ACC 535 Final Question Bank

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Insurance on a computer installation is an example of a(n) ____ cost.

Tangible

Which of the following benefits can be reasonably quantified?

Tangible benefits

An important segment of the outsourcing market is the application service provider (ASP), which hosts, manages, and provides access to hardware and software over the Internet to multiple users.

True

An intangible cost is one that cannot be reasonably quantified, such as productivity losses caused by low employee morale.

True

An intrusion-detection systems (IDS) logs and monitors who is on or trying to access the network.

True

As a user, the accountant might initiate the AIS acquisition.

True

As an analyst, the accountant could be the development team member who conducts a preliminary survey.

True

As data from the existing system are mapped into the new system, exception-reporting situations must be devised to ensure that the data are converted accurately.

True

Batch control plans regulate information processing by calculating control totals at various points in a processing run and subsequently comparing those totals.

True

Biometric identification systems identify authorized personnel through some unique physical trait such as fingers, hands, voice, eyes, face, or writing dynamics.

True

Business continuity planning is the process that identifies events that may threaten an organization and provide a framework whereby the organization will continue to operate when the threatened event occurs or resume operations with a minimum of disruption.

True

Collaborative processes across the supply chain using a set of processes and technology models are called Collaborative Planning, Forecasting, and Replenishment (CPFR).

True

Combining the functions of authorizing and executing events is a violation of the organizational control plan known as segregation of duties.

True

Computer hacking and cracking is the intentional, unauthorized access to an organization's computer system, accomplished by bypassing the system's access security controls.

True

Confirm input acceptance is a control that helps ensure input completeness by informing the user that the input has been accepted for processing.

True

Control redundancy addresses whether too many control plans are directed toward the same control goal.

True

Digital signatures allow the vendor to determine that the sender of the message has the authority to send it and thus prevents an unauthorized purchase.

True

Document/record counts are simple counts of the number of documents entered.

True

Dollar totals are a summarization of the dollar value of items in the batch.

True

E-procurement is the use of information technology to automate significant portions of the procurement process.

True

EOQ is a technique of analyzing all incremental costs associated with acquiring and carrying particular items of inventory.

True

Enterprise systems are often implemented using the direct approach.

True

Evaluated receipt settlement (ERS) is a process by which an organization pays for a purchase on the basis of the goods receipt.

True

Forced vacations is a policy of requiring an employee to take leave from the job and substitute another employee in his or her place.

True

IT governance is a process that ensures that the organization's IT sustains and extends the organization's strategies and objectives.

True

In a batch sequence check a computer program sorts the input documents into numerical order; checks the documents against the sequence number range; and reports missing, duplicate, and out-of-range data.

True

In many organizations professional buyers do the actual buying.

True

In the flowchart for the AP/DC process the symbol below represents the enterprise database.

True

In the parallel approach to systems implementation, both the new and old systems operate together for a period of time.

True

Indirect benefits are not directly attributable to the system or the system change.

True

Input control goals include those to ensure input validity, input completeness and input accuracy.

True

Intangible benefits are those that cannot be reasonably quantified, such as those that result from having improved information.

True

Intrusion-prevention systems (IPS) actively block unauthorized traffic using rules specified by the organization.

True

It is difficult to independently validate the vendor invoice if we do not segregate purchasing, receiving, and accounts payable.

True

Outsourcing is a term that describes an organization's assigning any of its internal functions (e.g., accounting, legal, or IT) to an outside vendor.

True

Periodic cleaning, testing, and adjusting of computer equipment is referred to as preventative maintenance.

True

Program change controls provide assurance that all modifications to programs are authorized and documented, and that the changes are completed, tested, and properly implemented.

True

Program documentation provides a description of an application program and usually includes the program's purpose, program flowcharts, and source code listings.

True

Programmed edit checks are edits automatically performed by data entry programs upon entry of the input data.

True

Purchase returns and allowances usually occur at the point of inspecting and counting the goods or at the point of validating vendor invoices.

True

RFID tags are computer chips with an antenna that contains information about the object to which it is attached.

True

Segregation of duties consists of separating the four functions of authorizing events, executing events, recording events, and safeguarding the resources resulting from consummating the events.

True

Similar to the developer of an industrial park, an organization's management or IT steering committee approves a systems development project for further systems development.

True

Specifying control goals is the first step in preparing a control matrix.

True

Structured systems analysis is a set of procedures conducted to generate the specifications for a new (or modified) information system or subsystem.

True

Structured systems design is a set of procedures performed to convert the logical specification into a design that can be implemented on the organization's computer system.

True

Systems documentation provides an overall description of the application, including the system's purpose; an overview of system procedures; and sample source documents, outputs, and reports.

True

Systems maintenance is the modification of existing applications.

True

Systems operation includes the post-implementation review.

True

Tangible benefits are those that can be reasonably quantified, such as reduced equipment costs and increased revenues.

True

Users, managers, and auditors are required to participate in the systems development project. These people generally provide approvals, often called signoffs, at preestablished management control points.

True

When the vendor payment is made, the general ledger is updated for the cash disbursement.

True

Whereas a receiving report normally indicates that goods have been received, some organizations use an acceptance report to acknowledge formally the satisfactory completion of a service contract.

True

With continuous data protection (CDP) all data changes are data stamped and saved to secondary systems as the changes are happening.

True

With continuous replenishment (CRP) a vendor obtains a buyer's current sales, demand, and inventory data in real time and replenishes the buyer's inventory.

True

With the modular approach to systems implementation, the new system either is implemented one subsystem at a time or is introduced into one organizational unit at a time.

True

Within the data center, the data control group is responsible for routing all work into and out of the data center, correcting errors, and monitoring error correction.

True

Within the data center, the data librarian function grants access to programs, data, and documentation.

True

Within the make payment process, the three sub-processes are "Prepare proposed payments," "Select and record payments," and "Issue and record disbursements."

True

Written approval takes the form of a signature or initials on a document to indicate that the proper person has authorized the event.

True

Which of the following is not typically a role for the accountant in a system's implementation?

programmer

COBIT was developed to:

provide guidance to managers, users, and auditors on the best practices for the management of information technology

All of the following are types of programmed edit checks except:

proximity check

Assume that one of the process bubbles in the Purchasing Process - Level 0 Diagram is called "order goods and services." The data flow between "order goods and services" and the "vendor" is called a:

purchase order

The document one business sends to another business that identifies the goods or services to be purchased is a:

purchase order

At the time that a purchasing orders goods and services, the process is likely to interact with all of the following data stores except the:

purchase receipts data

An exception routine is usually performed for:

purchase returns and allowances

In an information systems organization, all of the following functions might logically report to the data center manager except:

quality assurance

A "blind" copy of the purchase order should be sent to receiving so that:

receiving clerks will be forced to actually count the goods that are received

In the control matrix, the rows represent:

recommended control plans including both present & missing controls

Information technology has enhanced the AP/CD process by:

reducing the cost to process an invoice by up to 40%

The project completion report will include all of the following except:

request for proposals

When large or expensive items are purchased, most organizations make use of a procedure to obtain competitive bids from multiple vendors. The document used to obtain competitive bids is called a(n):

request for quotation

Outputs of the systems analysis phase of development typically would include all of the following except:

requests for proposal (RFP) for software/hardware acquisition

A policy that requires employees to alternate jobs periodically is called:

rotation of duties

Protecting resources against environmental hazards might include all of the following control plans except:

rotation of duties

An outside auditing firm annually supervises a physical count of the items in a retail store's shelf inventory. This is an example of:

safeguarding resources

Alternative names for contingency planning include all of the following except:

business disaster planning

The annual maintenance of in-house software is typically 25% of the development cost, whereas the annual maintenance of purchased software is typically 50% of the purchase price.

false

The chief information officer (CIO) prioritizes and selects IT projects and resources.

false

The cost/benefit study attempts to answer the questions, "which alternative accomplishes the user's goals for the least cost (or greatest benefit)?" and "which alternative best accomplishes a user's goals for the system being developed?"

false

The disaster recovery strategy known as a cold site is a fully equipped data center that is made available to client companies for a monthly subscriber fee.

false

The most effective attacks originate from a small cluster of computers in a remote geographic location.

false

The systems development function provides efficient and effective operation of the computer equipment.

false

These guidelines are appropriate only when an organization is going to acquire an AIS, not when they plan to develop it in-house.

false

To ensure that all necessary maintenance requests are submitted, users should never be charged for maintenance costs.

false

A mechanism by which a company is reimbursed for any loss that occurs when an employee commits fraud is called a:

fidelity bond

In an AP/CD process, a process "make payment" normally would be triggered by the data flow:

payment due date information

Entity resources that are always considered in efficiency assessments for an AIS are:

people and computers

The type of maintenance that is conducted to improve the performance of an application is referred to as:

perfective

Sending out an e-mail pretending to be a legitimate business asking for information about a person's account is called:

phishing

The segregation of duties control plan consists of separating all of the following event-processing functions except:

planning events

Checking to see if the new system is doing what it is supposed to do is part of:

post-implementation review

A control that can be used to ensure that all of the characters of a social security number are entered by a data entry clerk is:

preformatted screens

A control whose primary purpose is to ensure greater input accuracy is:

preformatted screens

The number of sales transactions that can be entered within a specified period of time is a measure of the computer system's:

throughput

Typically, all of the following are tasks of structured systems design except:

to recommend which computer hardware to use for the new system

E-payments are settled through the ACH network, by wire transfer, or by debit or credit card.

true

In a relational table for PURCHASE_RECEIPTS, the primary key would be the receipt number (Rec_No).

true

Supply chain management (SCM) is the combination of processes and procedures used to ensure the delivery of goods and services to customers at the lowest cost while providing the highest value to the customers.

true

The cost/effectiveness study attempts to answer the questions, "which alternative accomplishes the user's goals for the least cost (or greatest benefit)?" and "which alternative best accomplishes the user's goals for the system being developed?"

true

In a control matrix P-1 stands for process number one.

False

A variation of the limit check is the reasonableness check.

True

In a relational table for VALID_INVOICES, the primary key would be the vendor number.

False

ABC analysis is a technique for ranking inventory items according to their relative importance.

True

Which of the following would be the likely trigger for the structured systems analysis step of systems development?

An approved feasibility document

In order to implement a batch sequence check transactions must be captured on documents that are randomly numbered.

False

In selecting a vendor, a buyer may need to obtain competitive bids by means of a document called a purchase order.

False

In the ER diagram for AP/CD process, CASH_DISBURSEMENTS are prepared by EMPLOYEES (Treasury Employees).

False

In the ER diagram of the AP/CD process, VALID_INVOICES are received from the purchasing department.

False

In the control matrix M-1 stands for missing process number one.

False

Independent authorization to make payment ensures that only authorized purchases are made.

False

Individual departments coordinate the organizational and IT strategic planning processes and reviews and approves the strategic IT plan.

False

Inventory personnel use the vendor master data to select an appropriate vendor.

False

Access control software ensures that only authorized users gain access to a system through a process of identification and authentication.

True

It is not uncommon for the copy of the PO available for the receiving department to be a carbon copy, meaning that certain data is blanked out.

False

According to COBIT, IT resources include applications, information, infrastructure, and people.

True

The debit entry in the general ledger at the time that the vendor invoice is recorded will be to a clearing account because of the:

all of the above

Master data control plans regulate transaction processing by calculating control totals at various points in a processing run and subsequently comparing these totals.

False

Notifications that a PO has been prepared and sent to the vendor are sent to the receiving department, the accounts receivable process, and the department or process that requested the purchase.

False

Of the three approaches to systems implementation presented in the text, the parallel approach is the riskiest.

False

Online prompting helps guide the online entry of data by defining the acceptable length and format of certain fields.

False

Perfective maintenance is performed to fix errors.

False

Reorder point (ROP) analysis reorders inventory when the item reaches a certain inventory level that was determined in advance based on the item's purchase rate.

False

Software as a Service (SaaS) is a Web-based model for software distribution where multiple users may simultaneously use the software.

False

Structured systems design in the systems development process is analogous to which of the following tasks required in constructing an industrial park?

Finalizing blueprints and other construction-related plans

Which of the following control plans is not a retention control plan?

Occasional performance evaluations

Which of the following techniques has the reorder point based on each inventory item's sales rate?

Reorder point analysis

Which of the following is not one of COBIT's four broad IT control process domains?

Repair & replace

A key control in the AP/CD process is to segregate the treasurer and controller.

True

A paperless system would eliminate documents and forms as the medium for conducting business transactions.

True

According to COBIT, IT resources must be managed by IT control processes to ensure that an organization has the information it needs to achieve its objectives.

True

Adaptive maintenance adjusts applications to reflect changing business needs and environmental challenges.

True

After the conversion is completed, the systems development project team writes the project completion report.

True

After the vendor has been selected, the buyer prepares a purchase order.

True

An RFP is a document sent to vendors that invites submissions of plans for providing hardware, software, and related services.

True

An employee has a conflict of interest when he (she) has a financial interest (direct or indirect) in a company with which the employer does business.

True

An exception and summary report reflects the events that were accepted or rejected by the system.

True

To validate vendor proposals for supplying computer hardware, an organization will assess both a system's specifications and performance.

True

An enterprise system may facilitate the AP/CD process by linking:

all of the above (PO and receiving report, PO and invoice, invoice and the related cash disbursements)

Payments not typically supported by invoices include:

all of the above (payroll, income taxes, and investments)

Software as a Service (SaaS) may include:

all of the above (video hosting and streaming, word processing, and email)

Which of the following data stores would you least expect to see in the Purchasing Process - Level 0 Diagram?

Cash receipts event data

Which of the following items is not a control plan of the AP/CD process?

Check for authorized prices, terms, freight, and discounts

Which of the following activities would not occur when an inventory manager decides to return merchandise to a vendor?

A credit memorandum is issued to the vendor

Which of the following is designed to reflect the formal approval of the voucher for payment?

A disbursement voucher

Which of the following activities is not part of the computer agreement of batch totals?

A person reconciles the manual and computer batch totals

Which of the following is conducted as a follow up to a system's recent implementation?

A post-implementation review

Which of the following is a technique for ranking items in a group based on the value, activity, sales, or other relevant metric for the items?

ABC analysis

Which of the following has the task of evaluating alternative AIS solutions?

AIS selection

A user-directed test of the complete system in a test environment is called a(n) ____ test.

Acceptance

A receiving report is to goods what a(n) ____ is to services.

Acceptance report

Which of the following managers is most likely to report to the controller?

Accounts payable department manager

Which of the following functions cannot be outsourced?

All of these functions can be outsourced

Which of the following is a potential problem with supply chain management initiatives?

All the above (confused lines of responsibility, inaccurate data within the supply chain, over-reliance on demand forecasting)

Which development phase has the purpose of developing specifications for the new or revised system?

Analysis

Which of the accountant roles involves contributing to systems survey and needs analysis?

Analyst

Which of the following hosts, manages, and provides access to software and hardware over the Internet to multiple customers?

Application service provider

Which of the following is not specified in the approved configuration plan?

Appropriate acquisition ancillaries

A warehouse supervisor prepares a sales order listing items to be shipped to a customer and then signs it approving the removal of the items from the warehouse. The supervisor is performing which functions?

Authorizing and executing events

Approving a customer credit purchase would be an example of which basic events processing function?

Authorizing events

From the standpoint of achieving the operations system control goal of security of resources, which of the following segregation of duties possibilities is least important?

Between data control & data preparation personnel

Which of the following triggers the systems selection process?

Both a and b (logical specification and physical requirements)

Which of the following has the responsibility of efficient and effective operation of IT?

CIO

Which one of the following personnel is not involved in safeguarding resources resulting from consummating events?

CIO

Which type of supply chain collaboration methods includes the vendor replenishing standard merchandise while the buyer manages the replenishment of promotion merchandise?

Co-managed inventory

Which type of supply chain collaboration methods includes the retailer and manufacturer forecasting demand and scheduling production jointly?

Collaborative Forecasting and Replenishment (CFAR)

Which type of supply chain collaboration methods includes collaborative processes across the supply chain using a set of processes and technology models?

Collaborative Planning, Forecasting and Replenishment (CPFR)

Which of the following control plans is designed to achieve the goal of input completeness?

Confirm input acceptance

Which type of supply chain collaboration methods includes the vendor obtaining the buyer's current sales, demand, and inventory data in real time and replenishing the buyer's inventory?

Continuous Replenishment (CRP or Vendor Managed Inventory (VMI)

Which of the following is least likely to report directly to the vice president of logistics?

Controller

Issues related to the purchasing function, such as kickbacks, bribes, conflicts of interest, and the like are often addressed by ____.

Corporate codes of conduct

Which of the following is a characteristic of internal hardware sources?

Costs are mainly fixed

Plaintext is a term associated with ____.

Data encryption

The control concern that there will be a high risk of data conversion errors relates primarily to which of the following information systems functions?

Data entry

The controlled access to data, programs, and documentation is a principal responsibility of which of the following functions?

Data librarian

In an information systems organizational structure, the function of ____ is the central point from which to control data and is a central point of vulnerability.

Database administration

In the Purchasing Process - Level 0 Diagram, a data flow called "inventory's purchase requisition" most likely would be sent by the inventory management process to which of the following processes?

Determine requirements

Which of the following issues is not a task of systems selection?

Develop an implementation plan

Which of the following is not a task required to complete structured systems analysis?

Develop the system survey

Which of the following control plans is designed both to authenticate a system user's identity and to verify the integrity of a message transmitted by that user?

Digital signature

Reduced salaries and wages that will result from a systems change are an example of a(n) ____ benefit.

Direct

The cost of computer hardware to be purchased for a new system is an example of a(n) ____ cost for that system.

Direct

Which of the following is a control plan in which the source document is designed to make it easier to input data from the document?

Document design

Which of the following is a batch control total that represents the minimum level of control for input completeness?

Document/record counts

Which of the following reflects a summarization of any numeric data field within the input document or record?

Document/record hash totals

Which of the following techniques analyzes all incremental costs associated with acquiring and carrying particular items of inventory?

EOQ models

Which of the following statements regarding evaluated receipt settlement (ERS) is false?

ERS arrangements are only made with vendors who have proven e-payment records

The purpose of ____ control goals is to ensure the successful accomplishment of the goals set forth for the operations process under consideration.

Effectiveness

The purpose of ____ control goals is to ensure that all resources used throughout the business process are being employed in the most productive manner.

Efficiency

The control plan compare vendors for favorable prices, terms, quality, and product availability is directed primarily at which of the following control goals?

Ensure effectiveness of operations

Online prompting is aimed primarily at ensuring which of the following information systems control goals?

Ensure input accuracy

In the Level 0 DFD for an AP/CD process, a data flow called "vendor invoice" most likely would be sent by the vendor to which of the following processes?

Establish payable

In the Level 0 DFD for an AP/CD, a data flow called "receiving report" most likely would be sent by the purchasing process to which of the following processes?

Establish payable

Fraud abuses in the AP/CD process usually entail creating phony customers or submitting fictitious purchase orders.

False

Goal congruence exists when each individual manager's goals are achieved.

False

A dependency check authenticates the identity of a message's sender and verifies the integrity of a transmitted message.

False

A digital signature tests whether the contents of two or more data fields bear the correct logical relationship.

False

A direct cost is one that is directly attributable to the system or the system change, such as reduced overhead costs.

False

A facility usually comprised of air-conditioned space with a raised floor, telephone connections, and computer ports, into which a subscriber can move equipment, is called a hot site.

False

A problem has an economically feasible solution if it can be solved with existing software and hardware technology.

False

A receiving report is an external request for the purchase of goods or services from a vendor.

False

A summation of the dollar value of items in a batch is called a hash total.

False

A tickler file is a manual or computer file of documents that contain completed business data.

False

A true voucher system requires that all expenditures for whatever purpose and in excess of a certain dollar amount be formally approved for payment before they can be paid.

False

A turnaround document is a document that is printed as an output of multiple computer processes and is used to capture and input a previous transaction.

False

According to the context diagram for the purchasing process, when a purchase order is sent to the purchaser, the vendor responds by sending the goods along with a packing slip.

False

An indirect cost is one that is directly attributable to the system or the system.

False

Antivirus is a technique to protect one network from another "untrusted" network.

False

Application controls restrict access to data, programs, and documentation.

False

As an analyst, the accountant could be involved in change management issues and/or technical aspects of converting data, software, and hardware from the old to the new AIS.

False

As an internal auditor the accountant could be called in to complete the design, help prepare the contracts, or help plan, conduct, and evaluate the system tests.

False

As depicted in the text, the approved configuration plan is the final output of the software and hardware study.

False

As used in the purchasing process chapter, the term "goods and services" refers to raw materials, merchandise, supplies, fixed assets, or intangible assets only.

False

Chapter 13 describes the electronic invoicing and payment (EIPP) system for the B2C environment.

False

Control effectiveness addresses how individual control plans achieve multiple control goals.

False

Control efficiency addresses whether control goals are being achieved.

False

Conversion to new computer programs must be undertaken using contingency plans to ensure that only authorized, tested, and approved versions of the programs are promoted to production status.

False

Corrective maintenance is conducted to improve the performance of an application.

False

Deliverables signify approval of the development process and the system being developed.

False

Dollar totals represent a summarization of any numeric data field within the input document or record.

False

Embezzlement is a fraud committed by two or more individuals or departments.

False

Spear phishing is a type of phishing attack that is sent to a wide variety of persons. The e-mail appears to be coming from an individual or organization that the recipient recognizes and from whom they normally receive e-mails.

False

Specific reports and other documentation, called process documents, must be produced periodically during systems development to make development personnel accountable for faithful execution of systems development tasks.

False

Systems design is a set of procedures performed to choose the software specifications and hardware resources for an information system.

False

Systems developed using structured systems design techniques are more costly over the life of the system because maintenance of such structured systems is problematic.

False

Systems maintenance is a set of procedures performed to complete the design contained in the approved systems design document and to test, install, and begin to use the new/revised information system.

False

The "three-way match" matches the invoice with the purchase order and disbursement voucher.

False

The Level 0 diagram of the AP/CD Process contains the two process bubbles depicting the two major logical steps in the process: Establish payable and Approve checks.

False

The Sarbanes-Oxley Act prohibits CPA firms from serving as system consultants.

False

The VP of finance usually has the cashier and the controller directly reporting to him (her).

False

The acceptance test is a user-directed test of the complete system in a test environment.

False

The accountant as an implementer can become involved with systems survey and needs analysis tasks.

False

The cash disbursements event data shows, in alphabetical order, the details of each cash payment made.

False

The cashier is responsible for processing vendor invoices, preparing payment vouchers, and recording purchase and disbursement transactions.

False

The cashier usually reports to the controller.

False

The design of interfaces involves how data from the existing system are mapped into the new system.

False

The document used to record merchandise receipts is called a purchasing report.

False

The duties of the cashier are segregated from the treasurer to protect the cash resource.

False

The information systems function is synonymous with the accounting function.

False

The inventory master data contains a record of each vendor that is approved for use by the organization.

False

The item number is the primary key for relational table for vendors.

False

The modular approach forces the users to learn the new system because they do not have the old system to fall back on.

False

The most common biometric devices perform retinal eye scans.

False

The most error-prone and inefficient steps in an operations or information process is master file updates.

False

The notification of an obligation to pay a vendor for merchandise that was ordered and received is known as a purchase order.

False

The operations run manual describes user procedures for an application and assists the user in preparing inputs and using outputs.

False

The policy of requiring an employee to alternate jobs periodically is known as forced vacations.

False

The purchase order triggers the make payment process.

False

The purchasing supervisor is responsible for receiving incoming goods, signing the bill of lading presented by the carrier, reporting the receipt of goods, and making prompt transfer of goods to the appropriate warehouse or department.

False

The purpose of systems selection is to develop specifications for a new or revised system.

False

The systems development life cycle (SDLC) methodology is an informal, ad-hoc, set of activities used to manage a systems development project.

False

The user manual gives detailed instructions to computer operators and to data control about a particular application.

False

The vendor invoice master data is a repository of all unpaid vendor invoices.

False

The vendor sends a confirmation to establish the payable.

False

The warehouse master data contains a record of each inventory item which is stocked in the warehouse and/or regularly ordered from a vendor.

False

The warehouse number is the primary key for the relational table for inventory.

False

Threat monitoring is a technique to protect one network from another "untrusted" network.

False

When it is time to make a payment, an approved voucher is sent to the accounts payable department.

False

When the data on the inventory record indicate a need to replenish the stock, the inventory system prepares a purchase order.

False

With preformatted screens a computer system asks the user for input or asks questions that the user must answer.

False

Which of the following personnel security control plans is corrective in nature as opposed to being a preventive or detective control plan?

Fidelity bonding

Which batch control total generally has no other purpose than control?

Hash total

Which of the following types of batch totals is likely to be most effective in ensuring the control goal of input accuracy?

Hash totals

The following is a jumbled list of the four steps in structured systems analysis that were presented in the text: I. Define the future logical system. II. Document the current logical system. III. Study the current physical system. IV. Design the future physical system. Which of the following is the logically correct sequence of steps?

III, II, I, IV

COBIT was developed by:

IT Governance Institute

This IT function's key control concern is that organization and IT strategic objectives are misaligned:

IT steering committee

Which role in the AIS Development/Acquisition process requires the accountant to be equally adept at dealing with people, accounting, and technology?

Implementer

Which of the following statements related to implementation approaches is false?

In very large implementations, such as enterprise systems, it is often best to take the parallel approach

For payment voucher input validity, which control plan uses records in the AP master data to give authorization to the cash disbursements computer program to make a payment?

Independent authorization to make payment

Personnel fringe benefits are an example of a(n) ____ cost.

Indirect

The control plan tickler file of payments due, is directed primarily at which of the following control goals?

Input completeness

The control plan independent validation of vendor invoice is directed primarily at which of the following control goals?

Input validity

Which of the following is a cost that cannot be reasonably quantified?

Intangible

Productivity losses caused by reduced employee morale are an example of a(n) ____ cost.

Intangible cost

This logs and monitors who is on or trying to access an organization's network.

Intrusion-detection systems (IDS)

Which of the following statements regarding the modular approach is false?

It is always a faster approach than parallel

A control in which two people key the same inputs into a system where they are compared is called:

Key verification

Which of the following control plans is designed to achieve the goal of input accuracy?

Key verification

____ can consist of many computers and related equipment connected together via a network.

LAN

Which of the following controls restrict access to programs, data, and documentation?

Library controls

Which of the following is a deliverable from the structured systems analysis step of systems development?

Logical specification

Which of the following process bubbles would you not expect to see in the Purchasing Process - Level 0 Diagram?

Make payment

Which of the following is a characteristic of external hardware sources?

Management and staff are provided

Which of the following compares manual calculations to computer calculations?

Mathematical accuracy check

Which of the following items is not a control plan of the purchasing process?

Minimizing inventory carrying costs

If a new payroll system is installed for the employees of plant 1 at time A, followed by plant 2 at time B, and finally plant 3 at time C, this is an example of the ____ approach to systems implementation.

Modular

In which role might the accountant help meet the organization's AIS needs by selecting the final system for purchase?

None of the above

Systems development life cycle adoption to ensure that comprehensive documentation is developed for each application.

Not a strategic planning process

Determine, by thoroughly testing the system with programmers, that the system satisfies the programmer's requirements.

Not a task of systems implementation

Before a completed input screen is recorded the data entry clerk is asked if the data should be accepted. This is which control plan?

Online prompting

Which of the following is a control plan that requests user input or asks questions that the user must answer?

Online prompting

Which of the following is not a programmed edit check?

Online prompting

Which development phase has the task of post-implementation review?

Operation

The ____ runs a subset of the system in the actual production environment.

Operations test

Which of the following is the assignment of an internal function to an outside vendor?

Outsourcing

In an entity-relationship (E-R) diagram for the purchasing process, you would expect that the word yield would appear in the diamond showing the relationship between:

PURCHASE_ORDERS and PURCHASE_RECEIPTS

In an entity-relationship (E-R) diagram for the purchasing process, you would expect that the word generate would appear in the diamond showing the relationship between:

PURCHASE_REQUISITIONS and PURCHASE_ORDERS

A building inspection shortly after completing the construction of an industrial park is analogous to the ____ step in the systems development process.

Post implementation review

Which of the following is a control plan that controls the entry of data by defining the acceptable format of each data field?

Preformatted screens

At the time that an AP/CD process makes payment for goods or services, the process generally follows which order.

Prepare proposed payments, select and record payments, issue and record disbursements

Which of the following documents would be matched with the vendor invoice to ensure that the purchase was authorized (i.e., to ensure input validity)?

Purchase order

At the time that a purchasing process places an order for goods or services, which of the following is typically updated?

Purchase order master data

The ____ is a compilation of open purchase orders and includes the status of each item on order.

Purchase order master data

Which of the following is not a cost element as part of the inventory carrying costs?

Purchase order preparation costs

The purchasing process is part of the ____ process for a merchandising firm.

Purchase-to-pay

Which of the following most likely would be "blinded" on a copy of the purchase order sent to the receiving department?

Quantities

Which of the following is not included in the SCOR model as one of the five basic components of supply chain management?

Receive

In the Purchasing Process - Level 0 Diagram, a data flow called "vendor packing slip" would most likely be sent by the vendor to which of the following processes?

Receive goods and services

The vendor packing slip triggers which process?

Receive goods and services

A clerk receives checks and customer receipts in the mail. He endorses the checks, fills out the deposit slip, and posts the checks to the cash receipts events data. The clerk is exercising which functions?

Recording and executing events

Which of the following is not a potential benefit of supply chain management?

Reduced customer orders

Which of the following process bubbles would you not expect to see in the logical DFD for an AP/CD process?

Requisition inventory

The purpose of ____ control goals is to ensure that entity resources are protected from loss, destruction, disclosure, copying, sale, or other misuse.

Security

Which of the following has the responsibility to ensure the security of all IT resources?

Security officer

Which of the following controls requires that documents be numbered sequentially or prenumbered before it can be implemented?

Sequence check

Which of the following is least likely to report (either directly or indirectly) to the vice president of finance?

Shipping department supervisor

Which of the following has the major duties of prioritizing and selecting IT projects and resources?

Steering committee

Helps to ensure delivery of goods and services to customers at the lowest costs while providing the highest value

Supply chain management

Which of the following is not a significant activity during the systems implementation phase?

Systems maintenance

As presented in this text, systems operation comprises two stepsnamely, ____ and ____.

Systems maintenance, post-implementation review

What factor has caused an escalation of check forgeries in recent years?

The availability of cheap color printers

Which of the following statements related to implementation approaches is true?

The direct approach is the riskiest of the three approaches

Which of the following ranks each alternative on its relative capability to satisfy the user's requirements (goals) for the system?

The effectiveness analysis

A retailer could misread a demand signal doubling its normal order, and the wholesaler could respond and also double its order resulting in four times the retail order. This is an example of the bullwhip effect.

True

A service bureau is a firm providing information processing services, including hardware and software, for a fee.

True

A tangible cost is one that can be reasonably quantified, such as software purchase and insurance.

True

Who usually authorizes a purchase requisition?

The supervisor of the requisitioning department

In an information systems organization, which of the following reporting relationships makes the least sense?

The systems development manager reports to the data center manager

Who usually authorizes a payment?

The treasurer

Which control is most likely to address the goal of input completeness?

Tickler file of open purchase orders and receiving reports

An organization might request bids for computer resources from only one vendor for all of the following reasons except:

To improve its bargaining position by maintaining a competitive section posture

A benchmark is a representative workload, processed on each vendor's proposed system configuration, to obtain comparative throughput measures.

True

A check digit is an extra digit that is added to the identification number of entities to help control the accuracy with which the number is entered into a computer system.

True

A control matrix is a tool that assists in evaluating the potential effectiveness of control goals in a particular business process.

True

A control plan in which a source document is designed to make it easier to prepare the document initially and later to input data from the document into a computer or other input device is called document design.

True

A count of the number of invoices being paid by all of the customer remittances is a type of batch control total called an item or line count.

True

A disbursement voucher is designed to reflect formal approval of the voucher for payment and to provide such added data as the account distribution and the amounts to be debited.

True

A fidelity bond indemnifies a company in case it suffers losses from defalcations committed by its employees.

True

A hash total is the general term to describe the summation of data that would not normally be totaled except for control purposes.

True

The AP/CD process is an interacting structure of people, equipment, activities, and controls that is designed to accomplish the handling of repetitive work routines of the AP department and the cashier, support their decision needs, and assist in the preparation of internal and external reports.

True

The IS function of quality assurance conducts reviews to ensure the attainment of IT objectives.

True

The IS function with the responsibility of guiding the IT organization in establishing and meeting user information requirements is the IT steering committee.

True

The analysis team conducts a cost/effectiveness study, which provides quantitative and certain qualitative information concerning each of the system alternatives.

True

The approved systems design document documents the system design and summarizes the implementation training and test plans.

True

The approved systems design document is used by programmers, the personnel department, and information systems personnel.

True

The business document that accompanies the purchased inventory from the vendor identifies the shipment and triggers the inventory receiving process is the vendor packing slip.

True

The cash disbursements process uses disbursement vouchers as inputs to update the accounts payable master data.

True

The connections from the suppliers of merchandise and raw materials through to an organization's customers, including the flow of information, materials, and services, are its supply chain.

True

The control plan called key verification is designed to reduce the possibility that data will be misread or miskeyed during data entry.

True

The cumulative sequence check provides input control in those situations in which the serial numbers are assigned within the organization but are not entered in perfect serial number sequence.

True

The direct approach is also known as the "big bang" or "cold turkey" approach.

True

The edit that compares calculations performed manually to those performed by the computer to determine if a document has been entered correctly is referred to as mathematical accuracy checks.

True

The electronic invoicing and payment (EIPP) system for the B2B environment is similar to the electronic bill presentment and payment (EBPP) system for the B2C environment.

True

The external auditor may perform an independent review to assess if and how internal controls have been impacted by the AIS development/acquisition.

True

The first analysis deliverable, the logical specification, is used in systems selection to choose the appropriate software to be acquired from external sources.

True

The function composed of people, procedures, and equipment and is typically called the information systems department, IS department, or the IT department is the information systems organization.

True

The functions of the security officer commonly include assigning passwords and working with human resources to ensure proper interview practices are conducted during the hiring process.

True

The internal auditor may review AIS development/acquisition projects to ensure that the process has been efficient and effective and that the acquisition team has followed the organization's standard procedures for systems development/acquisition.

True

The logical specification, physical requirements, and budget and schedule are all part of the systems analysis deliverable called an approved systems analysis document.

True

The modular approach is also referred to as the phased approach.

True

The post-implementation review is an examination of a working system, conducted soon after the system's implementation.

True

The primary tasks of systems operation are to conduct post-implementation review and perform systems maintenance.

True

The purchase order master data is a compilation of open POs and includes the status of each item on order.

True

The purchase receipts data is an event data store with each record reflecting a receipt of goods and services.

True

The purchase requisition is sent from the inventory control department to the purchasing department.

True

The purchasing manager usually performs major buying activities as well as the required administrative duties of running a department.

True

The purpose of AIS implementation is to begin using the new system.

True

The purpose of security controls is to ensure that entity resources are protected from loss, destruction, disclosure, copying, sale, or other misuse.

True

The removal of program errors is called debugging.

True

The second analysis deliverable, the physical requirements are used in systems selection to acquire computer equipment for the new system.

True

The system of controls used in this text consists of the control environment, pervasive control plans, IT general controls, and business process and application control plans.

True

The trigger for either a true voucher process or a nonvoucher process is a payment request.

True

The user, the programmer, and another member of the programming team do a walkthrough of the module specifications and the test plan to determine that the test plan is adequate; then the programmer codes the program.

True

The vendor invoice triggers the "establish payable" process.

True

In which role might the accountant be the person who initiates the AIS acquisition cycle, and is in a prime position to recognize deficiencies and incompatibilities related to the existing AIS?

User

A company using a centralized database approach to data management might not maintain a relational table for ACCOUNTS PAYABLE. Rather, accounts payable balances at any point in time could be computed as the difference between the relations for which of the following continuous events?

VALID_INVOICES and CASH_DISBURSEMENTS

In a database containing (among others) six relationsVENDORS, PURCHASE_REQUISITIONS, PURCHASE_ORDERS, PURCHASE_RECEIPTS, INVENTORY, and EMPLOYEESyou would expect that the attribute Vend_No (vendor number) would be the primary key in the ____ relation.

VENDORS

In an entity-relationship (E-R) diagram for the accounts payable/cash disbursements process, you would expect that the words sent to would appear in the diamond showing the relationship between:

VENDORS and CASH_DISBURSEMENTS

When the AP/CD process records a payable obligation, the data flow between "validate invoice" and "record payable" is?

Validated vendor invoice

Which document typically notifies the purchaser of his or her obligation to pay?

Vendor invoice

Which disbursement system most easily facilitates paying a number of invoices with a single check?

Voucher system

Which of the following is a control plan that takes the form of signatures or initials on a document to indicate that a person has authorized the event?

Written approval

Which of the following control plans is not directed primarily at the control goal of input accuracy?

Written approvals

The typical horizontal flows of information in an accounts payable/cash disbursements process might include all of the following except:

a copy of a receiving report is sent to the cashier

The typical information flows in a purchasing process might include all of the following except:

a copy of a receiving report is sent to the cashier

In a purchasing process, receiving goods, but not a vendor invoice, from a supplier typically results in an update to all of the following data stores except the:

accounts payable master data

The resources for which the AP/CD process wants to ensure security typically include all of the following except:

accounts receivable master data

The type of maintenance that is conducted to adjust applications for changing business needs and environmental challenges of an application is referred to as:

adaptive

The resources for which the purchasing process wants to ensure security for which of the following:

both a and b (purchase order master data and inventory)

Systems implementation is triggered by:

both a and b (the approved configuration plan and the approved system design document)

Inputting a range of numbers comprising a batch and then inputting each serially numbered document is characteristic of the control plan called:

batch sequence check

A representative workload, processed on a vendor's proposed system configuration, to obtain comparative throughput measures is called a(n):

benchmark

The columns in a control matrix contain headings listing the business process:

control goals

Having too many control plans directed at the same control goal is called:

control redundancy

The type of maintenance that is conducted to fix errors of an application is referred to as:

corrective

In a purchasing process, the receiving report may be accessed by all of the following except:

cashier

The AP/CD process handles the repetitive work routines of:

cashier

A control that can be used to reduce the likelihood of an error occurring when an account number is entered into a computer is:

check digit

Personnel development control plans consist of each of the following except:

checking employment references

Inventory carrying costs include all of the following except:

clerical cost of ordering goods

In the process of preparing a receiving report, the receiving department should perform all of the following tasks except:

compare the vendor's packing slip to a copy of the purchase requisition

When segregation of duties cannot be effectively implemented because the organization is too small, we may rely on a more intensive implementation of other control plans such as personnel control plans. This is called:

compensatory controls

Quality assurance function:

conducts reviews to determine adherence to IT standards

Not knowing whether input data has been accepted by the information system, the user enters the data again, resulting in duplicate event data. The control plan that helps to prevent this error is:

confirm input acceptance

A data replication strategy where all data changes are data stamped and saved to secondary systems as the changes are happening is called:

continuous data protection

Top security concerns reported by IT security professionals include all the following except:

data backup

The most error-prone and inefficient steps in an operations or information process is:

data entry

After the analysis team studies and documents the current physical system they should next:

define user requirements for the new/modified system

The systems selection tasks include all of the following except:

determine miscellaneous environmental needs

The process of evaluating the vendor proposals includes all of the following except:

determine to which vendors the RFPs will be sent

The primary reasons for performing regular employee performance reviews include all of the following except:

develop a strategy for filling necessary positions

A detailed vendor comparison would normally include all of the following except:

documentation volume

The WebTrust family of services offers best practices and e-business solutions related exclusively to B2B electronic commerce.

false

All of the following are components of a backup and recovery strategy except:

echo checking

The process of encoding data so that it may only be read by someone having a key is called:

encryption

All of the following would be tasks of post-implementation review except:

ensure a correct conversion by planning, controlling, and conducting an orderly installation of the new system

Digital signatures address all of the following control goals except:

ensure input completeness

A written approval in the form of a signature or initials on a document indicating that a person has authorized the event is directed primarily at achieving the control goal of:

ensure input validity

A sales representative enters the customer's account number and the system retrieves certain data about the customer from master data. This control plan addresses all of the control goals except:

ensure update completeness

Personnel termination control plans might include all of the following except:

establish a policy of forced vacations

A control report generated by a system that shows data about transactions that were accepted or rejected during a transaction processing step is called a(n):

exception and summary report

A warehouse clerk manually completing an order document and forwarding it to purchasing for approval is an example of:

executing events

An employee of a warehouse is responsible for taking a computer-generated shipping list, pulling the items from the warehouse shelves and placing them on a cart which is transferred to shipping when the list is completely filled. This is an example of:

executing events

A service bureau is more expensive than using an in-house computer.

false

A small organization that does not have enough personnel to adequately segregate duties must rely on alternative controls, commonly called resource controls.

false

A tickler file addresses the control goal of update accuracy.

false

Business continuity is the process of using backup measures to restore lost data and resume operations.

false

Data encryption is a process that codes data to make it readable to human eye.

false

In a logic bomb attack, a Web site is overwhelmed by an intentional onslaught of thousands of simultaneous messages, making it impossible for the attacked site to engage in its normal activities.

false

Independent validation of vendor invoices helps ensure that appropriate cash discounts are obtained.

false

Making program changes, correcting errors in the programs, and adding enhancements to the programs is called systems development.

false

The IS function with the principal responsibilities of ensuring the security of all IT resources is data control.

false

A control plan that is designed to detect a fraud by having one employee periodically do the job of another employee is called:

forced vacations

The purchasing manager is evaluated by his/her supervisors based on purchasing inventory at the lowest price. Consequently, the purchasing manager knowingly orders materials only based on price. This has resulted in the purchase of inferior quality materials. This improved the purchasing manager's performance evaluation, but had a negative impact on production due to an increase in scrapped materials. This situation is an example of a failure of:

goal congruence

A summation of customer account numbers taken from a batch of sales invoices would be classified as a:

hash total

In a typical, efficient AP/CD process, you would expect that "validating" a vendor invoice might include all of the following steps except:

having a copy of the invoice approved by the purchasing manager

Which of the following includes activities for the successful switch from the old to the new AIS?

implementation

A control plan that helps ensure the security of resources within the AP/CD process is:

independent authorization to make payment

Pervasive control plans:

influence the effectiveness of applications control plans

The department or function that develops and operates an organization's information systems is often called the:

information systems organization

The purpose of input control goals is to ensure:

input validity, input completeness, input accuracy

After defining the requirements for the new system, the current logical DFD should be modified to reflect the components of the future system. The development team may propose logical design alternatives for the future logical system that may involve derivatives of the following except:

internal entities

The use of IT resources for enterprise systems and e-business:

magnifies the importance of protecting the resources both within and outside of the organization from risks

A control plan to ensure input accuracy in payables processing is:

match invoice, purchase order, and receiving report

The AP application matches invoices, quantities, prices and terms when it performs the control plan:

match invoice, purchase order, and receiving report

In a control matrix, the coding M-1 means:

missing control plan

In a control matrix the coding P-1 means:

none of the above

A method of separating systems development and operations is to prevent programmers from:

operating the computer

Instructions for computer setup, required data, restart procedures, and error messages are typically contained in a(n):

operations run manual

Data flows of an AP/CD process normally might include all of the following except:

sales report

Searching through rubbish for system information such as passwords is called:

scavenging

A control that can ensure that receiving clerks are not influenced by quantity information while actually counting incoming goods is to:

send a "blind" copy of the purchase order to receiving

Specifications for availability, reliability, performance, capacity for growth, levels of user support, disaster recovery, security, minimal system functionality, and service charges are included in:

service-level requirements

The typical AP/CD process would capture and record data related to the day-to-day operations of all of the following departments except:

shipping

The typical purchasing process would capture and record data related to the day-to-day operations of all of the following except:

shipping

Following a systems development methodology during systems development:

should ensure that development efforts are efficient and consistently lead to information systems that meet organizational needs

The two primary steps in preparing the control matrix include:

specifying control goals, identifying recommended control plans

In an information systems organization structure, the three functions that might logically report directly to the CIO would be:

systems development, technical services, & data center

Making repairs and modifications to the system is known as:

systems maintenance

A key control concern is that certain people within an organization have easy access to applications programs and data files. The people are:

systems programmers

The system development step that immediately precedes the structured system design step is:

systems selection

Managing functional units such as networks, CAD/CAM and systems programming typically is a major duty of:

technical services manager

To write computer programs and interfaces, programmers use:

the approved systems design document

In structured systems analysis, the analysis preferably should start with analysis and documentation of:

the current physical system

Top 10 management concerns about IT's capability to support an organization's vision and strategy include all except the following:

the internet

In a voucher system, the data flow between the originating department and the process "prepare disbursement voucher" typically is:

the payment request

The final step in the in the implementation process is to write:

the project completion report

In a purchasing process, once requirements are determined and a vendor selected, the next step is:

the purchase order

A feasibility study is conducted to determine:

the scope of the problem

The disaster backup and recovery technique known as electronic vaulting is a service whereby data changes are automatically transmitted over the Internet on a continuous basis to an off-site server maintained by a third party.

true

When they are sent to a customer and returned with the payment, remittance advices are examples of:

turnaround documents

Application documentation that describes the application and contains instructions for preparing inputs and using outputs is a(n):

user manual

The physical requirements of a proposed system would include all of the following except:

user requirements

Determination of user requirements in the analysis step of systems development is more difficult in an e-business implementation because:

user requirements inside and outside the organization must be determined

In an AP/CD process "establish payable" would normally be triggered by:

vendor invoice

Outputs of a purchasing process normally might include all of the following except:

vendor invoice

The document one business sends to another business that identifies the amount to be paid is:

vendor invoice

Data about vendor compliance with the terms of the purchase order normally would be included in the:

vendor master data

Information for evaluating vendor performance normally would reside on the:

vendor master data

The purchasing processreceive goods and servicesnormally would be triggered by the data flow:

vendor packing slip

Purchase orders are sent to:

vendors

In an on-line computer system, restricting user access to programs and data files includes all of the following except:

wearing identification badges

The goal of validating vendor proposals is to determine:

which proposed systems meet the organization's requirements

As used in the text, the term services specifically refers to:

work performed by outside vendors

A control that is primarily directed at ensuring input validity is:

written approvals


संबंधित स्टडी सेट्स

Organizational Behavior Quiz 1- Chapter 5 Personality and Values

View Set

Chapter 38: The Child with a Gastrointestinal/Endocrine Disorder

View Set

Biology 1 : Chromosomes and Mitosis

View Set

Chapter 24: Organic Chemistry SmartBook 2.0

View Set

Babylonian & Persian Captivity Exam

View Set

AP Government Unit 5 Progress Check: MCQ

View Set