AIS CH 5, 6, and 7
5-5. The difference in price for middle-market accounting software versus for an ERP system can be millions of dollars. What can these high-end systems do that the less-expensive enterprise accounting packages cannot?
Integrate financial/ accounting subsystems with CRM, HR and GSCOMProvide business intelligence tools to help managers make decisions 4 Components: system configuration, centralized database, application interface, and internet portals Reduce inventory investments and improve asset management Improve flexibility and responsiveness of large businesses
5-1. What are some important features of integrated accounting software for small businesses? Why are they important?
Integrated accounting software binds together various separate accounting processes in the same package. The most popular software for small business is QuickBooks and Peachtree.Aids in producing general ledgers for business transactionsProduce reports: basic financial statements, budget reports, technical chartsMaintains AR, AP, and inventory Have several sample charts of accounts that users can customize according to their structureFeatures cloud computing, which enables users to store large data safely
5-2. How are the integrated accounting systems for small businesses like those for larger businesses? How are they different?
Similarities: Budget capabilitiesCheck and invoice printing Recurring journal entry capabilities Customized financial reporting Differences: Larger have ability to process transaction in multicurrencyLarger have capability to split commission between multiple sales people
Q6-1. This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the organization. a. Internal control b. SAS No. 94 c. Risk assessment d. Monitoring
a
Q7-3. Fault-tolerant systems are designed to tolerate computer errors and are built on the concept of _____. a. redundancy b. COBIT c. COSO d. integrated security
a
Q6-6. An internal control system should consist of five components. Which of the following is not one of those five components? a. The control environment b. Risk assessment c. Monitoring d. Performance evaluation
d
Q5-9. Components of an ERP's architecture typically include: a. a centralized database and application interfaces b. Internet portals and multiple databases c. a centralized database running on a mainframe computer d. business intelligence and multiple databases
a
Q6-11. Which of the following is not one of the components of the 2017 COSO Enterprise Risk Management: Aligning Risk with Strategy and Performance Framework: a. Risk and Compliance b. Risk, Strategy, and Objective-Setting c. Monitoring Enterprise Risk Management Performance d. Risk in Execution
a
Q6-4. Which of the following would a manager most likely use to organize and evaluate corporate governance structure? a. The 2013 COSO Internal Control—Integrated Framework b. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework c. The Sarbanes-Oxley Act of 2002 d. COBIT
a
Q6-7. COSO recommends that firms to determine whether they should implement a specific control. a. Use cost-benefit analysis b. Conduct a risk assessment c. Consult with the internal auditors d. Identify objectives
a
Q7-10. A company's management is concerned about computer data eavesdropping and wants to maintain the confidentiality of its information as it is transmitted. The company should utilize a. data encryption. b. dial-back systems. c. message acknowledgment procedures. d. password codes.
a
Q7-2. According to PCAOB Standard No. 5, which of the following is an example of an entity-level control? a. Effectiveness of the board of directors b. Personnel controls c. Access to computer files d. All of the above
a
Q5-4. Mid-level accounting software: a. can only be deployed through a server networked with desktop computers b. may be purchased in modules that match various business processes c. will not be appropriate for a multinational company because these programs cannot handle foreign currencies d. is generally inappropriate for a company operating in a specialized industry, such as retail or not-for-profit
b
Q5-7. Accounting and enterprise software can be expensive. Which of the following is likely to be the highest cost associated with a new AIS? a. the cost of new hardware b. the cost of implementing and maintaining the new system c. the cost of the software d. the cost of converting old data for the new system
b
Q5-8. In selecting a new AIS, a company's management should: a. always hire a consultant b. always consult with your accountant during the decision process c. never rely on your accountant for help in this decision d. always use an Internet software service to make the decision
b
Q6-13. Segregation of duties is a fundamental concept in an effective system of internal control. But, the internal auditor must be aware that this safeguard can be compromised through: a. lack of training of employees b. collusion among employees c. irregular employee reviews d. absence of internal auditing
b
Q6-2. Which of the following is not one of the four objectives of an internal control system? a. Safeguard assets b. Promote firm profitability c. Promote operational efficiency d. Encourage employees to follow managerial policies
b
Q6-5. Which of the following would a manager most likely use for risk assessment across the organization? a. The 2013 COSO Internal Control—Integrated Framework b. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework c. The Sarbanes-Oxley Act of 2002 d. COBIT
b
Q6-8. Which of the following is not one of the three additional components that was added in the 2004 COSO Enterprise Risk Management—Integrated Framework? a. Objective setting b. Risk assessment c. Event identification d. Risk response
b
Q7-1. A _____ is a comprehensive plan that helps protect the enterprise from internal and external threats. a. firewall b. security policy c. risk assessment d. VPN
b
Q7-6. Which of the following is not a computer facility control? a. Place the data processing center where unauthorized individuals cannot gain entry b. Limit access to the data processing center to all employees of the company c. Buy insurance to protect against loss of equipment in a computer facility d. Use advanced technology to identify individuals who are authorized access to the data processing center
b
6-1. What are the primary provisions of the 2013 COSO Internal Control—Integrated Framework?
- Keeps basic features of 1992 COSO IC-IF (definition, five components, and COSO Cube) - Adds 17 principles that inform the five components of internal control
6-3. Why are the COSO and COBIT frameworks so important?
COSO and COBIT offer controls and processes that, when assembled, can provide a measure of reliability and integrity for financial controls.
5-4. What are some of the advantages of the cloud computing feature of integrated accounting software? What are some of the disadvantages of a hosted solution?
The cloud-computing feature enables businesses to store large financial data on hosted sites. Advantages:Can access accounting info from variety of internet devices anytime anywhereAutomatically store and back up important dataProvides multiple user accessProvides upgrades of softwarePrint reports directly from host data source Disadvantages: Dependent on internet connectivity Data not completely safe, could be breachedMay not be cost effective for small businessesMay not support certain applications, must be careful when choosing vendor
Q7-7. In entering the billing address for a new client in Emil Company's computerized database, a clerk erroneously entered a nonexistent zip code. As a result, the first month's bill mailed to the new client was returned to Emil Company. Which one of the following would most likely have led to the discovery of the error at the time of entry into Emil Company's computerized database? a. Limit test b. Validity test c. Parity test d. Record count test
b
Q5-1. Low-end accounting software is increasingly complex and sophisticated. However, software costing only a few hundred dollars is not likely to: a. provide information to multiple stores where a company operates more than one b. include a chart of accounts that users may customize to suit their industry c. provide all the information needed to optimize customer and supplier relationships d. provide information for budgeting decisions
c
Q5-10. Within the context of ERP systems, a mashup is: a. a combination of several accounting systems b. the mess created when ERP systems fail to interface with legacy systems c. a Web page that can combine data from two or more external sources d. the informal name given to annual ERP conferences
c
Q5-3. Which of the following accounting software programs would be appropriate for a small business (e.g., a sole proprietorship with 20 employees)? a. SAP b. QuickBooks c. NetSuite d. Oracle
c
Q5-5. Which of the following is a distinguishing characteristic of an enterprise-wide (ERP) system? a. must be a hosted solution b. multiple databases c. integration of business functions d. low cost
c
Q6-10. Which of these is not one of the three major types of controls? a. Preventive b. Corrective c. Objective d. Detective
c
Q6-14. Which one of the following forms of audit is most likely to involve a review of an entity's performance of specific activities in comparison to organizational specific objectives? a. Information system audit b. Financial audit c. Operational audit d. Compliance audit
c
Q6-3. Section 404 affirms that management is responsible for establishing and maintaining an adequate internal control structure. This section may be found in which of the following? a. The 2013 COSO Internal Control—Integrated Framework b. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework c. The Sarbanes-Oxley Act of 2002 d. COBIT
c
Q6-9. Separation of duties is an important control activity. If possible, managers should assign which of the following three functions to different employees? a. Analysis, authorizing, transactions b. Custody, monitoring, detecting c. Recording, authorizing, custody d. Analysis, recording, transactions
c
Q7-11. Which one of the following would most compromise the use of backups as protection against loss or damage of master files?16 a. Use of magnetic tape b. Inadequate ventilation c. Storing of all files in one location. d. Failure to encrypt data
c
Q7-4. A _____ site is a disaster recovery site that is fully staffed and utilizes real-time replication of data and transaction processing. a. hot b. cold c. mirrored d. backup
c
Q7-9. Organizations use _____ controls to prevent, detect, and correct errors and irregularities in transactions that are processed. a. specific b. general c. application d. input
c
Q5-2. Which of the following reasons might explain why a small business owner would hire a CPA firm or a software consultant to help select accounting software? a. to train employees to use the software b. to help the firm identify useful reports for decision-making c. to help with rescue/recovery needs should a disaster occur d. all of the above
d
Q5-6. An organization will always need to upgrade to a new AIS if: a. a major competitor buys a new package b. customers complain about late deliveries c. the company wants to begin doing business over the Internet d. none of the above are necessarily reasons to buy new accounting software
d
Q6-12. When management of the sales department has the opportunity to override the system of internal controls of the accounting department, a weakness exists in a. risk management b. information and communication c. monitoring d. the control environments
d
Q7-5. Disaster recovery plans may not be of much use if _____. a. they are not fully documented b. the organization does not have a cold site for relocation purposes c. the organization does not expect any natural disasters to occur d. they are not tested periodically and revised when necessary
d
Q7-8. A _____ is a security appliance that runs behind a firewall and allows remote users to access entity resources by using wireless, handheld devices. a. data encryption b. WAN c. checkpoint d. VPN
d