AIS Final
Which of the following is not an advantage of cloud computing? a) Companies must update their own software, even if stored in the cloud b) Companies save money on hardware or software costs c) Companies gain access to distant vendors or software developers d) Companies pay as they go
a) Companies must update their own software, even if stored in the cloud
This item creates relationships by linking the data in one file (e.g., customer) to an item in a second file (e.g., a sales order: a) Foreign key b) Data dictionary c) Relationships link bit d) Index file
a) Foreign key
Which of the following describes "cloud computing"? a) It is a way of using business applications over the Internet b) It is an internal business process over the organizations intranet c) It is an internal business process over the organizations extranet d) none of these
a) It is a way of using business applications over the Internet
Which of the following is not an example of application software? a) Operating Systems b) Spreadsheet packages c) Accounting packages d) Database management systems
a) Operating Systems
A simple information system includes all but the following elements except: a) Reporting b) Processing c) Storage d) Input.
a) Reporting
POS devices, bar code readers, and OCR devices are examples of a) input devices b) output devices c) processing devices d) transaction devices
a) input devices
The maintenance of backup copies of a company's important transaction and master files is an example of a: a) preventive control procedure b) detective control procedure c) corrective control procedure d) management-by-exception control procedure
a) preventive control procedure
Some firms and governmental organizations use ethical hackers to help find any vulnerabilities that could be exploited by a malicious hacker. Which of the following is also used to refer to ethical hacking? a) Denial of service b) Intrusion testing c) Penetration testing d) Executable testing
c) Penetration testing
An expense report was prepared by a company's cost center. One executive questioned one of the amounts and asked for "the source documents which support the total." Data processing was not able to routinely do so. The best control procedure would be: a) An error listing b) An audit trail c) Transmittal control d) Documentation
b) An audit trail
Segregation of duties is a fundamental concept in an effective system of internal control. Nevertheless, the internal auditor must be aware that this safeguard can be compromised through a) Lack of training employees b) Collusion among employees c) Irregular employee reviews d) Absence of internal auditing
b) Collusion among employees
The component of an internal control system that concerns itself with the way a company's management assigns authority and responsibility is called: a) Monitoring b) Control environment c) Risk assessment d) Information
b) Control environment
The Public Company Accounting Oversight Board (PCAOB) identifies two types of deficiencies in internal controls over financial reporting: deficiencies in design and deficiencies in operations. All of the following statements regarding these classifications of deficiencies are true except: a) Deficiencies in design can occur if a control is missing b) Deficiencies in operation can occur if a control objective would not be met even though the control being used is operating properly c) Deficiencies in design or operation occur when a control does not allow prevention or detection of misstatements in a timely manner d) deficiencies in operation can occur when the person performing the control doesn't have the authority to effectively perform the control
b) Deficiencies in operation can occur if a control objective would not be met even though the control being used is operating properly
An important characteristic of E-wallet is: a) It is exactly the same as regular cash b) It contains the identity of the user c) It is the same as EDI d) Users must also supply a credit card number when using it
b) It contains the identity of the user
The term "click-fraud" refers to: a) overcharging clients when they view a website b) Overcharging companies for phantom clicks on an advertising link c) Misleading users into clicking on links to websites selling illegal goods or services d) Misleading users into clicking on links to fictitious websites
b) Overcharging companies for phantom clicks on an advertising link
Assume that a company designs and implements a control procedure whereby the accountant that is responsible for recording cash receipts transactions does not have access to the cash itself. This control is an example of: a) Detective control b) Preventive control c) Corrective control d) Feedback control
b) Preventive control
Programs that help users perform such tasks as copying files, converting files from one format to another, compressing files, performing system diagnostics, and building disk directories best describes which of the following? (check this) a) Antivirus software b) Utility programs c) Application software d) Operating system software
b) Utility programs
A computer network spanning regional, national, or global areas best describes which of the following? a) LAN b) WAN c) ESPN d) DSL e) ISDN
b) WAN
One form of access security is determining authentic users by "who they are." Which of these is an example of such authentication? a) verifying a password b) biometric tests such as retina scans c) requesting that the user provide his or her mother's maiden name d) requiring the user to show a valid driver's license
b) biometric tests such as retina scans
Document flowcharts organize documents and activities by a) people b) departments c) monetary value d) complexity
b) departments
Process documentation does not include which of the following? a) user manual b) external audit workpapers c) process models d) business rules
b) external audit workpapers
Which of the following is not one of the objectives of internal controls? a) Safeguard assets b) promote firm profitability c) promote operational efficiency d) encourage employees to follow managerial policies
b) promote firm profitability
A company discovers that it is unlikely to meet analysts' earnings forecasts for the quarter. In order to meet the target, upper management decides to decrease the percentage of credit sales used to estimate bad debts expense, thus lowering this expense. No other reason exists for making the change. This is an example of a) misappropriation of assets b) real earnings management c) accruals management d) customer fraud
b) real earnings management
The sales department bookkeeper has been crediting house-account sales to her brother-in-law, an outside salesman. Commissions are paid on outside sales, but not on house-account sales. This might have been prevented by requiring that a) sales order forms be prenumbered and accounted for by the sales department b) sales commission statements be supported by sales order forms and approved by the sales manager c) aggregate sales entries be prepared by the general accounting department d) disbursement vouchers for sales commissions be reviewed by the internal audit department and checked to sales commission statements
b) sales commission statements be supported by sales order forms and approved by the sales manager
Misappropriation of assets is a) a form of computer fraud involving the misapplication of account numbers b) the theft of assets, usually by employees c) the improper recording of assets using credits d) a form of computer abuse that is not a crime
b) the theft of assets, usually by employees
Separation of duties is an important control activity. If possible, managers should assign which of the following functions to different employees? a) Analysis, authorizing, transactions b) Custody, monitoring, detecting c) Recording, authorizing, custody d) Analysis, recording, transactions
c) Recording, authorizing, custody
Section 404 affirms that management is responsible for establishing and maintaining an adequate internal control structure. This section may be found in which of the following? a) The 2013 COSO Internal Control-Integrated Framework b) The 2017 COSO Enterprise Risk Management-Aligning Risk with Strategy and Performance Framework c) The Sarbanes-Oxley Act of 2002 d) COBIT
c) The Sarbanes-Oxley Act of 2002
When we say that an organization has an "integrated security policy", what do we mean? a) The organization is working with suppliers and customers to improve security up and down the supply chain b) Managers in various departments within the firm meet to assess risk and develop security options for top management c) The organization is using a variety of security measures, such as firewalls, virus protection, intrusion detection systems, virtual private networks, etc. d) none of the above
c) The organization is using a variety of security measures, such as firewalls, virus protection, intrusion detection systems, virtual private networks, etc.
Which of the following statements correctly describes enterprise risk management (ERM)? a) Companies are required to use an approved framework when undertaking ERM. b) The sole purpose of ERM is to avoid negative outcomes. c) Using a widely recognized ERM framework gives a basic level of credibility to the company's risk management actions and plans. d) Once put into place, it is not necessary to update an organization's approach to ERM.
c) Using a widely recognized ERM framework gives a basic level of credibility to the company's risk management actions and plans
Which of the following best describes a data warehouse? a) a repository of historical information from one accounting application b) a repository of historical information from a set of accounting applications c) a repository of information from a wide range of services- some not accounting- stored within a company d) a repository of information from many businesses in the same industry
c) a repository of information from a wide range of services- some not accounting- stored within a company
What is it called when someone intentionally changes data before, during, or after they are entered into the computer (with the intent to illegally obtain information or assets)? a) a Trojan horse b) a logic bomb c) data diddling d) a cookie
c) data diddling
Which of the following is a component of a client/server system? a) user component b) satellite component c) data-management component d) output component
c) data-management component
Which type of data flow diagram depicts what the participants are doing in a system (i.e. what the system is doing)? a) context diagram b) physical DFD c) logical DFD d) systems flowchart
c) logical DFD
All of the following are ways to thwart computer viruses except: a) acquire a vaccine or anti-virus program b) do not download computer games from questionable sources c) maintain complete backup files d) buy shrink-wrapped software from reputable sources
c) maintain complete backup files
All of the following are possible uses of AIS or accounting personnel except a) countering terrorism b) foiling future accounting scandals c) performing monetary exchanges d) providing assurance services
c) performing monetary exchanges
Internal controls a) were first mandated for publicly traded companies by the Sarbanes-Oxley Act of 2002 b) must me audited for all publicly traded companies according to the PCAOB c) were first required for publicly traded companies by the Foreign Corrupt Practices Act of 1977 d) must be audited for all publicly traded companies according to the U.S. Securities and Exchange Commission
c) were first required for publicly traded companies by the Foreign Corrupt Practices Act of 1977
The COSO's Internal Control - Integrated Framework identifies five components as necessary for an effective internal control system. Which of those five establishes the tone of a company and influences the control awareness of the company's employees? a) control procedures b) control activities c) control environment d) monitoring e) information and communication
c. control environment
Most AISs perform all of the following functions except: a) Include procedures fir collecting raw accounting data b) Store accounting data for future uses c) Process data into useful information d) All of the above are functions of AISs
d) All of the above are functions of AISs
Which of the following best describes a fundamental control weakness often associated with automated data processing systems? a) Automated data processing equipment is more subject to systems error than manual processing is subject to human error b) Automated data processing equipment processes and records similar transactions in a similar manner c) Automated data processing procedures for detection of invalid and unusual transactions are less effective than manual control procedures d) Functions that would normally be separated in a manual system are combined in an automated data processing system
d) Functions that would normally be separated in a manual system are combined in an automated data processing system
Accounting issues associated with the use of virtual currencies include a) For tax purposes, the U. S. Internal Revenue Service treats virtual currency as property rather than as currency. b) For tax purposes, the U.S. Internal Revenue Service requires that transactions in virtual currency be reported in U.S. dollars. c) Assets subject to depreciation may not be purchased using virtual currency. d) a and b e) a, b, and c
d) a and b
A proxy server is a) a type of computer network often used by companies with many employees b) an alternate for a company mainframe computer c) a substitute for a good waiter at a restaurant d) a computer dedicated to Internet access and transfers
d) a computer dedicated to Internet access and transfers
Suspicious activity reporting a) only applies to banking transactions b) is mandated by state, but not federal regulations c) is mostly concerned with embezzlement issues d) requires CPAs to report questionable financial transactions to the U.S. Treasury Department
d) requires CPAs to report questionable financial transactions to the U.S. Treasury Department
A local area network administrator receives a call from an employee requesting his password. The person calling is not a real employee. This is an example of a) a DOS system b) a security Trojan horse c) a worm d) social engineering e) a security policy
d) social engineering
The hotline for Red Sunbeam Inc. receives a call claiming that an employee in the procurement department received kickbacks from a contractor in exchange for sharing confidential information about the bidding process. Which of the following would best support these allegations? a) the first party to bid won the contract b) the winning bid did not align with the contract specifications c) the bidding process was closed without selecting a contractor d) the winning bid was just below the next lowest bid
d) the winning bid was just below the next lowest bid
All of the following are benefits of XBRL except a. Companies can file financial information in one format, avoiding errors that may come from reentering data multiple times b. The SEC accepts XBRL-format for electronic filing of financial statement reports c. XBRL permits the automatic and reliable exchange of financial information across many software formats and technologies, including the Internet d. Auditors are required to provide assurance on XBRL filings e. All of the above are benefits of XBRL
d. Auditors are required to provide assurance on XBRL filings
