The existence of IT-based business processes, that result in the details of the transactions being entered directly into the computer system, increases the likelihood of the loss or alternation of data due to all of the following, except:
Programmer Incompetence
Accountants have several possible roles related to accounting information systems. Which of the following is not normally one of those roles?
Programmer of the AIS
All of the following are implementation of software systems EXCEPT:
Progressive implementation.
The analytics module of an ERP system such as SAP would include all of the following EXCEPT:
Project portfolio management
A source document serves important functions in the accounting system. which of the following is not one of those functions?
Provides the output data for financial reports
This organization, established by the Sarbanes-Oxley Act, was organized in 2003 for the purpose of establishing auditing standards for public companies.
Public Company Accounting Oversight Board
This form of encryption uses a public key, which is known by everyone, to encrypt data, and a private key, to decode the data
Public key encryption
The form, or source document, that conveys the details about a customer's order, prepared by the customer, is referred to as:
Purchase Order
A company may reject goods received due to a number of reasons. The process related to this is referred to as:
Purchase Returns
A record keeping tool used to record purchases in a manual accounting system. This "tool" would consist of recording all of the purchased orders issued to vendors in a chronological order.
Purchase journal
The business processes that are common in company-to-company sales business are divided into three groups. Which of the following is not one of those groups?
Purchase of inventory, including ordering, delivery, and billing
Routine business transactions would include which of the following?
Purchase of merchandise inventory.
This form is issued by the buyer, and presented to the seller, to indicate the details for products or services that the seller will provide to the buyer. Information included on this form would be: products, quantities, and agreed-upon prices.
Purchase order
It is important that documentation support or agree with an invoice before payment is approved and a check is issued. Which documents should be matched to make sure that the invoice received relates to a valid order that was placed and that the goods were received?
Purchase order, receiving report, and invoice.
A company's database contains three types of records: vendors, parts, and purchasing. The vendor records include the vendor number, name, address, and terms. The parts records include part numbers, name, description, and warehouse location. Purchasing records include purchase numbers, vendor numbers (which reference the vendor record), part numbers (which reference the parts record), and quantity. What structure of database is being used?
Relational
Database management systems are categorized by the data structures they support. In which type of database management system is the data arranged in a series of tables?
Relational
ERP software operates on a(n) _________ database
Relational
A collection of data stored in several small two-dimensional tables that can be joined together in many varying ways to represent many different kinds of relationships among the data is referred to as a(n):
Relational Database
Which type of database is the most widely used database structure today?
Relational databases
The diamond used in an entity relationship diagram is used to represent a(n):
Relationship
The documentation accompanying payment that identifies the customer account number and invoice to which the payment applies is referred to as a(n):
Remittance Advice
A tear-off part of a check that has a simple explanation of the reasons for the payment is called:
Remittance advice
Companies who provide mobile devices for employees, normally has a policy that allows the company's IT professional to remove company data and applications from the mobile device. This process is referred to as:
Remove wipe
Which of the following is NOT a benefit of the electronic transfer of payroll funds?
Removes the need for bank statement reconciliations
The process of risk assessment would include all of the following actions, except:
Report the risks to the audit committee
The general guidelines, known as the generally accepted auditing standards, which include the concepts of presentation in accordance with the established criteria, the consistent application of established principles, adequate disclosure, and the expression of an opinion, relate to the:
Reporting Standards
Variances:
Represent the differences between actual costs and the standard costs applied.
The primary key of a relational database:
Represents a value that is used to sort, index, and access records with.
This document is sent to each software vendor offering a software package that meets the user and system needs and is sent to solicit proposals.
Request for Proposal
Just-in-time (JIT) production systems:
Require closely controlled inventory levels.
Capital or investment processes:
Require established procedures and internal controls even though they are considered infrequent events.
Which of the following is a characteristic of a non-routine transaction?
Required to have specific authorization.
Select the false completion to the statement which starts "A computer-based conversion process:"
Requires less data input into the system.
Data normalization:
Requires repeated groups to be deleted from the same column.
Capital or investment processes:
Requires the specific approval of top management or board of directors.
Which of the following processes focuses on product improvement?
Research and development
The responsibility to conduct make/buy decisions is usually given to:
Research and development.
Security of assets and documents include all of the following except:
Restricted movement of office supplies.
During the 1970s and 1980s, the ARPANET was:
Restricted to universities, libraries, and research organizations.
Organizational benefits of ERP implementation include all EXCEPT:
Retaining long-held work patterns and work focus.
Circumstances within a company, related to sales returns, that indicate a high level of risk include all of the following, except:
Returns are received a one location with credit memos issued at the same location.
For proper segregation of duties in cash disbursements, the person who signs checks also:
Returns the checks to accounts payable.
The expenditure and return process is similar to the _______ process, except that goods and cash flow in the opposite direction.
Revenue
When a company receives returned goods from a customer, the business process to accept the return would most likely be a(n):
Revenue process
When additional procedures are necessary to bring a defective product up to its required specifications, this is referred to as:
Rework.
Which management assertion determines that transactions and related asset accounts balances are actually owned and that liability account balances represent actual obligations?
Rights and Obligations
Over the next few years, spending on ERP systems is expected to:
Rise
The likelihood that errors or fraud may occur is referred to as:
Risk
One of the components of internal control identified by COSO required that management must be considering threats and the potential for risks, and stand ready to respond should these events occur. This component is referred to as:
Risk Assessment
Which of the following is not one of the corporate functions interrelated within the corporate governance system?
Risk Assessment
The range of actions that make up the component of internal control referred to as control activities includes each of the following, except:
Risk assessment
A fraudster uses this to alter a program to slice a small amount from several accounts, crediting those small amounts to the perpetrator's benefit.
Salami technique
A special journal that is used to record sales transactions and is periodically posted to the general ledger.
Sales Journal
A _______ is a credit to the customer account made to compensate the customer for a defective product or a late shipment.
Sales allowance
Interfaces between modules of ERP systems would be accepted for all of the following EXCEPT:
Sales and human resources.
A service firm would focus on:
Sales and project status.
Availability risks, related to the authentication of users would include:
Shutting down the system and shutting down programs
A situation where the organization's cash is stolen before it is entered in the accounting records is termed:
Skimming
Quickbooks and Peachtree would be part of which market segment of accounting software?
Small Segment
This item, that strengthens the use of passwords, is plugged into the computer's card reader and helps authenticate that the use is valid; it has an integrated circuit that displays a constantly changing ID code. These statement describe:
Smart card
This type of client terminal can accomplish some of the processing tasks in a client- server computing network:
Smart terminal
Which of the following is not an example of physical characteristics being used in biometric devices?
Social security number
There are a number of cloud computing services, and one of those services is called SaaS. This acronym stands for:
Software as a Service
Database management systems, DBMS, is (are):
Software that manages a database and controls access and use of data
The study of the current system to determine the strengths and weaknesses and the user needs of that system is called:
Systems Analysis
This phase of SDLC requires the collection of data about the system and the careful scrutiny of those data to determine areas of the system that can be improved.
Systems Analysis
The creation of the system that meets user needs and incorporates the improvements identified by the systems analysis phase is called:
Systems Design
The formal process that many organizations use to select, design, and implement IT systems is the:
Systems Development Life Cycle
The set of steps undertaken to program, test, and activate the IT system as designed in the system design phase is called:
Systems Implementation
The evaluation of long-term, strategic objectives and prioritization of the IT systems in order to assist the organizations in achieving its objectives is called:
Systems Planning
This phase of SDLC involves the planning and continuing oversight of the design, implementation, and use of the IT systems.
Systems Planning
Which is the correct flow of the SDLC?
Systems Planning, Systems Analysis, Systems Design, Systems Implementation, Operation and Maintenance
The phases of the SDLC include all of the following except:
Systems Purchasing
Which phase of the system development life cycle includes determining user needs of the IT system?
Systems analysis
Which of the following must a company have in place to capture, record, summarize and report transactions?
Systems and processes
The network lines that are used to connect regional ISPs to the backbone are usually:
T3 Lines
Structured query language (SQL):
Takes advantage of the primary record key to link tables.
Scheduling:
Takes into consideration all the open sales orders.
Which of the following statement is false related to client-server computing?
Tasks are assigned to either the server or the client based on the size of the task
The assessment of the realism of the possibility that technology exists to meet the need identified in the proposed change to the IT system is called:
Technical Feasibility
Which of the following feasibility aspects is an evaluation of whether the technology exists to meet the need identified in the proposed change to the IT system?
Technical feasibility
The work arrangement where employees work from home using some type of network connection to the office is referred to as:
Telecommuting
Each of the following are methods for implementing a new application system except:
Test
The most common way to test software is to use which of the following?
Test Data
Audit procedures designed to evaluate both general controls and application controls are referred to as:
Test of Controls
Studies show:
That for day-to-day operations unit data is the critical element.
The additive characteristic means:
That if the preceding rules are met, the rule can be met.
The acquisition of materials and supplies and the related cash disbursements is referred to as:
The Procurement Process
The choice of accounting information system will depend on all of the following except:
The ability of the company to capture information
The shortcomings of a spreadsheet-based system include all of the following, except:
The abundance of fixed asset data
Documentation of the accounting system allows:
The accountant to analyze and understand the procedures and business process and the systems that capture and record the accounting data
In order to master risks and controls and how they fit together, which of the following is NOT one of the areas to fully understand?
The accounting information system
IT systems have dramatically affected many aspects of business. Which of the following is not one of the changes?
The accounting information that is reported by the system
Internal controls related to the purchase returns would include all of the following, except:
The accounts payable employee who prepares the debit memo should also be responsible for handling the inventory and approving the return
The factor that does NOT affect internal reports is:
The audit status of the organization.
The IT auditing approach referred to as "Auditing through the system" is necessary under which of the following conditions?
The auditor wants to test computer controls as a basis for evaluating risk and reducing the amount of substantive audit testing required.
The advantage of "best of the breed" is:
The best functionality of a unique process of the organization.
The audit practice of "auditing around the computer" is also referred to as:
The black box approach
Standard costs take into consideration all of the following except:
The cost of the sales manager's salary.
The data in the data warehouse are said to be enterprise-wide because:
The data are pulled from each of the operational databases and maintained in the data warehouse for many fiscal periods
Within an ERP program:
The data warehouse contains five to ten years of transaction histories.
Select the true statement from those provided below.
The data warehouse has five to ten years of data while the operational database has current year data.
Within the revenue processes, a signed approval of a sales order indicates all of the following except:
The date of delivery.
Which of the following would represent proper segregation of duties?
The employee who opens mail containing checks prepares a list of checks received.
Good corporate governance depends mainly upon ________.
The ethical conduct of management
The systems transition responsible for moving business processes from an internal management perspective to an interactive, internal, and external perspective is?
The evolution of ERP systems into ERP II systems
Which of the following statements is NOT true regarding source of capital transactions?
The fact that these transactions and processes cannot occur without oversight by top management means other controls are not necessary.
As computerized accounting systems get more and more complex and integrated:
The level of authorization for posting gets lower in the level of responsibilities.
The four general purpose financial statements are:
The four general purpose financial statements are:
Regarding subsidiary ledgers and general ledger control accounts, which of the following is NOT true?
The general ledger maintains details of subaccounts.
Factors that indicate the need for internal controls over fixed assets processes include all of the following, except:
The high cost of assets
The control environment component of internal control was identified to have a number of different factors. Which of the following is NOT one of those factors?
The identification of sources of risk
Which of the following is not considered a cause for information risk?
The information has been tested by internal auditors and a CPA firm.
The two tiers of ERP systems are:
The large, multinational corporation tier and the midsize business tier.
Benefits of an ERP system include all of the following EXCEPT:
The real-time nature of processing increases the total processing time.
Internal control is strengthened by the use of a blind purchase order, upon which the quantity of goods ordered is intentionally left blank. This blind copy is used in which department?
The receiving department.
Select the correct statement from those provided.
The relational database model is more flexible in its queries than the hierarchal mode.
Which of the following statements best describes the risks of ERP systems?
The risks of implementing and operating ERP systems are nearly identical to the risks of implementing and operating IT systems.
The issuance and movement of materials into the various production phases is referred to as:
The routing process.
Which document provides the descriptions and quantities of materials taken into production for a specified sale or other authorized production activity?
The routing slip.
Which of the following is not an independent verification related to cash disbursements?
The stock of unused checks should be adequately secured and controlled.
If a manufacturing company's inventory of supplies consists of a large number of small items, which of the following would be considered a weakness in internal controls?
The stores function is responsible for updating perpetual records whenever inventory items are moved.
Select the true statement from the following:
The strength of Peoplesoft is its human resources capabilities.
Which of the following would be considered a vendor fraud?
The submission of duplicate or incorrect invoices
To ensure that all credit sales transactions of an entity are recorded, which of the following controls would be most effective?
The supervisor of the billing department matches prenumbered shipping documents with entries recorded in the sale journal.
Which of the following is not true of the supply chain?
The supply chain excludes customers
Which of the following is one of the advantages of maintaining a legacy system?
The system often supports unique business processes not inherent in generic accounting software
Organizations are often reluctant to abandon their legacy systems because:
The system was customized to meet specific needs
Examples of employee initiated fraud would NOT include:
The theft of cash or checks from the mailroom.
IT Controls can be divided into two categories, general controls and application controls. Which of the following is an example of a general control?
The use of passwords to allow only authorized users to log into an IT-based accounting system
IT Controls can be divided into two categories, general controls and application controls. Which of the following is an examples of a general control?
The use of passwords to allow only authorized users to log into an IT-based accounting system
When transactions are posted in a computerized accounting system:
The user can select which batches of transactions to post.
When a sales transaction has been authorized, by the signature of the designated employee, it means that the designated employee has done all of the following, except:
The vendor's credit has been approved
Which of the following is NOT part of an administrative process?
The write-off of bad debts
Accounting software traditionally uses two different types of files. The file type that is the set of relatively temporary records that will be process to update the permanent file is referred to as a(n):
Transaction File
The information from a purchase must flow into the purchase recording systems, the accounts payable and cash disbursement systems, and the inventory tracking systems. In an IT accounting system, these recording and processing systems are called:
Transaction Processing Systems
When a sale occurs, the information resulting from that sale must flow into the sales recording systems, the accounts receivable and cash collection systems, and the inventory tracking systems. In IT accounting systems, these recording and processing systems are referred to as:
Transaction Processing Systems
In automated accounting:
Transaction information may be held in a special module awaiting posting.
What common characteristic is shared by both online processing and real-time processing?
Transactions are entered and processed individually
Internal processes of the organization include all of the following EXCEPT:
Transactions involving suppliers.
Which of the following is a risk that may affect the revenue and cash collection process?
Transactions may be recorded in the wrong amount
Each category of processes in the typical purchasing system would include controls and risks. For each of the categories, the goal of the internal controls system is to reduce specific types of business risks. Which of the following is not one of those risks?
Transactions properly accumulated or transferred to the correct accounting records.
The risks that may affect the revenue and cash collection processes include all of the following, except:
Transactions recorded by the wrong company.
TCP/IP is:
Transmission control protocol/Internet protocol.
Which of the following items is not one of manual records in a manual accounting systems?
Trial Balance
Which of the following symbols would not be seen in a process map?
Triangle
A small, unauthorized program within a larger legitimate program, used to manipulate the computer system to conduct a fraud is referred to as a(n):
Trojan horse program
Which of the following would be referred to as a common carrier?
Trucking company
A benefit of a company accounting for their documents in a numerical sequence is that it is much easier to see if a document or documents are missing.
True
A business process has a well-defined beginning and end
True
A challenging area of payroll computation is computing the amount of deductions related to each employee's pay.
True
A character is a single letter, number, or symbol.
True
A cloud-based ERP system will require less infrastructure at the company.
True
A code of ethics should reduce opportunities for employees to conduct fraud if management emphasizes the cost and disciplines or discharges those who violate it
True
A company is more likely to implement internal controls if they view the cost of the controls to be less than the benefits provided.
True
A computer network coving a small geographic area is referred to as a LAN
True
A field is a set of characters that fill a space reserved for a particular kind of data.
True
A firewall can prevent the unauthorized flow of data in both directions
True
A good set of internal controls may not be as effective in reducing the chance of management fraud as it would be in reducing the chance of fraud committed by an employee
True
A hiring decision normally occurs as the result of an interview or interviews and is documented on a signed letter and / or signed employment contract.
True
A protocol is a standard data communication format that allows computers to exchange data.
True
A purchase requisition is essentially an internal document, one that does not go outside the company, whereas a purchase order is an external document, which will be presented to an entity outside the company.
True
A record is the entire set of fields for a specific entity.
True
A relational database stores data in two-dimensional tables that are joined in many ways to represent many different kinds of relationships in the data.
True
A sample is random when each item in the population has an equal chance of being chosen.
True
A system of local area networks connected over any distance via other net work connections is called a WAN, or wide area network
True
A validity check is an example of an input application control
True
A web server is a computer and hard drive space that stores web pages and data.
True
Absorption costing involves the inclusion of both variable and fixed costs in the determination of unit costs for ending inventories and cost of goods sold.
True
When the manager of the primary users of the system is satisfied with the system, an acceptance agreement will be signed , the enforce of which makes it much more likely that project teams will seek user input and that the project team will work hard to meet user needs.
User Acceptance
During the operation of an IT system, it is necessary that regular reports are received by management to monitor the performance of the system. These reports would include all of the following, except:
User Acceptance of the IT System
HTML allows:
User level computers a way to display information the way it was intended to be displayed.
The assigning of access and authority for a specific user ID is called a ________.
User profile
This should be established for every authorized user and determines each user's access level to hardware, software, and data according to the individual's job responsibilities
User profile
A company has stated that the main strategic objective is to improve the accounts payable function within the organization. There are limited resources for IT upgrades and modifications. The IT governance committee has received IT update requests from the public relations department, human services, and vendor satisfaction department. Given this information, which would likely be the first upgrade implemented?
Vendor satisfaction would be first because it would be most in line with the strategic objective of the company.
Common types of independent checks within the revenue process include all of the following, except:
Verification of the bank statement and the cash account in the general journal.
Which of the following displays the correct order of operations within the Sales Process?
Verify Prices, Prepare Sales order, verify credit limit, verify item is in stock
Client systems usually rely on the network for all EXCEPT:
Video presentation.
Which of the following is not a method of data input?
Viewed on the screen
Authorized employees may need to access the company IT system from locations outside the organization. These employees should connect to the IT system using this type of network
Virtual private network
The type of network uses tunnels, authentication, and encryption within the Internet network to isolate Internet communications so that unauthorized users cannot access or use certain data
Virtual private network
A self-replicating piece of program code that can attach itself to other programs and data and perform malicious actions is referred to as a(n):
Virus
A company must have systems in place to accomplish all of the following except:
Vocalize data.
The process of proactively examining the IT system for weaknesses that can be exploited by hackers, viruses, or malicious employees is called:
Vulnerability assessment
This method of monitoring exposure can involve either manual testing or automated software tools. The method can identify weaknesses before they become network break-ins and attempt to fix these weaknesses before they are exploited
Vulnerability assessment
Auditors may send text messages through a company's system to find out whether encryption of private information is occurring properly. In addition, special software programs are available to help auditors identify weak points in a company's security measures. These are examples of:
Vulnerability assessments
These tests of security controls analyze a company's control environment for possible weaknesses. Special software programs are available to help auditors identify weak points in their company's security measures.
Vulnerability assessments
The examination of the system to determine the adequacy of security measures and to identify security deficiencies is called:
Vulnerability testing
A character is to a field as
Water is to a pool.
Potential variations in conditions that are used to understand interactions between different parts of the business is referred to as:
What-if simulations.
Corrections to posting errors are made:
When discovered.
Data redundancy occurs:
When inventory has the same data in its files as sales has in its files.
A group of LANs connected to each other to cover a wider geographic area is called a:
Wide area network
This encryption method, used with wireless network equipment, is symmetric in that both the sending and receiving network nodes must use the same encryption key. It has been proven to be susceptible to hacking
Wired Equivalency Privacy (WEP)
This encryption method requests connection to the network via an access point and that point then requests the use identity and transmits that identity to an authentication server, substantially authenticating the computer and the user
Wireless Protection Access (WPA)
Information captured by a system is generated by financial transactions:
Within the organization and between an organization and its customers and vendors
Spending on ERP systems increased or decreased based on several factors. These factors include all of the following EXCEPT:
Y2K compliance concerns
When a valid URL is entered into your web browser:
Your computer will send an http command to a web server, directing the server to find and transmit the web page requested.
Which of the following is least likely to be an output of the accounting information system?
a bar code
Which of the following is not a good example of an effective password?
a1b2c3
In the cash receipts process, what must take place directly after preparing the cash receipts journal?
both A and B
Which of the following documents will be received by a customer after a sale?
monthly account statement
In the case of a manual accounting system, wages and payroll deductions would not be posted to the general ledger until the ________ forwards a signed journal voucher, giving the authorization.
payroll department
