BEC-2

Ace your homework & exams now with Quizwiz!

Which of the following best illustrates sales by category using best practices for visualization? Pie chart Packed bubble chart Symbol chart Bar chart

Bar chart Correct! This is the best choice for displaying these data. The data are ordered by size and labeled with percentages of total.

This chart is an example of a: Line chart. Graph line. Scatterplot. Bar chart.

Bar chart. Correct! This bar chart shows the relationship between a category (region) and a variable (business tax rate).

Bloomsdale wants to determine if the company from whom she buys seafood is buying only sustainable seafood. Bloomsdale may be able to use ____________ to find this information. Bitcoin Multifactor identification Blockchain OLTP

Blockchain Correct! A transaction record that is stored in blockchain can be designed to contain this information.

To maintain effective segregation of duties within the information technology function, an application programmer should have which of the following responsibilities? Modify and adapt operating system software. Correct detected data entry errors for the cash disbursement system. Code approved changes to a payroll program. Maintain custody of the billing program code and its documentation.

Code approved changes to a payroll program. This answer is correct. An appropriate function for an application programmer includes making code approved changes to a payroll program.

Rootin' Roberta of Sharpie Shooters Range Corp. is charged with replacing the computer used in the accounting system. She wants a quick boot time and fast access to storage. She doesn't need a lot of storage, but she wants maximum security in storage. She should consider purchasing: Computers that primary rely on optical disks. A system that primary rely on RAID storage. A system that primarily relies on cloud-based storage. Computers that primary rely on SSD storage.

Computers that primary rely on SSD storage. (Correct!) Solid state drive (SSD) storage has the desired characteristics.

Which of the following is not an example of gamification? Building graphics and video displays into simulations to teach workers about dangers at a factory A competition among salespeople to earn points Dressing up as a cow to promote a fast food restaurant Creating a game to teach students about managerial accounting

Dressing up as a cow to promote a fast food restaurant Correct! Dressing up as a cow to promote a fast food restaurant is not an example of gamification.

This system is most likely to include external data. Operational system. MIS. DSS. ESS.

ESS. ESS are most likely to include external data.

Big data initiatives should: Be independent of existing IT initiatives. Have a strong governance structure. Be a subset of the event response plan. Be overseen by the internal audit department.

Have a strong governance structure. (Correct!) This is a true statement.

The first steps in assessing privacy issues in an organization is to Write notifications to stakeholders; inventory the accuracy of data. Inventory data; determine relevant laws and regulations. Draft opt-out provisions; obtain top management buy-in for these provisions Secure existing data; determine disclosures allowed to third parties.

Inventory data; determine relevant laws and regulations. Correct! These are the first steps in assessing privacy in an organization. Understanding existing data and the laws that govern is the correct starting point.

_____, ______, and ______ are all elements of a manual accounting system. Journals; ledgers; e-vouchers Ledgers, automated transactions, assets Journals, receivables ledgers, concentration of information Ledgers, journals, invoices

Ledgers, journals, invoices Correct! Ledgers, journals, and invoices are all elements of a manual accounting system.

_____ is the foundation of systems reliability. Security Availability Processing integrity Confidentiality

Security Correct! According to the AICPA ASEC principles, security is the foundation of systems reliability.

Which of the following is least likely to be an advantage of an automated accounting system? A distinct, easily followed audit trail Processing speed Fewer idiosyncratic errors Less likelihood of intrusion

A distinct, easily followed audit trail Correct! Audit trails tend to be more transparent in manual than in automated accounting systems.

The CPU includes all of the following except ALU. RAM. Control unit. All of the above are part of the CPU.

All of the above are part of the CPU. This is the best answer because ALU, RAM, and the control unit are all considered part of the CPU.

_____ concerns whether the system is operational and usable as specified in commitments and agreements. Security Availability Processing integrity Confidentiality

Availability Correct! According to the AICPA ASEC principles, this is the definition of availability.

HMDs: Are fully immersive. Include three optical displays. Partly result from the IoT. Depend on an unoccluded field of vision.

Partly result from the IoT. Correct? HMDs attach sensors to glasses or helmets and are therefore a type of IoT device.

Alejandro uses Amazon "one-click." This is an example of: IoT. Big data. Smart data. Payment processing

Payment processing Correct! This statement is true.

Jones and Willy recently implemented an automated accounting system to replace their manual accounting system. While setting up the system, they find that: They need to permanently run the manual and automated accounting systems as a control over processing. The automated system requires controls related to people, software, and hardware. Access controls are of less importance in the new system. The company's external auditors are best qualified to set up the new system.

The automated system requires controls related to people, software, and hardware. Correct! This is a true statement about automated systems.

Governance is primarily the responsibility of: Top management. The board. The CEO. Those individuals who are identified by SOX Section 404 as responsible for the system of internal control.

The board. Correct! This statement is true. Governance is primarily the responsibility of the board of directors.

In a large multinational organization, which of the following job responsibilities should be assigned to the network administrator? Managing remote access. Developing application programs. Reviewing security policy. Installing operating system upgrades.

Managing remote access. Managing remote access is an appropriate responsibility for a network administrator.

Each of the following is a desirable characteristic of IT policies except: Should relate to physical or electronic threats to IT. An owner is responsible for the policy. Should include a statement of purpose and a title. Should be linked to strategy and objectives.

Should relate to physical or electronic threats to IT. Correct! This is a false statement. IT policies need not relate specifically to physical or electronic threats to IT.

Which of the following examples shows the highest level of intelligence of an AI system? User identification Translating financial statements into the structure and format of international financial reporting standards A fleet of drones monitors a client's inventory of livestock and reports on the health and well-being of the herd Analyzing financial statements for a client

A fleet of drones monitors a client's inventory of livestock and reports on the health and well-being of the herd Correct! This is an example of a physical task that includes a sophisticated visual recognition system and advanced analytics.

The best starting point for an organizational big data initiative is: Data mining. A social media data assessment. A governance structure. Assessing controls

A governance structure. Correct! This is the best starting point for a big data initiative.

The IT Steering Committee at Henry Flower's Flower shop is assessing whether to purchase, or internally develop, a new CRM (customer relationship management) system. In the COBIT model, this is best classified as an example of Planning and Organization. Acquisition and Implementation. Delivery and Support. Monitoring.

Acquisition and Implementation. Correct! A make or purchase decision, such as is described in this case, is a part of assessing how to acquire, implement, or develop IT solutions that address business objectives and integrate with critical business process.

Winthrop P. Snigledorf calls about his outrageous cable bill and is greeted by the "voice" of an AI program. This system is probably best described as an example of Machine learning. A robot. An intelligent agent. An expert system.

An intelligent agent. Correct! Intelligent agents interact with humans (e.g., Siri® on the Apple® iPhone®) and have natural language processing ability.

Risk identification should be mapped to: An organization's industry. Organizational personnel. Liabilities. Asset utilization.

An organization's industry. Correct! Cyber risks are often planned by hackers to exploit specific weaknesses, and achieve specific outcomes, in an industry—for example, targeting financial services firms to steal money.

During the annual audit, it was learned from an interview with the controller that the accounting system was programmed to use a batch processing method and a detailed posting type. This would mean that individual transactions were Posted upon entry, and each transaction had its own line entry in the appropriate ledger. Assigned to groups before posting, and each transaction had its own line entry in the appropriate ledger. Posted upon entry, and each transaction group had a cumulative entry total in the appropriate ledger. Assigned to groups before posting, and each transaction group had a cumulative entry total in the appropriate ledger.

Assigned to groups before posting, and each transaction had its own line entry in the appropriate ledger. This answer is consistent with the batch processing system and the detailed posting of transactions.

Challenges of big data include all of the following except: Storage. Quality. Integration. Attrition and retention.

Attrition and retention. (Correct!) What do attrition and retention have to do with big data? Why would attrition and retention be higher with big data? Attrition and retention of what, the data or the employees?

Database management software is considered: Outerwear. Software. Middleware B and C.

B and C. Database management software is considered both software and middleware.

At Mega-Construction, secured payments are sent to suppliers as soon as materials are received and scanned. Many attributes of the received goods are also scanned and recorded immediately on receipt (e.g., time received, quality indicators, item location through GPS functionality). This information is shared through a distributed ledger. Mega-Construction is likely using _______________. Blockchain TCP/IP Bitcoin STMP

Blockchain Correct! The described characteristics are consistent with the use of a blockchain system.

The Slippin' into Darkness Mortuary is reviewing its cybersecurity to explore its current state and related risks as a part of establishing high-level objectives for cybersecurity. In the framework for cybersecurity, this is an example of the element ______ and the function _______. Categories; identify Subcategories; respond References; identify Functions; detect

Categories; identify Correct! The organization is exploring "how is it doing?" at a high level related to cybersecurity. Hence, the function is "identify" and, because the focus is on high-level objectives, the element is "categories."

Vindaloo Corporation wants data storage for a large volume of data that is unlikely to change often. They should consider using A hard disk. Magnetic tape. Cloud storage. Memory (RAM).

Cloud storage. Cloud storage is the best choice of the available answers. It can handle a large volume of data and can be adapted to data that changes infrequently.

When erroneous data are detected by computer program controls, such data may be excluded from processing and printed on an error report. The error report should most probably be reviewed and followed up by the Supervisor of computer operations. Systems analyst. Control group. Computer programmer.

Control group. This answer is correct because the control group is responsible for providing a continuous review function by supervising and monitoring input, operations, and the distribution of output (i.e., a continuous internal audit function).

In a system with strong controls, information requirements are linked to _______ and ______. Patch controls; reticulating splines Likelihood; damages Controls; risks Exploits; outsourcing

Controls; risks Correct! Information requirements of organizational systems should be linked to internal control and relevant risks, including cyber risks.

DOUBLE Today organizations are using microcomputers for data presentation because microcomputer use, compared to mainframe use, is more Controllable. Conducive to data integrity. Reliable. Cost effective.

Cost effective. This answer is correct. In cooperative processing, microcomputers are more cost effective than mainframes for data entry and presentation because microcomputers are better suited to frequent screen updating and graphical user interfaces.

Today organizations are using microcomputers for data presentation because microcomputer use, compared to mainframe use, is more Controllable. Conducive to data integrity. Reliable. Cost effective.

Cost effective. This answer is correct. In cooperative processing, microcomputers are more cost effective than mainframes for data entry and presentation because microcomputers are better suited to frequent screen updating and graphical user interfaces.

Real-time processing is most appropriate for which of the following bank transactions? Credit authorizations for consumer loan applicants Biweekly payroll for bank employees Purchases of fixed assets Expiration of prepaid liability insurance

Credit authorizations for consumer loan applicants Correct! Speed! It's all about speed here. Loan applicants want fast answers. They are impatient! Quickly! Run the data quickly! Gimme my money! Now!

The following customer data is stored in the sales processing system to a regional produce distributor: CustomerNumber, CustomerName, CustomerPhone, CustomerContact, CustomerCreditLimit Which of the following is true? CustomerNumber is an example of a field. CustomerNumber is an example of a data value. CustomerNumber is an example of a record All of the above are true.

CustomerNumber is an example of a field. CustomerNumber is an example of a field (also known as an attribute).

Concerns about the IoT include all of the following except: Reduced privacy. Cycle times. Data storage. Risk exposure.

Cycle times. Correct! A cycle time in manufacturing is the time required to produce an order. In computer science, it is the time between one random access memory event to the next. Neither of these definitions is relevant to the IoT.

Which of the following information technology (IT) departmental responsibilities should be delegated to separate individuals? Network maintenance and wireless access. Data entry and antivirus management. Data entry and application programming. Data entry and quality assurance.

Data entry and application programming. The separation of the data entry function from the application programming function is critical to the segregation of duties within an IT department. This is because if one both enters data and changes the programs into which those data are entered, one can perpetrate consequential financial frauds. This is why data entry occurs within the operations unit of an IT department and application development occurs within the development function of an IT department. These functions must be kept separate and their duties segregated. Therefore, this is the best answer to the question.

Mitch and Murray Real Estate is building a national database of real estate sales transactions to help their sales staff identify trends, opportunities, and unique risks in their markets. This is an example of: Data transformation. Data cleansing. Data visualization. Data extracting.

Data extracting. Correct! Harvesting data—that is, building a database—is an example of data extraction.

Walmart analyzes point-of-sale data to determine sales trends, develop marketing campaigns, and predict customer loyalty. Walmart is engaged in _____________ using __________. Online marketing; social media data Industrial espionage; internal data Data mining; big data Audit analytics; a database

Data mining; big data Correct! This is an example of using data mining with big data.

IT policies are particularly important in: High-tech companies. Financial services companies. Decentralized companies. Companies that sell IT services.

Decentralized companies. Correct! IT policies are particularly important in decentralized companies since IT services are likely to be less under the control of management.

Internal auditors at Henry Flower's Flower shop are undertaking a comprehensive review of outsourcing contracts and policies as part of improving service quality. In the COBIT model, this is best classified as an example of Planning and Organization. Acquisition and Implementation. Delivery and Support. Monitoring

Delivery and Support. Correct! The task of reviewing outsourcing contracts is a part of assessing how to best deliver required IT services including operations, security, and training.

Checkpoint auto leasing is a small company with six employees. The best action that it can take to increase its internal control effectiveness is Hire temporary employees to aid in the segregation of duties. Hire a bookkeeper to perform monthly "write up" work. Clearly delegate responsibilities to each employee for the functions that they are assigned. Engage the owner in direct participation in the activities, including financial record-keeping, of the business.

Engage the owner in direct participation in the activities, including financial record-keeping, of the business. This is the best answer since engaging the owner in the activities of the business is an important compensating control in small organizations.

A company has a significant e-commerce presence and self-hosts its website. To assure continuity in the event of a natural disaster, the firm should adopt which of the following strategies? Back up the server database daily. Store records off-site. Purchase and implement RAID technology. Establish off-site mirrored Web server.

Establish off-site mirrored Web server. This answer is correct. Establishing an off-site mirrored Web server would provide for continuous duplication of data in geographically separated locations.

Business transformation through blockchain is likely to occur __________________ and requires ___________ adoption. Quickly; supplier Eventually; widespread Eventually; supplier Quickly; widespread

Eventually; widespread Correct! Blockchain requires widespread user adoption; business transformation cannot occur until there is sufficient adoption among users. Therefore, blockchain transformation will likely not occur quickly.

Monster Lorenzo Sneakers has a division that combines information from several sources into one comprehensive database. The included data relates to customer information from a company's point-of-sale systems (the cash registers), its website, its mailing lists, and its comment cards. It also includes separate data about employees, including time cards, demographic data, and salary. If Monster Lorenzo Sneakers decided to launch a big data initiative, what is the most likely effect on this division? Expansion Contraction Elimination Refurbishing

Expansion Correct! The described division is a data warehouse. Big data initiatives generally result in expanding data warehouses.

Scarlett O'Hara "Give a Darn" tours of Atlanta has an automated system that uses information obtained from travel agents to help customers find the best tours for their interests. This is best described as a(n) _____________. Database Data warehouse Expert system Data mart

Expert system Correct! This is an expert system since it integrates expert advice for a user.

In general, information about cyber breaches should be communicated to: External auditors. All personnel. The federal cyber breach authority. The press.

External auditors. Correct! Information about cyber breaches should be communicated to an entity's external auditors.

Typography is the choice of _____ in a visual display while iconography is the choice of ______ in a visual display. Color, arrangement Fonts, colors Fonts, icons Icons, fonts

Fonts, icons Correct! Typography is the use of fonts in visual displays. Iconography is the use of icons in visual displays.

Which of the following risks increases the least with cloud-based computing compared with local server storage for an organization that implements cloud-based computing? Data loss. Vendor security failure. Global visibility. System hacks.

Global visibility. Global visibility is not a risk of cloud-based computing.

_____ is the name of the processes and structures, implemented by the board, to achieve organizational goals. Governance Matching Oversight Strategy

Governance Correct - this is the definition of governance.

One important purpose of COBIT is to Guide managers, users, and auditors to adopt best practices related to the management of information technology. Identify specific control plans that should be implemented to reduce the occurrences of fraud. Specify the components of an information system that should be installed in an e-commerce environment. Suggest the type of information that should be made available for management decision making.

Guide managers, users, and auditors to adopt best practices related to the management of information technology. This is one important purpose of COBIT.

Hubert Humbert Fashion Designers implemented an organization-wide ERP system that failed. Which of the following is the least likely reason for the failure of such a system? A poor system development process Lack of management support Hardware failures Underestimating system implementation time and complexity

Hardware failures Correct! Hardware failures are very unusual. They are an unlikely reason for an ERP failure.

Which of the following is true of enterprise resource planning (ERP) systems? I. The online analytical processing system (OLAP) provides data warehouse capabilities for the ERP system. II. The ability of an ERP system to provide an integrated view of transactions in all parts of the system is a function of the online transaction processing (OLTP) system. I only. II only. Both I and II. Neither I nor II.

I only. The online analytical processing system (OLAP) incorporates data warehouse and data mining capabilities within the ERP. The online transaction processing system (OLTP) records the day-to-day operational transactions and enhances the visibility of these transactions throughout the system. It is primarily the OLAP and not the OLTP, that provides an integrated view of transactions in all parts of the system. The OLTP is primary concerned with collecting data (and not analyzing it) across the organization

What is an example of the use of the cloud to access hardware? IaaS PaaS SAP ERP

IaaS IaaS is the use of the cloud to access virtual hardware.

Snuggly Whippet Corp. has assigned a staff analyst to investigate privacy laws and regulations related to its business of selling whippet puppies to an international clientele of wealthy purchasers. In relation to the framework for cybersecurity, this is an example of: Detecting threats. Recovering from a cyber incident Responding to a cyber incident Identifying references

Identifying references Correct! The staff analyst is searching regulations. The goal of this project is to identify relevant privacy laws and regulations (i.e., references in the language of the framework for cybersecurity).

One of the benefits of a single integrated database information system is Closer program-data linkage. Increased data redundancy. Reduced security. Increased data accessibility.

Increased data accessibility. This answer is correct. Increased data accessibility is a benefit of a single integrated database information system.

An enterprise resource planning (ERP) system has which of the following advantages over multiple independent functional systems? Modifications can be made to each module without affecting other modules. Increased responsiveness and flexibility while aiding in the decision-making process. Increased amount of data redundancy, since more than one module contains the same information. Reduction in costs for implementation and training.

Increased responsiveness and flexibility while aiding in the decision-making process. This answer is correct. An ERP system increases responsiveness and flexibility while aiding in the decision-making process.

According to the AICPA ASEC, the requirement of notice related to privacy states: Individuals must receive informed consent before participating in research. Individuals must receive informed consent regarding the availability of systems operations. A subelement of information quality. Individuals must be told about privacy policies including why information is collected, used, retained, and disclosed.

Individuals must be told about privacy policies including why information is collected, used, retained, and disclosed. Correct! According to the AICPA ASEC principles, the principles of notice require the above-described actions.

In an accounting information system, which of the following types of computer files most likely would be a master file? Inventory subsidiary. Cash disbursements. Cash receipts. Payroll transactions.

Inventory subsidiary. The "inventory subsidiary" is an example of a "ledger." A ledger maintains the balances of some kind of account (accounts receivable subsidiary ledger maintains customer accounts, accounts payable subsidiary ledger maintains vendor accounts, inventory subsidiary ledger maintains product accounts). Ledger files are called "master files" because the individual transaction amounts found in the journals ("transaction files") are used to update the balances in the ledger files: the transaction files contain the detail; the master file contains the totals.

A tire company has created a dashboard to evaluate the following measures: Customer Lifetime Value (CLV) (i.e., the value realized to the company from each customer), Customer Acquisition Cost (CAC) (costs of acquiring each customer), Customer Satisfaction & Retention, and the number of new and existing customers. Which of the following best describes this initiative: Prescriptive analytics KPIs Predictive analytics Audit data analytics

KPIs Correct! The company is identifying its most critical measures of customers as a part of managing these measures.

Gus McCrae, an accountant at Lonesome Dove Cattle Ranch, builds a spreadsheet to track cow movements between locations. However, there are so few movements of cattle between locations that the spreadsheet is unhelpful. This problem illustrates which of the following issues? Inadequate scope and scalability Lack of strategic focus Lack of strategic engagement Digitization

Lack of strategic focus Correct! This spreadsheet was not needed and should not have been created.

Which of the following internal control procedures would prevent an employee from being paid an inappropriate hourly wage? Having the supervisor of the data entry clerk verify that each employee's hours worked are correctly entered into the system. Using real-time posting of payroll so there can be no after-the-fact data manipulation of the payroll register. Giving payroll data entry clerks the ability to change any suspicious hourly pay rates to a reasonable rate. Limited access to employee master files to authorized employees in the personnel department.

Limited access to employee master files to authorized employees in the personnel department. This answer is correct because limiting access to employee master files to authorized employees would help prevent unauthorized changes in the wage rates in the master files.

Roberta is a programmer who writes applications for Parsnips Health Care. She also has access to the file library. This is a concern because she may: Grant system access inappropriately to others. Make changes in applications. Make changes to both the live and archive copies of programs. Fail to follow system change protocols.

Make changes to both the live and archive copies of programs. (Correct!) If she changes both live and archive copies of programs, changes that she has made may not be detected.

Which of the following is true about master files? Master files contain a historical record of all transactions processed by the system. To maintain a manageable file size, master files are periodically purged from the system. Master files contain both processed and unprocessed transactions. Master files are the computerized counterpart of ledgers found in manual systems.

Master files are the computerized counterpart of ledgers found in manual systems. Master files maintain balances by accounts (financial statement accounts, customer accounts, vendor accounts, etc.), just as ledgers do in manual systems.

Which of the following is not considered a secondary storage device? Magnetic disk. Microcomputers. Flash drives. Optical disc.

Microcomputers A microcomputer is not a secondary storage device.

Acme Corp. uses data on the strength of a user's touch on a keyboard to partially authenticate users. This is an example of: Big data. Biometrics. Multifactor authentication. Integrated authentication.

Multifactor authentication. Correct! Why? Because the system will not use only the user's touch on keyboard, it will also use other authentication metrics (notice the "partially" in the sentence above).

Simone works as an airline reservations agent. She mostly likely interacts with a: Batch system. Batched, online system. POS system. OLRT system.

OLRT system. (Correct!) An online, real-time system would be appropriate for airline reservations.

The machine-language program that results when a symbolic-language program is translated is called a(n) Processor program. Object program. Source program. Wired program.

Object program. This answer is correct because the translation of a symbolic-language program (readable by humans) results in an object program which is machine-readable.

Credit Card International developed a management reporting software package that enables members interactively to query a data warehouse and drill down into transaction and trend information via various network set-ups. What type of management reporting system has Credit Card International developed? On-line analytical processing system. On-line transaction-processing system. On-line executive information system. On-line information storage system.

On-line analytical processing system. On-line analytical processing systems (OLAPs) are an increasingly important multidimensional analytical tool. An OLAP is a modification and expansion of an on-line transaction processing system to provide the capabilities and functionalities identified in this question.

Which of the following statements about processing methodologies is true? Batch systems, though inexpensive to develop, are much more expensive to operate than online real-time databases. Online real-time processing is especially desirable when transactions occur continuously and are interdependent. The implementation of both batch processing and online real-time processing require access to a networked computer system. Although designed to help ensure accuracy in a batch processing environment, batch control totals are frequently used to control accuracy in online real-time systems as well.

Online real-time processing is especially desirable when transactions occur continuously and are interdependent. Online real-time processing is especially desirable when transactions occur continuously and are interdependent. Batch processing is especially desirable when transactions occur periodically and are independent.

Which of the following devices "burns" data onto a surface? Magnetic tape reader. Supercomputer. ROM. Optical disc recorder.

Optical disc recorder. An optical disc recorder uses a laser to burn data onto a disk surface.

Which of the following is a critical success factor in data mining a large data store? Pattern recognition. Effective search engines. Image processing systems. Accurate universal resource locater (URL).

Pattern recognition. Data mining is the process of sorting through data maintained in a data warehouse in an effort to identify relationships between data fields or events. These relationships are often classified as sequences (one event leads to another) or associations (one event is correlated with another event). The ability to recognize these patterns is, thus, critical to successful data mining.

Which of the following is a critical success factor in data mining a large data store? Pattern recognition. Effective search engines. Image processing systems. Accurate universal resource locator (URL).

Pattern recognition. This answer is correct because the benefit of data mining is the confirmation and exploration of data relationships.

Which of the following can be discovered using a data-mining process? Data structure. Previously unknown information. Artificial intelligence. Standard query reporting.

Previously unknown information. Correct! The purpose of data mining is to discover new insights and relationships. For example, data mining can be useful in determining what is likely to occur in the future.

______ addresses whether the collection, use, retention, disclosure, and disposal of personal information is consistent with the entity's commitments and with GAPP. Quality Processing integrity Privacy Access

Privacy Correct! According to the AICPA ASEC principles, this is the definition of privacy.

Complete the missing words in the following sentence: ____ are actions that implement _____. Policies, control systems Control systems, policies Procedures, policies Policies, procedures

Procedures, policies Correct! This is a true statement. Procedures are actions that implement policies.

_____ concerns the completeness, validity, accuracy, timeliness, and authorization of system process. Quality Processing integrity Privacy Access

Processing integrity Correct! According to the AICPA ASEC principles, this is the definition of processing integrity.

A company that sells hand-carved statues from rural Indonesia online is using a ___________ strategy: Digitization Product differentiation Cost leadership Integrated

Product differentiation Correct! This is an example of a product differentiation strategy since competitors are unlikely to be able to sell this same product.

Hubert Humbert Fashion Designers is considering implementing an organization-wide ERP. Which of the following is least likely to be a motivation for implementing such a system? Reducing and eliminating data redundancy Improving organizational agility Improving data analytic capabilities Reducing system complexity

Reducing system complexity Correct! Reducing system complexity is an unlikely reason to implement an ERP. ERP systems tend to increase system complexity.

A bank discovers that it has violated federal law in its retention of customer records. Which of the following IT policies should address this violation? Procurement Regulatory compliance Quality Security

Regulatory compliance Correct! This is a failure of IT policies related to regulatory compliance.

SQL is most directly related to String question language processing. The "grandfather, father, son" method of record retention. Electronic commerce. Relational databases.

Relational databases. This answer is correct because virtually all relational databases use the SQL computer language.

At Multimedia Associates, there is some awareness of cybersecurity risks but not an organization-wide approach to managing these risks. In addition, the chief risk officer has assessed cybersecurity roles and risks but has not formalized these findings or shared them with critical stakeholders. Multimedia Associates evidences a ____________ implementation tier. Partial Risk-informed Repeatable Adaptable

Risk-informed Correct! The case evidences a risk-informed implementation tier, since the organization has some level of cybersecurity risk and has assessed roles and risks, but without sharing this information with relevant stakeholders.

Which of the following is least likely to be an example of big data? Dark data. Multifactor identification data. Sales data. Video conferencing data.

Sales data. (Correct!) This is a traditional accounting data source. Therefore, while these data will find their way into a big data pool (eventually), this is the least likely to be an example of big data, from the offered alternatives.

A manufacturing company discovers that its rollback and retention procedures do not include data from a key system related to production quality. Which of the following IT policies should address this violation? Procurement Service management and operational service problem solving Quality Security

Security Correct! This problem relates to disaster recovery preparation, which is a subcategory of IT security policies.

An accountant at Henry Higgins Language Lessons must sort the master file before processing recent transactions to update the master file. Henry Higgins uses ______ file storage. Sequential RAID Optical disk Data mart

Sequential Correct! This is an example of sequential file storage.

A computer sitting on a user's desk that includes a keyboard and a mouse is unlikely to be a(n): Desktop. Laptop. Server. Thin client.

Server Correct! Servers are generally in isolated (protected) locations and do not include a keyboard and a mouse for access. Servers are accessed from client computers.

Assessments of cyber risk impact: Should assess the timing and duration of impacts and be led by the IT steering committee in consultation with senior managers and IT stakeholders. Should assess the likelihood and severity of impacts and should be led by senior management in consultation with business and IT stakeholders. Should assess the timing and duration of impacts and be led by senior managers in consultation with business and IT stakeholders. Should assess the likelihood and severity of impacts and should be led by the IT steering committee in consultation with senior management and IT stakeholders.

Should assess the likelihood and severity of impacts and should be led by senior management in consultation with business and IT stakeholders. Correct! The initiative should assess likelihood and severity of impact and should be led by senior management in consultation with business and IT stakeholders.

The widespread adoption of the IoT will: Speed the adoption of automated authentication. Reduce the need for monitoring. Reduce security. Reduce costs.

Speed the adoption of automated authentication. Correct! This is true because, with the widespread data provided by electronic devices, there will be less need for user authentication by password.

Compared to online real-time processing, batch processing has which of the following disadvantages? A greater level of control is necessary. Additional computing resources are required. Additional personnel are required. Stored data are current only after the update process.

Stored data are current only after the update process. This answer is correct because batch-processed data is not updated until the batch is processed.

As a result of a breach of authentication at the Toot-Le-Monde French Horn Store, an analyst has specified a new control objective of "require multifactor identification for access to the client database." In the framework for cybersecurity, this is an example of the element ______ and the function _______. Categories; detect Subcategories; respond References; identify Functions; identify

Subcategories; respond Correct! The analyst has specified a control objective (i.e., the element is "subcategories" to respond (the function) to the cyber incident.

Which of the following employees normally would be assigned the operating responsibility for designing a computer installation, including flowcharts of data processing routines? Computer programmer. Data processing manager. Systems analyst. Internal auditor.

Systems analyst. This answer is correct because the systems analyst is responsible for designing the computer system, including the goals of the system and means of achieving those goals, based upon the nature of the business and its information needs. The systems analyst also must outline the data processing system for the computer programmer with system flowcharts.

A problem with the chart below is that: This information would be better displayed in a pie chart. The categories should be sorted alphabetically instead of by "hours worked." The vertical axis of a bar chart should always start at zero. Bar charts should always include numbers on the bars.

The vertical axis of a bar chart should always start at zero. Correct! Using nonzero axes in bar charts visually distorts the size of differences.

All of the following are examples of IT changes that have impacted internal control risk: Clouding computing, repurposed computing, blockchain The web, mobile computing, the cloud, and social media. Hackers, crackers, flappers, and wrappers. Text analytics, defense in depth, and in-shoring

The web, mobile computing, the cloud, and social media. Correct! Each of these factors has changed IT risks.

Compared to batch processing, real-time processing has which of the following advantages? Ease of auditing. Ease of implementation. Timeliness of information. Efficiency of processing.

Timeliness of information. This answer is correct because the major advantage of real-time processing is that information is available immediately.

A data scientist who works for a large company is harvesting data from a new social media website. In relation to this task, she states, "Because the data are text (i.e., words), we are having trouble cleaning it." This statement relates to the _______ portion of the ETL process and reflects a concern about ________ of the data. Load, process used to produce the data Transform, source Extract, nature Transform, nature

Transform, nature Correct! This concern relates to transforming the data, that is, cleaning it, and to the nature of the data, which is qualitative (i.e., words) and is therefore messy.

When a client's accounts payable computer system was relocated, the administrator provided support through a dial-up connection to a server. Subsequently, the administrator left the company. No changes were made to the accounts payable system at that time. Which of the following situations represents the greatest security risk? User passwords are not required to be in alphanumeric format. Management procedures for user accounts are not documented. User accounts are not removed upon termination of employees. Security logs are not periodically reviewed for violations.

User accounts are not removed upon termination of employees. This answer is correct. If accounts are removed upon termination, the terminated administrator can no longer have access to the company's systems.

Each of the listed IT policies is matched to its description except: Quality—statement of IT performance standards. Values and service culture—policies for ensuring the quality of live IT services. Electronic communications use—policy related to employ use of the Internet, intranet, email, and so on. Security—related to guarding against physical or electronic threats to IT.

Values and service culture—policies for ensuring the quality of live IT services. Correct! This is a false statement.The description given is of the "service management and operational service problem solving" policy.

Which of the following is a primary concern of the "extract" phase of ETL? What data do we need? How will we report the data? Is the data correctly formatted? Who needs the data?

What data do we need? Correct! Determining the needed data is a primary concern of the extraction process.


Related study sets

Ch.18- Cardiovascular Blood System

View Set

Marketing Chapter 8: Segmenting and Targeting Markets

View Set

Chapter 33: The Great War: The World in Upheaval

View Set