Family Feud

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Name one of the sections of the CPA exam

Audit and Attestation Regulation Financial Accounting and Reporting Business Environment and Concepts

Name a certification that an auditor might earn

CPA CIA [internal auditor] CFE [fraud examiner] CISSP [information systems security professional] CISM [information security manager] CISA [information systems auditor]

Name one of the five components of internal controls as defined by COSO

CRIME control activities Risk assessment Information and communication Monitoring Environment (control)

Name a security technology that was used in the movie SNEAKERS to attempt to protect information or physical devices

Card readers and logs voice recognition encrytion passwords motion/heat sensors

name a piece of US legislation that addresses the inherent risk of collecting data

Data Privacy Act HIPPA SOX GLBA

Name a policy or procedure recommended to be included in a data security framework

Data protection policy Info security policy for electronic communications external communication policy code of conduct physical security document retention policy

Name a key area for testing IT general controls

Disposal on information system equipment Mobile Devices Development and maintenance of Applications Physical and logical security controls Access controls Database management

Name a specific project under way at the PCAOB that focuses on their objectives to improve audit perception

review auditor's reporting model disclosing who performed the audit in the audit report increase auditor independence

Name a step in the Analytic Methodology an IT auditor might use with CAATS

scope retention and archiving data acquisition execution of tests data validation documentation of results review

Name an area of an audit that is particularly important to maintain and apply professional skepticism

significant management judgements financing transactions auditors consideration of fraud

Name a benefit of the Accounting Quality Model to the SEC

speeds up the process for identifying financial statements that may contain fraud SEC can begin to review financials 24 hours after they are filed evaluate a company against its industry peers allows the SEC to review each reporting company at least once every three years

name reason for having a data analytics retention and archiving policy

support litigation reperformance needs meet regulatory requirements meet contractual requirements

Name a limitation of traditional fraud prevention activities in retail

resource constraints and inefficiencies oversight and lock of continuous monitoring inadequate control activities outdated technologies and limited data analytics

Name a type of data that is available in retail companies that could be used to identify areas of exposure for fraud

purchasing accounts payable store level video and audio recordings employee shifts records warehouse movements sales projections Point of sale returns

Name a component of professional skepticism as defined by the AICPA

questioning mind critical assessment of audit evidence being alert to conditions that may indicate possible misstatements due to fraud or error

Name an advantage of XBRL

reduced costs fluidity of shared information increased productivity improved data quality and validity improved access to financial information

Name an issue that is causing uncertainty among Google stakeholders as to their ability to protect data and privacy to "Do No Evil"

Enforce gold standard security measures including access controls, heat-sensitive cameras, round-the-clock guards and biometric ID verifications Legal jurisdiction of data that travels through international borders Synchronize large volume of information across international data centers Maintain thousands of miles of fiber cable for the exclusive use to connect data centers on 4 continents

Name one type of audit

External audit Internal audit forensic audit IT audit

Name a standard or framework that auditors look to for guidance

GAAP IFRS COBIT COSO FASB Codification GAAS SAS

Name a Google product that stores personal data

Gmail Google+ Chrome Google wallet YouTube Android Google Cloud/Drive Google Calendar Google Maps

Name a secutiry prediction from WatchGuards 2014 report

Hollywood type of cyber attack increase in social engineering type attacks increased cyber kidnapping Attacks on US healthcare system more destructive malware

Mr. Smith Goes to Washington

How to conduct a filibuster Steps for a bill to become a law steps to replace a senator that dies in office

Name a way of identifying a computer on a network

IP address MAC address Computer Name

Name a key topic discussed at the 2013 AICPA National Conference

Improving transparency and quality of financial reports using disclosures enforcement activities auditor transparency and quality audits incorporating IFRS reducing the complexity of standards

Name on of the predefined queries in a CAAT tool that perform scans for unusual items

Journal entries by source code journal entries by unusual amounts large or rounded amounts entries posted on unusual dates amounts ending in nines duplicate entries journal entries posted to certain accounts

Name one of the top hashtags used by CFOs that indicates what they were thinking about last quarter

Leadership obabamcare CFO Thanksgiving

Name a type of network

Local Area Network [LAN] PAN WAN [Wide-area] Wireless Network VPN

Name an example of personal data that is at risk of security breach

Medical information current physical location political affiliation employee performance appraisals customer credit information internet browsing history education records geneology religious affiliations

Name one of the common file formats used to import data

Microsoft Excel Microsoft Access comma delimited tab delimited XML pdf

Name one of the criteria in the "Wigmore Test" used to determine claim of privilege apply to persons in a given relation

Must be essential to the full and satisfactory maintenance of the relation between the parties communications must originate in a confidence that they will not be disclosed community must think the relation should be fostered injury in revealing the information must be greater than the benefit

Name a hardware component that makes up a network

Network Interface Card [NIC] gateway switch bridge hub router

Name a governing body or association that directly influences the work of external auditors

PCAOB AICPA FASB PCC SEC FAF NASBA TSBPA IASB

Name a key tenet in creating a cybersecurity operation model

Prioritize information assets based on business risks Test continuously to improve incident response Integrate cyberresistance into enterprise-wide risk-management and governance processes Enlist frontline personnel to help them understand the value of information assets Deeply integrate security into the technology environment to drive scalability Deploy active defenses to uncover attacks proactively Provide differentiated protection based on importance of assets

Name an objective of a corporate security awareness and training program

Providing data security tools and education to employees Providing clear leadership Communicating and enforcing sensible security policies Fostering a security-aware culture Proactively setting security expectations

Name one of the inherent risks of living in a hyper connected digital world

Risk of operational disruption Intellectual property loss public embarrassment fraud

Name a development that suggests that the SEC will increase the number of enforcement actions in 2014

RoboCop SEC is realizing monetary benefits from their actions formation of the Financial Reporting and Audit Task Force increased monetary incentives from the whistleblower bounty program

Name one of the best weapons to use against find reporting fraud in areas where judgement is required

Robust compliance program diligent audit committee appropriately skeptical auditor

Name one of the issues that the WatchGuard believes is contributing to cyber security controls not working

Security logs are so voluminous that important events are not seen most businesses still rely on legacy defenses such as firewalls security controls are not configured properly

Name one of the COBIT 5 Principles

Separating governance from management Covering the enterprise end-to-end Enabling a holistic approach Applying a single integrated framework Meeting stakeholder needs

Name a company who has public reported data breach in the last year

Target Google Neiman Marcus Michael's Yahoo

Name one of the 5 principles of the Code of Fair Information Practices established in 1972

There must be a way for a person to find out what info about them is in a record and why and organizational who has and releases their information a way to correct information a way to remove information

Name a cause of data security breaches in organizations that is initiated by user action

Unintended disclosure insider information portable devices being lost or stolen (phones, CDs, laptops, flash drives) physical documents being lost or stolen

name a type of retail fraud

refunds employee theft client service billing POS manipulation financial statements shoplifting salaries and wages vendor collusion

Name an analyses that CAATs could perform on the entire accounts receivable balance details

aging by invoice customers with balances greater than approved credit lines overdue balances with accounts greater than a certain amount balances including significant credit memos duplicate invoices or credits

Name a reason why a cybercriminal may steal intellectual property

avoid paying for IP sell to competitors disrupt/sabotage an entity gain a hostage.blackmail access confidential business information

Name an IT-enabled business trend for the next decade

big data and advanced analytics mobile-payment networks [PAYPAL] increased access to technology in emerging countries "renting" unused physical items as service [LYFT] using artificial intelligence to automate knowledge work customer expectations that services are free [Facebook] transformation of government, health care and education virtual-reality applications social matrix deploying the internet through small tracking and data devices

Name one type of application that banks might use XBRL for

business reporting management reporting preparation credit analysis financial consolidation process

Name one of the four characteristics of a financial statement that external auditors are providing an opinion about when they issue their financial audit report

complete fairly presented accurate relevant

name an example of cybercrime from the understanding cybercrime wave article

confiscating online bank accounts posting confidential business information on the internet stealing an organizations IP disrupting a country's critical national infrastructure creating and disturbing viruses on other computers

name an example of independent audit evidence that would satisfy PCAOB Auditing Standard No 15

contract terms obtained directly from the other party to the contract sales order obtained directly from the customer purchase invoices obtained directly from the vendor bank statements obtained directly from the bank

Name an issue that could flare up next shareholder meeting according to the named article

cybersecurity disaster planning spinoff advocacy global economic concerns auditor tenure new COSO framework M&A opportunity conflict minerals executive compensation

name something that cyber criminals steal

debit/credit card data personally identifiable info bank credentials intellectual property wire transfer access

Name a behavioral symptom that perpetrators of fraud often possess

display control issues or are unwilling to share their job duties are going through a divorce or experiencing other family problems act noticeably irritable, suspicious or defensive have an unusually close relationship with a vendor or customer are experiencing financial difficulties are living beyond their means have known problems with addiction display a wheeler dealer attitude

Name one of three General Standards under GAAS

due professional care technical training and proficiency independence

Name a potential user of financial statements

employees investors vendors financial institutions government entities owners and managers media and general public

Name something that the SEC is relying on to improve the quality of the XBRL filings

ensure that missing or incorrect calculation link bases are not used minimize the use of extended custom elements review the signage for all elements

Name a topic that is a top priority for board of directors in 2014

executive compensation board compensation compliance requirements strategic planning cybersecurity independence of board chair and CEO healthcare reform

Name an issue that causes extracted data to need to be corrected or cleaned

format/structure of data/reports presentation of data values data types

Name a reason why spam is a problem

frauds and scams takes up storage space irritating slows down network traffic loss of productivity malware and virus infection

Name one of the employee surveillance metrics mentioned in the article "Account's Big Data Problem"

geographical location time not he internet telephone calls made sites visited

Name an alternative accounting method that is now approved by the FASB and available for private companies to use

goodwill alternative interest rate swap alternative

Name an incentive that companies have to improve their XBRL reporting process

if the model is created well it can be reused for multiple years inaccurate XBRL filings increase the change of an SEC review it is a requirement for filing their financial statements with the SEC Banks have proven that accurate XBRL tagged data is achievable companies that starting to see it as a tool to manage big data technical training is available through the XBRL US GAAP Certificate program

Name an area that auditors are likely to focus on because of susceptibility to fraud and error

inventory revenue recognition accounts receivable journal entry accounts payable accruals and reserves

name a reason why it has been difficult for XBRL to become accepted

it was perceived as just another regulatory burden difficult to agree on common terms so companies create their own extended custom elements new and detailed technology that people are not familiar with companies don't want their data to be transparent

name a lesson that you hopefully learned from Helen Sharkey's Story

listen to your guy good people make bad decisions look out for yourself. no one else will don't do anything you wouldn't want to tell your grandmother/spouse/children importance of having an ethical mentor outside of work don't give up on yourself. no mistake defines you It could happen to you

Name a potential consequence under the current rules for a private company that considers going public

might prevent companies from electing to use alternative methods and gain those advantages could incur even greater costs if they use an alternative method must restate financial statements using original public methods

Name an example of ways that data could be messy

nonprinting characters leading or trailing spaces leading or trailing zeros 00000 inconsistencies in data entry hanging parentheses))))))

Name one of the significant factors that differentiate the financial reporting considerations of private companies from public companies

the ownership structure and capital structures the investment strategies of primary users the manner in which preparers learn about new financial reporting guidance the number of primary financial statement users and their access to management accounting resources

Name one really big data problem listed by

theoretical soundness disclosure estimation probability representation logicalness correctness timeliness

name something that remediation starts with in respect to defending against cybercrimes

think through how that particular toll or understand the tools and vectors that have a high risk for the audit finding an effective remediation to prevent and detect an intrusion understanding where the original point go entry is for identified risk

Name one of the three categories of management assertions in a financial audit

transactions account balances presentation and disclosures

Name a module where financial accounting and reporting guidance might differ for private and public companies

transition methods recognition measurement presentation effective dates disclosures

name a pattern in responses that an individual might do to try to avoid providing a truthful answer

using oaths qualifying answers repeat the questions back respond with another question

Name a trend or pattern that the SEC financial Reporting and Audit Task Force is using the Accounting Quality Model to monitor

using one accounting method to maximize book earnings while using a different method to minimize tax income multiple revisions over a short period time high proportion of off-balance sheet transactions

Name a method of checking the validity of data acquired for data analytics

verifying data completeness based on given scope independent validation of balances verifying time periods reconciling to control totals validating data types

name something that NASDAQ private market was designed to give a company more control over

when transactions occur how many shares can be sold which employees can but and sell shares


Ensembles d'études connexes

OB exam 2: chapters 8-11 prep U's

View Set

Chapter 46: Management of Patients With Gastric and Duodenal Disorders

View Set

Dividends and Other Corporate Distributions

View Set

Module 3: Blood vessels and the Lymphatic system

View Set

Marketing Principles 1-5 Test (Quiz Questions)

View Set

Music Chapter 54, CHAPTER 54 MUSIC QUIZ, Chapter 53: MUS 110, Chapter 52: MUS 110, Music Test 2

View Set

Microeconomics Chapter 4: Desmans, Supply, and Markets

View Set