Accounting Info Systems Final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Based on SOX, which of the following sections is about corporate responsibility for financial reports? -302 -201 -101 -404

302

Based on SOX, which of the following sections is about internal controls? 404 906 401 302

404

According to estimates considered in the chapter, up to what percentage of a data analyst's time is spent cleaning (or scrubbing) the data to be ready for analysis?

90%

What is a requirement of the proof of authority algorithm? -A few members have known identities. -A portion of the miner's blocks will be locked until it is validated. -Large quantities of compute power are required to solve a complex mathematical problem. -None of these are a requirement of the proof of authority algorithm.

A few members have known identities.

Which of the following best describes a data visualization? -Part of the information value chain -A tool for preparing the data -A tool for recording data transactions -A graphical representation that presents information to decision makers -None of the choices are correct.

A graphical representation that presents information to decision makers

Which of the following is an important consideration in designing a data visualization? -Choosing the right chart -Using explanatory titlesload -Using color or size to draw attention to key insights -Defining chart elements clearly -All of the choices are correct.

All of the choices are correct.

Which of the following describes the difference between artificial intelligence, machine learning, and deep learning? -Machine learning is a subset of AI. -Deep learning is a subset of machine learning. -AI encompasses machine learning and deep learning. -All of these choices are correct.

All of these choices are correct.

Which of the following fields is one of the foundations of the artificial intelligence field? -Philosophy. -Neuroscience. -Cybernetics. -Psychology. -All of these choices are correct.

All of these choices are correct.

Which of the following technologies are used in blockchain? -hashing -cryptography -smart contracts for business rules -All of these choices are correct.

All of these choices are correct.

Tableau supports which of the following joins between tables? -Inner join (blue only highlights the overlapping part of the circles). -Left join (blue highlights the left circle). -Right join (blue highlights the right circle). -Full outer join (blue highlights both circles). -All of these.

All of these.

Which of the following is a way to use a table for basic data analytics? -Add a Total Row to the bottom of the table. -Use column filters to view summary information. -Chart information is the total rows. -All of these.

All of these.

Which of the following best describes the Show Me tool in Tableau? -Allows easy selection of the relevant visualization options. -Helps users select the best formatting for their visualization. -Provides context-sensitive help. -None of these.

Allows easy selection of the relevant visualization options.

Which of the following best describes the purpose of Data View in Power BI? -Allows editing, formatting, and calculating new fields. -Allows setting or editing relationships among tables. -Allows creating or editing visualizations. -None of these.

Allows editing, formatting, and calculating new fields.

The A in the AMPS model stands for which of the following?

Ask the Question

The AICPA developed standards called ADS for the formatting of data files and fields typically needed to support an external audit in a given financial business process area. What does the acronym ADS stand for?

Audit Data Standards

Threat: Posting the amount of a sale to a customer account that does not exist Type of Input Control: ___

Authorization (for sales transactions) or the use of a validity check on the customer number

Which duties should be completed by different people to achieve strong separation of duties? -Journalizing and posting -Receivables and payables -Authorization, custody and recordkeeping -Document numbering and document completion

Authorization, custody and recordkeeping Separation of duties requires segregation of authorization, custody and recordkeeping.

Which of the following statement is false? -A distributed ledger contains many copies of the same ledger. -A distributed ledger stores the same set of transaction records. -Because a distributed ledger exists in a blockchain network, a computer consisting of all transaction records may crash and cause the syncing issue in the blockchain network. -A transaction record cannot be added to the blockchain unless there is network consensus.

Because a distributed ledger exists in a blockchain network, a computer consisting of all transaction records may crash and cause the syncing issue in the blockchain network.

Which of the following is created mainly for cryptocurrency application? -Ethereum -Bitcoin -Corda -Hyperledger

Bitcoin

Which of the following statements is false? -Private blockchain requires permissions to join the network. -Bitcoin uses smart contract to specify the business rules. -In Ethereum, a new block is added every 12 to 15 seconds. -Blockchain transactions are immutable.

Bitcoin uses smart contract to specify the business rules.

Threat: Entering the contract number of a critical contract as 13688 instead of 16388, which is a serious mistake for the company Type of Input Control: ___

Check digit verification

Which of the following is not an important consideration when developing and presenting a visualization? -Choosing the right visualization tool. -Choosing the right chart for the information. -Keeping the user/decision maker in mind. -Directing user to the most important information.

Choosing the right visualization tool.

After creating tables in Excel, which of the following would you do to create table relationships? -Click Insert > Tables > Recommended Pivot Tables. -Click Data > Data Tools > Relationships. -Click Table Design > Tools > Summarize with Pivot Table. -Click Formulas > Function Library > Relationships. -None of these.

Click Data > Data Tools > Relationships.

To change formatting (such as changing a general number to currency) for the field dragged to the Σ Values area, you would do which of the following? -Click on the field name and select Value Field Settings from the popup menu. -Go back to the original table and set the format for the field. -You can't change formatting at this point, so do nothing. -None of these.

Click on the field name and select Value Field Settings from the popup menu.

Which of the following is not a common problem with visualizations? -Comparison of performance metrics. -Too many lines. -All slices of similar size. -Too much detail and lack of clear relationships. -Bins too large to show detail.

Comparison of performance metrics.

Threat: Approving a customer order without the customer's address so the order was not shipped on time Type of Input Control: ___

Completeness Check

Most input controls are designed to assess one field only, which of the following input controls will need to examine a record to determine the control is effective or not? -Completeness check. -Size check. -Validity check. -Range check.

Completeness check.

After starting Tableau, which of the following is the first step in your data analysis? -Connect to the data. -Set relationships between worksheets. -Drag Dimensions to Shelves. -Create calculated fields. -None of these.

Connect to the data.

The information system of Carlsbad Bottle Inc. is deemed to be 90 percent reliable. A major threat in the procurement process has been discovered, with an exposure of $300,000. Two control procedures are identified to mitigate the threat. Implementation of control A would cost $18,000 and reduce the risk to 4 percent. Implementation of control B would cost $10,000 and reduce the risk to 6 percent. Implementation of both controls would cost $26,000 and reduce the risk to 2.5 percent. Given the information presented, and considering an economic analysis of costs and benefits only, which control procedure(s) should Carlsbad Bottle choose to implement?

Control B Expected benefit of an internal control = Impact × Decreased Likelihood Control A: 300,000 × (10% − 4%) = 18,000 = 18,000 Control B: 300,000 × (10% − 6%) = 12,000 > 10,000 Control A&B: 300,000 × (10% − 2.5%) = 22,500 < 26,000 Carlsbad should implement control B.

Which of the following is not one of the five essential components in the COSO 2013 framework? -Control assessment -Monitoring activities -Control activities -Control environment

Control assessment

Which term is used to describe the science of examining raw data, removing excess noise from the dataset, and organizing the data with the purpose of drawing conclusions for decision making?

Data Analytics

Which of the following is the best description of a data visualization? -Data visualizations require an analytics mindset. -Each data analytics software product includes its own data visualization tool. -Data visualizations are graphical representations that present information to decision makers. -Data visualization tools include Excel, Tableau, Power BI.

Data visualizations are graphical representations that present information to decision makers.

Which of the following is not part of common steps in using a data analysis tool? -Get data -Set relationships among tables -Select the attributes for the visualization -Deliver the visualization to the decision maker -None of the choices are correct.

Deliver the visualization to the decision maker

Which type of analytics would be associated with summarizing what happened in the past? -Descriptive -Prescriptive -Diagnostic -Predictive

Descriptive

Which type of analytics addresses "Why did it happen"?

Diagnostic

What type of analysis addresses questions of "Why did it happen"?

Diagnostic analysis

Which of the following is not a basic activity for data visualization? -Documenting the business processes that generate data -Understanding the data -Selecting the data visualization tool -Developing the visualization -None of the choices are correct.

Documenting the business processes that generate data

Once you connect to the data source in Tableau, what is the next step (assuming the data source includes multiple tables)? -Drag the desired tables to the canvas. -Set the primary and foreign keys in each table. -Go to your first worksheet to create a visualization. -None of these.

Drag the desired tables to the canvas.

Which of the following is not a component in the COSO 2013 internal control framework? -Effective operations -Risk assessment -Control environment -Control activities -Monitoring

Effective operations

If the AI application predicts three classifications, how may rows would be in the confusion matrix to summarize results? Only 1. Two or more. Exactly 2. Exactly 3.

Exactly 3.

Which is not an example of a batch total? -Hash total -Financial total -Exception total -Record count

Exception total

Which of the following is not a component of COSO ERM? -Event identification -External environment -Internal control evaluation -External environment and Internal control evaluation

External environment and Internal control evaluation Internal environment, objective setting, event Identification, risk assessment, risk response, control activities, information and communication, and monitoring activities are the eight components in the COSO ERM framework.

The acronym, ETL, in the process of readying data for use in data analysis refers to what three words? -Extrapolate, Transform and Lift -Extrapolate, Transpose and Load -Extract, Transform and Load -Extract, Transform and Lift

Extract, Transform and Load

T/F: Backup is a preventive control.

False

T/F: SOX requires companies to use COSO or COSO ERM as the framework in evaluating internal controls

False

T/F: A major reason of internal controls implemented for an information system is to provide perfect assurance that the goals of each business process are achieved.

False Internal control for an information system is aimed to provide reasonable assurance that the goals of each process are achieved.

What is the major difference between the proof of authority (PoA) consensus algorithm and proof of work (PoW) consensus algorithm? -For PoA, validator identities are known. -For PoW, smaller number of validators is required. -For PoW, only a select group of participants in the network is creating blocks. -For PoA, all participants must compete to gain the consensus as the validator.

For PoA, validator identities are known.

How many copies of the ledger are in a blockchain network with 4 participating nodes?

Four

Bill is responsible for custody of the finished goods in the warehouse. If his company wishes to maintain strong internal control, which of the following responsibilities are incompatible with his primary job? -He is responsible for the company's fix asset control ledger. -He is responsible for receiving of goods into the warehouse. -He is responsible for the accounting records for all the receipts and shipments of goods from the warehouse. -He is responsible for issuing goods for shipment.

He is responsible for the accounting records for all the receipts and shipments of goods from the warehouse. Segregation of duties is an important internal control. It requires the segregation of asset custody and record keeping. Since Bill is responsible for the finished goods custody, he should not be also responsible for keeping accounting records of the finished goods at the same time.

Which of the following best describes the purpose of the Show Me feature in Tableau? -Guides the user through an analysis of data relationships. -Helps the user change the format of the selected data. -Helps the user change the color of worksheet visualization components. -Helps the user select the best chart to display the selected measures and dimensions. -None of the choices are correct.

Helps the user select the best chart to display the selected measures and dimensions.

Mining does not exist in -Bitcoin -Ethereum -Hyperledger -None of these choices is correct.

Hyperledger

Which statement is false? -Each block of Bitcoin takes about 10 minutes to be added to the blockchain -Ethereum uses smart contract -Corda is an open source blockchain -Hyperledger is developed for the banking industry

Hyperledger is developed for the banking industry

(CISA exam, adapted) To ensure confidentiality in an asymmetric-key encryption system, knowledge of which of the following keys is required to decrypt the receive message? I. Private II. Public

I. Private

Which of the following is considered a control environment factor by the COSO definition of internal control? -Control objectives -Integrity and ethical values -Reasonable assurance -Risk assessment

Integrity and ethical values The internal control environment provides the discipline and structure for all other components of enterprise risk management. Internal environment factors include a firm's risk management philosophy and risk appetite, integrity and ethical values, organizational structure, board of directors and the audit committee, human resource policies and practices, assignment of authority and responsibility, commitment to competence, and development of personnel.

Which of the following is the best description of artificial intelligence? -Sophia the robot developed by Hanson Robotics. -A broad field in data analytics. -Intelligence exhibited by machines rather than humans. -The use of technology to support decision making.

Intelligence exhibited by machines rather than humans.

Which of the following is a correct statement about COSO ERM 2017 framework? -It focuses on evaluating effectiveness of internal controls. -It enhances alignment among strategy-setting, decision-making, and performance through enterprise risk management. -It is a framework developed by the IT audit profession. -It stresses the importance of having one department responsible for risk management.

It enhances alignment among strategy-setting, decision-making, and performance through enterprise risk management.

Which of the following best describes the purpose of the slicer for pivot tables? -It sorts the pivot table. -It produces grand totals for the data in the pivot table. -It filters the output of the pivot table. -None of these.

It filters the output of the pivot table.

Which of the following is a correct statement about COBIT 2019 framework? -It is designed for information and technology governance and management. -It is a framework for IT audit conducted by public accounting firms. -It is a framework for enterprise risk management. -It focuses on providing guidance for information security.

It is designed for information and technology governance and management.

Which of the following charts is used to show trend over time? -Symbol maps -Treemaps -Line charts -Pie charts -Scatter plots

Line charts

Which of the following best describes the difference between artificial intelligence and machine learning? -Machine learning is a subset of AI. -Machine learning only applies to deep learning algorithms. -AI and machine learning are the same thing. -Machine learning requires less data than AI. -None of these choices are correct.

Machine learning is a subset of AI.

Which of the following best describes machine learning? -Machine learning is a technique by which a software model is trained using data. -Machine learning involves a computer's ability to learn from specific instructions. -Machine learning uses complex, multi-layer neural networks. -None of these choices is correct.

Machine learning is a technique by which a software model is trained using data.

Which of the following best describes machine learning? -Machine learning is driven by programming instructions. -Machine learning is a different branch of computer science from AI. -Machine learning is a technique where a software model is trained using data. -Machine learning is the ability of a machine to think on its own. -None of these choices are correct.

Machine learning is a technique where a software model is trained using data.

The responsibility of enterprise risk management belongs to? -Internal auditors -Management -External auditors -Controller

Management

What information does a block in the Bitcoin network not contain? -The sender -The receiver -The quantity of bitcoins to transfer -The sender and the receiver -None, a block contains all of this information.

None, a block contains all of this information.

Which type of analytics would be associated with forecasting future sales amounts for a company?

Predictive

Which type of analytics would be associated with finding the sales amount needed to break even?

Prescriptive

Which edit check compares entered data to a predetermined acceptable upper and lower limit? -Range check -Valid check -Field check -Sequence check

Range check Range checks test a numerical amount to ensure that it is within a predetermined range.

Threat: An intern's pay rate was entered as $150 per hour, not $15 per hour Type of Input Control: ___

Reasonableness Check

Which of the following statements is correct? -Regarding IT control and governance, the COBIT framework is most commonly adopted by companies in the United States. -ISO 27000 series are best practices for IT service management. -ITIL is the best internal control framework for the high-tech industry. -SOX requires all public companies to use the COSO ERM framework to meet the requirements of section 404.

Regarding IT control and governance, the COBIT framework is most commonly adopted by companies in the United States.

Which is least likely to be provided by an application control? -Accuracy -Completeness -Reliability -Authorization

Reliability Reliability is a general property of the information system taken as a whole whereas application deal with specific processing of subsets of data to support specific business functions.

Which of the following is not a metric used to assess the performance of a model? -Precision. -Reliability. -Accuracy. -Recall. -None of these choices is correct.

Reliability.

Under COSO ERM framework, which of the following objectives involves parties external to the organization? -Strategic objectives -Compliance objectives -Operation objectives -Reporting objectives

Reporting objectives The ERM framework takes a risk-based, rather than a control-based approach to achieving the firm's objectives in four categories: Strategic, compliance, operation and reporting. The reporting objective is about the reliability of internal and external reporting. Hence, it may involve external parties.

Avoiding, accepting, reducing and sharing are components of _____ in Enterprise Risk Management? -Risk response -Risk assessment -Control activities -Communication and monitoring

Risk response Avoiding, accepting, reducing and sharing are four options regarding risk response.

To convert raw data to a table in Excel, you select any cell within the data and then do which of the following? -Select Insert > Tables > Table -Select Data > Outline > Group -Select View > Get External Data > From Access -Select Insert > Tables > Pivot Table

Select Insert > Tables > Table

Which of the following is not a common step in preparing data and developing visualizations? -Get data. -Set relationships among tables. -Select attributes for visualizations. -Select the visualization tool.

Select the visualization tool.

To authenticate the message sender in an asymmetric-key encryption system, which of the following keys is required to decrypt the received message? -Sender's public key -Receiver's private key -Receiver's public key -Sender's private key

Sender's public key

Threat: A customer entering too many characters into the five-digit zip code while making an online purchase, causing the server to crash Type of Input Control: ___

Size Check

Which of the following statements is true? -Because blockchain transactions are stored in chronological order, you may trace a block from an earlier transaction block to the most recent block in the blockchain. -Both permissioned and public blockchains need miners to determine which transaction block should be added next. -Ethereum is a private blockchain. -Smart contract was introduced in Ethereum.

Smart contract was introduced in Ethereum.

Which of the following best describes supervised learning? -The computer discovers patterns in the data. -The model discerns how elements of the dataset are alike. -The output is a known set of values to predict from the input. -None of these choices is correct.

The output is a known set of values to predict from the input.

Based on COSO 2013, which of the following statements is not correct? -Internal control is a process consisting of ongoing tasks and activities. -Employees at any level of an organization play a role in internal control. -The responsibility of monitoring the effectiveness of internal controls belongs to the internal audit group. -Internal controls can provide reasonable assurance only.

The responsibility of monitoring the effectiveness of internal controls belongs to the internal audit group.

T/F: Batch Processing is the aggregation of several business events over a set period of time with eventual processing of the related data (periodic processing).

True Typical batch processing is comprised of four characteristic steps, with a delay between each step. The sequence of each step is that a business event occurs, data is recorded in the system, the master files are updated, and a report or other output is generated.

Which of these is not a Power BI view? -Report view -Data view -Relationships view -Visualization view -None of the choices are correct.

Visualization view

Big Data is often described by the four V's, or -Volume, Velocity, Veracity and Variety -Volume, Velocity, Volatility and Veracity -Volume, Volatility, Variability, and Variety -Volume, Volatility, Veracity, and Variability

Volume, Velocity, Veracity and Variety

Which of the following is not one of the five basic questions that machine learning applications answer? -What data should I use? -What should I do next? -How are these alike? -Is it different?

What data should I use?

Which type of question does descriptive analysis address?

What happened?

Which type of question does prescriptive analysis address?

What should we do based on what we expect will happen?

To link tables in Excel, you do which of the following? -Pick the table with the foreign key first. -Pick the related lookup table with the primary key second. -Link the column with the foreign key to the column with the primary key. -You would do all of these.

You would do all of these.

When we refer to smart contract in blockchain, we mean: -a digital copy of paper contract such as a Word file. -a piece of software code that can be executed or triggered by business activities. -a contract that can be edited at any time for business rules. -a digital contract that can be distributed all to the participants with all terms defined.

a piece of software code that can be executed or triggered by business activities.

Prenumbering of source documents helps to verify that: -no inventory has been misplaced. -multiple types of source documents have a unique identifier. -documents have been used in order. -all transactions have been recorded because the numerical sequence serves as a control.

all transactions have been recorded because the numerical sequence serves as a control.

Controls that are designed to prevent, detect, or correct errors in transactions as they are processed through a specific subsystem are referred to as: -general controls. -application controls. -physical controls. -Two of the choices are correct. -None of the choices are correct.

application controls.

The computer sums the first four digits of a customer number to calculate the value of the fifth digit and then compares that calculation to the number typed during data entry. This is an example of a: check digit verification. field check. parity check. batch total.

check digit verification.

Access control to ensure only authorized personnel have access to a firm's network is a: -input control. -output control. -general control. -process control.

general control.

The ISO 27000 series are a framework for: -IT governance. -data management. -IT general controls. -information security management.

information security management.

What is the blockchain analogous to? -messaging -text file -ledger -code executable

ledger

In the Ethereum network: -mining of Ether occurs at a constant rate. -transaction fees are higher than Bitcoin. -miner uses SHA256 to determine if a block is a valid block. -because a smart contract describes business rules and is also flexible for different industries, it can be modified to fit the business after a block is inserted to the Ethereum network.

mining of Ether occurs at a constant rate.

A field check is a(n) -output control. -corrective control. -preventive control. -general control. -detective control.

preventive control.

Segregation of duty is a: -corrective control. -preventive control. -detective control. -personnel general control.

preventive control.

What type of blockchain does not restrict participation in the network?

public

(CMA exam, adapted) Data processing activities may be classified in terms of three stages or processes: input, processing, and output. An activity that is not normally associated with the input stage is: -recording. -reporting. -batching. -verifying.

reporting

(CISA exam, adapted) Authentication is the process by which the: -system verifies that the user is entitled to enter the transaction requested. -user indicates to the system that the transaction was processed correctly. -system verifies the identity of the user. -user identifies him- or herself to the system.

system verifies the identity of the user.


Ensembles d'études connexes

AP Macroeconomics Reading Module 39

View Set

Final Review - Chapter 5: The Integral

View Set

Kieso Chapter 2 Intermediate Accounting Chapter-End ANSWERS

View Set

AP Government & Politics-Congress

View Set

Chapter 8 Learning Question #7: What are typical data-mining applications?

View Set

Acknowledging an Order and Thanking a Customer

View Set