AIS Exam #2
SOMETIMES a Debit Memo (DM):
A positive invoice the vendor sends to customer to increase what the customer owes on an invoice because of a shipping mistake - (shipped too many, but invoiced the original PO quantities)
Request for Quote (RFQ)
A request for goods/products (sometimes standard services) that has detailed specifications and quantities sent to several vendors - often for large scale projects (furniture for our new Business Building)
Two of the most popular audit software packages include: a. ITF b. ACL c. CIS d. SCARF
ACL
Debit Memo (DM)
A negative invoice the customer sends to the vendor to decrease an issued invoice (after agreement, and returning the excess quantity or damaged goods)
Credit Memo (CM)
A negative invoice the vendor sends to customer to decrease an issued invoice (often the customer "asks" for the CM because of damaged goods, pricing mistakes)
Request for Proposal (RFP)
A request for services including detailed objectives or goals to be achieved by the project / consulting job. The RFP will specify the exact details that must be included, number of pages, illustrations, qualifications, certifications etc. (consulting for revamping SBA website)
The applicable control for theft of cash is: a. Lockboxes b. Segregation of duties c. Use of cash registers d. All of the above
All of the above
internal auditing
Assurance and consulting activity designed to add value, improve organizational effectiveness and efficiency and accomplish organization objectives
4 Major Steps in the Auditing Process
Audit Planning, Collection of Evidence, Evaluation of Evidence and Communication of Results
Operational data is needed to monitor performance and to perform the following recurring tasks: a. Respond to customer inquiries about account balances and order status b. Select methods for delivering merchandise c. Determine inventory availability d. B and C e. All of the above
c. Determine inventory availability
The approach to managing inventory that is based on forecasted sales to schedule production is: a. IBM b. EOQ c. MRP d. JIT
c. MRP
parallel stimulation
using auditor written software to process data and comparing the output with the company's output; discrepancies are investigated to see if unauthorized program changes were made
system control audit review file (SCARF)
using embedded audit modules to continuously monitor transactions, collect data on transactions with special audit significance and store the data to later identify and investigate questionable transactions
reprocessing
using source code to reprocess data and comparing the output with the company's output; discrepancies are investigated to see if unauthorized program changes were made
Three-way Match:
voucher package - match the Vendor Invoice, to the PO, to the Receiving Report
Sales Order (SO):
a document or entry screen used by the vendor to create the order details from the customer referring to the PO
audit log
a file containing transactions that have audit significance
Purchase Order (PO)
a legal document from the customer specifying order details
input controls matrix
a matric that shows control procedures applied to each input record field; used to document the review of source data controls
Two documents usually accompany goods shipped to a customer. What are the two documents? an invoice and a packing slip a packing slip and a bill of lading a bill of lading and an invoice an invoice and a sales order
a packing slip and a bill of lading
The applicable control procedure for the threat of incomplete or inaccurate customer orders is: a. Data entry edit checks b. Segregation of duties c. Data entry edit controls d. Reconciliation of sales order with the picking ticket
a. Data entry edit checks
The major cost driver in the purchasing function is a. the number of purchase orders processed b. the price of the items purchased c. the reputation of the supplier d. none of the above.
a. the number of purchase orders processed
The focus of an operational audit is on which of the following? a. reliability and integrity of financial information b. all aspects of information systems management c. internal controls d. safeguarding assets
all aspects of information systems management
materiality
amount of an error, fraud or omission that would affect the decision of a prudent user of financial information
systems review
an internal control evaluation step that determines if necessary control procedures are actually in place
The audit technique used to catch the State Farm Life Insurance Company employee fraudulently taking cash was a. audit hooks b. snapshot technique c. program tracing d. internal control testing
audit hooks
audit hook
audit routines that notify auditors of questionable transactions, often as they occure
computer assisted audit techniques (CAATS)
audit software that uses auditor- supplied specifications to generate a program that performs audit functions
gneerated audit software (GAS)
audit software that uses auditor-supplied specifications to generate a program that performs audit functions
A useful report for management to control for the threat of uncollectible accounts is: a. Customer list b. Accounts receivable aging report c. Sales order report d. Inventory report
b. Accounts receivable aging report
The document used to request that an item be ordered is the a. purchase order b. purchase requisition c. purchase advice d. purchase auction
b. purchase requisition
The following are the business activities performed in the revenue cycle: 1. Shipping 2. Cash collections 3. Sales order entry 4. Billing The correct sequence in which these activities are performed is: a. 3, 2, 1, 4 b. 3, 4, 1, 2 c. 3, 1, 4, 2 d. 3, 4, 2, 1
c. 3, 1, 4, 2
The two basic methods to maintain accounts receivable are: a. Real-time and open-invoice b. Real-time and balance-forward c. Open-invoice and balance-forward d. None of the above
c. Open-invoice and balance-forward
The compensating controls that compensate for an internal control efficiency include(s) a. information systems insurance b. preventive maintenance c. effective user controls d. all of the above
c. effective user controls
A receiving report is typically not used for a. low cost supply items b. items ordered on blanket purchase orders c. receipt of services d. reoccurring items
c. receipt of services
vouching
comparing accounting journal and ledger entries with documentary evidence to verify that a transaction is valid, accurate, properly authorized and correctly recorded
compensating controls
control procedures that compensate for the deficiency in other controls
To ensure proper segregation of duties, only the ________ has authority to issue credit memos. cashier credit manager controller accounts receivable supervisor
credit manager
In performing an information systems audit, there are _____ audit objectives. a. 3 b. 4 c. 5 d. 6
d. 6
A general threat throughout the revenue cycle includes: a. Loss or destruction of data b. Invalid orders c. Theft of inventory d. All of the above e. None of the above
d. All of the above
The following lists the quantity and description of each item included in the shipment: a. Picking ticket b. Bill of lading c. Sales order d. Packing slip
d. Packing slip
Crucial operating decisions when selecting suppliers for inventory items includes: a. price b. quality of materials c. dependability of making decisions d. all of the above
d. all of the above
The first step in an operational audit is a. evaluating evidence b. collecting evidence c. communicating the results d. none of the above
d. none of the above
an audit is planned so that mot of it focuses on the areas with the highest risk factors. the risk that auditors and their audit procedures will fail to detect a material error or a misstatement is an a. inherent risk b. control risk c. detection risk
detection risk
Risk-based Audit Approach
determine the threats, identify the controls, evaluate the controls, for weak controls must increase testing or compensating controls
continuous and intermittent simulation (CIS)
embedding an audit module in a dbms that uses specified criteria to examine all transactions that update the database
When auditors have recommendations in their report to management, they use: a. audit objectives b. established policies c. audit scope d. established criteria
established criteria
investigative audit
examination of incidents of possible fraud, misappropriation of assets, waste and abuse or improper governmental activities
compliance audit
examination of organizational compliance with applicable laws, regulations, policies and procedures
operational audit
examination of the economical and efficient use of resources and the accomplishment of established goals and objectives
information systems (internal control) audit
examination of the general and application controls of an IS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets
analytical review
examination of the relationships
financial audit
examination of the reliability and integrity of financial transactions, accounting records, and financial statements
integrated test facility
inserting a dummy entity in a company's system; processing test transactions to update them will not affect actual records
An ________ is an arrangement where a bank receives customer payments and transmits payment data to the organization electronic data interchange (EDI) e-commerce electronic funds transfer (EFT) lockbox
lockbox
snapshot technique
marking transactions with a special code, recording them an their master file records before and after processing and storing the data to later verify that all processing steps were properly exeuted
Auditing
objectively obtaining and evaluating evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria
reasonable assurance
obtaining complete assurance that information is correct is prohibitively expensive, so auditors accept a reasonable degree of risk that the audit conclusion is incorrect
The activities in the expenditure cycle in the correct order of activity is: a. order, storing, paying b. ordering, receiving, approving, paying c. identifying needs, approving, ordering, paying d. approving, receiving, paying
ordering, receiving, approving, paying
The ________ normally triggers the billing process in the revenue cycle. packing slip received from the shipping department journal voucher received from the shipping department sales order received from the sales department picking ticket received from the sales department
packing slip received from the shipping department
reperformance
performing calculations again to verify qualitative information
Laz Chance wears roller blades and headphones when he is at work at the Squishy Things Toy Company. He is a product packer. The headphones give him computer-generated instructions so he knows the location of each item and quantity that should be included in the order. These instructions are the equivalent of a sales order. packing slip. picking ticket. bill of lading.
picking ticket.
An integrated test facility technique a. examines the way transactions are processed b. places a small set of fictitious records in the master files c. uses embedded audit modules to continuously monitor transaction activity and collect data on transactions with special audit significance d. searches a program for occurrences of a specified variable name or other character combinations
places a small set of fictitious records in the master files
auditing is the systematic process of obtaining and evaluating evidence regarding assertions about economic actions and events in order to determine how well they correspond to the established criteria. developing knowledge of business operations is regarded as a part of which of the following audit processes? a. planning b. collection of evidence c. evaluation of evidence d. communication of results
planning
embedded audit modules
program code segments that perform audit functions, report test results and store the evidence collected for auditor review
6. The __________ audit procedure is used for the audit of __________. a. examine system access logs; program development b. review programming evaluation standards; overall computer security c. proper use of internal and external file labels; computer processing controls d. review program documentation standards; program modification
proper use of internal and external file labels; computer processing controls
A monthly statement sent to customers serves a control purpose by reminding customers of the balance due and due date. summarizing invoices and amounts due for customers. triggering the process to record a customer payment. providing an opportunity for customers to verify the balance owed and activity on the account.
providing an opportunity for customers to verify the balance owed and activity on the account.
The least effective control for preventing an organization from processing fraudulent credit memo is to match each credit memo with a receiving report. require approval for each credit memo by the credit manager. reconcile total of credit memos to total debits posted to customers' subsidiary ledgers. sequentially prenumber all credit memos and perform a sequence check at the end of each day.
reconcile total of credit memos to total debits posted to customers' subsidiary ledgers.
The document a customer returns with their payment and that identifies the source and the amount of the payment is called a credit memorandum. remittance advice. closed-loop advice. debit memorandum.
remittance advice.
which of the following procedures is not used to detect unauthorized program changes? a. source code comparison b. parallel simulation c. reprocessing d. reprogramming code
reprogramming code
what is the four step approach to internal control evaluation that proves a logical framework for carrying out an audit a. inherent risk analysis b. systems review c. tests of controls d. risk based approach to auditing
risk based approach to auditing
control risk
risk that a material misstatement will get through the internal control structure and into the financial statements
Which of the following is a computer technique that assists an auditor in understanding program logic by identifying all occurrences of specific variables?? a. mapping program b. program tracing c. automated flowcharting d. scanning routine
scanning routine
program tracing
sequentially printing all executed program steps, intermingles with output, so a programs execution sequence can be observed
scanning routines
softeware that searches a program for the occurrence of specified items
test data generator
software that based on program specifications, generates a set of data used to test program logic
source code comparison program
software that compares the current version of a program with its source code; differences should have been properly authorized and correctly incorporated
concurrent audit techniques
software that continuously monitors a system as it processes live data and collects, evaluates, and reports information about system reliability
mapping programs
software that identifies unexecuted program code
automated flowcharting programs
software that interprets a programs source code and generates a flowchart of the programs logic
automated decision table programs
software that interprets the programs source code and generates a decision table of the programs logic
inherent risk
susceptibility to significant control problems in the absence of internal control
tests of controls
tests to determine whether existing controls work as intended
which of the following is a concurrent audit technique that monitors all transactions and collects data on those that meet certain characteristics specified by the auditor? a. ITF b. snapshot techniques c. SCARF d. audit hooks
SCARF
EOQ
Square root of 2DP/C (D=demand per period, P=Ordering cost per PO, C=Carrying Cost per unit per period
When a customer places an order (on account) for a certain product, what should be done first? Shipping should be notified of an order in process. A picking list should be generated for the warehouse. The purchase order should be created and written to a file. The customer's available credit should be checked.
The customer's available credit should be checked.
An important decision during the shipping stage is a. Selecting a carrier b. Location of distribution centers c. All of the above d. None of the above
c. All of the above
Inventory Terms:
Economic Order Quantity (EOQ), Reorder Point, Materials Requirement Planning (MRP), Just-in-Time (JIT) inventory system, Kanban systems
Financial Audit
Examines the reliability and integrity of financial transactions, accounting records, and financial statements
Types of Audits:
Financial, Information Systems, Internal Control, Operational, Compliance, and Investigative
which of the following is a computer program written especially for audit use? a. GAS b. CATAS c. ITF d. CIS
GAS-- STERK SAYS CAATS
A typical audit has a mix of audit procedures, which of the following is not an audit procedure? a. Confirmation b. Vouching c. Analytical review d. Identify risk factors
Identify risk factors
Which type of audit risk involves the chance that there will be a material risk when the controls are absent? a. External risk b. Inherent risk c. Internal risk d. Control risk
Inherent risk
Aging of accounts receivable is based on the a. sales order date b. picking ticket date c. invoice date d. bill of lading date
Invoice date
Bogumil Distributors is an Internet-based wholesaler. Customers enter their orders online. The manager of Cezary Foods was entering an order when the following error message popped up: "Your order exceeds your available credit. You will be contacted within 8 hours." This message is the result of a limit check. reasonableness test. validity check. sign check.
Limit check
Information Systems Audit
Reviews the controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets. (done by experts - a narrow field of practice)
detection risk
Risk that auditors and their audit procedures will fail to detect a material error or misstatement
at what step in the audit process do the concepts of reasonable assurance and materiality enter into the auditors decisions process a. planning b. evidence collection c. evidence evaluation d. they are important in all three steps
they are important in all three steps
Reperformance of calculations is part of the collection of evidence process true or false
true
Confirmation
written communication with independent third parties to confirm the accuracy of information such as customer account balances
