AIS-Final-teacher notes – Flashcards
Unlock all answers in this set
Unlock answersquestion
Control and Accounting Information Systems
answer
Control and Accounting Information Systems
question
65) Which of the following is not one of the risk responses identified in the COSO Enterprise Risk Management Framework?
answer
A) Monitoring
question
66) A control procedure designed so that the employee that records cash received from customers does not also have access to the cash itself is an example of a(n)
answer
A) preventive control.
question
67) Which of the following is an example of a preventive control?
answer
A) approving customer credit prior to approving a sales order
question
What is the question number 68???
answer
A) data input validation checks.
question
69) A computer operator is allowed to work as a programmer on a new payroll software project. Does this create a potential internal control problem?
answer
A) Yes, the computer operator could alter the payroll program to increase her salary.
question
70) One of the objectives of the segregation of duties is to
answer
A) make sure that different people handle different parts of the same transaction.
question
71) According to The Sarbanes-Oxley Act of 2002, the audit committee of the board of directors is directly responsible for
answer
A) hiring and firing the external auditors.
question
72) Which of the following is a control related to design and use of documents and records?
answer
A) Sequentially prenumbering sales invoices
question
73) Which of the following duties could be performed by the same individual without violating segregation of duties controls?
answer
A) Approving accounting software change requests and testing production scheduling software changes
question
74) With a limited work force and a desire to maintain strong internal control, which combination of duties would result in the lowest risk exposure?
answer
D) Entering payments to vendors in the cash disbursements journal and entering cash received from customers in the cash receipts journal
question
75) Which of the following is not a factor of internal environment according to the COSO Enterprise Risk Management Framework?
answer
A) Analyzing past financial performance and reporting
question
76) Which of the following statements about internal environment is false?
answer
A) Management's attitudes toward internal control and ethical behavior have only minimal impact on employee beliefs or actions.
question
77) One reason why many organizations do not adequately protect their systems is because
answer
B) productivity and cost cutting cause management to forgo implementing and maintaining internal controls.
question
78) Accountants must try to protect the AIS from threats. Which of the following would be a measure that should be taken?
answer
A) Take a proactive approach to eliminate threats. B) Detect threats that do occur. C) Correct and recover from threats that do occur. D) All of the above are proper measures for the accountant to take. Answer: D
question
79) The process that a business uses to safeguard assets, provide accurate and reliable information, and promote and improve operational efficiency is known as
answer
B) internal control.
question
80) Internal control is often referred to as a(n) ________, because it permeates an organization's operating activities and is an integral part of management activities.
answer
C) process
question
81) Which of the following is accomplished by corrective controls?
answer
A) Identify the cause of the problem. B) Correct the resulting errors. C) Modify the system to prevent future occurrences of the problem. D) All of the above are accomplished by corrective controls. Answer: D
question
82) Duplicate checking of calculations is an example of a ________ control, and procedures to resubmit rejected transactions is an example of a ________ control.
answer
B) detective; corrective
question
83) ________ controls prevent, detect and correct transaction errors and fraud.
answer
A) Application
question
84) The primary purpose of the Foreign Corrupt Practices Act of 1977 was
answer
B) to prevent the bribery of foreign officials by American companies.
question
85) Congress passed this federal law for the purpose of preventing financial statement fraud, to make financial reports more transparent and to strengthen the internal control of public companies.
answer
C) The Sarbanes-Oxley Act of 2002
question
86) Which of the following is not one of the important aspects of the Sarbanes-Oxley Act?
answer
D) New rules for information systems development
question
87) This control framework addresses the issue of control from three vantage points: business objectives, information technology resources, and information technology processes.
answer
A) ISACA's control objectives for information and related technology
question
88) This control framework's intent includes helping the organization to provide reasonable assurance that objectives are achieved and problems are minimized, and to avoid adverse publicity and damage to the organization's reputation.
answer
C) COSO's enterprise risk management framework
question
89) The COSO Enterprise Risk Management Framework includes eight components. Which of the following is not one of them?
answer
C) compliance with federal, state, or local laws
question
90) Which of the following is not one of the eight interrelated risk and control components of COSO Enterprise Risk Management Framework?
answer
D) Event assessment
question
91) The COSO Enterprise Risk Management Integrated Framework stresses that
answer
A) risk management activities are an inherent part of all business operations and should be considered during strategy setting.
question
92) Which component of the COSO Enterprise Risk Management Integrated Framework is concerned with understanding how transactions are initiated, data are captured and processed, and information is reported?
answer
A) Information and communication
question
93) The COSO Enterprise Risk Management Integrated Framework identifies four objectives necessary to achieve corporate goals. Objectives specifically identified include all of the following except
answer
A) implementation of newest technologies.
question
94) Which attribute below is not an aspect of the COSO ERM Framework internal environment?
answer
C) Restricting access to assets
question
95) The risk that exists before management takes any steps to control the likelihood or impact of a risk is A) Inherent risk
answer
A) Inherent risk
question
96) When undertaking risk assessment, the expected loss is calculated like this.
answer
B) Impact times likelihood
question
97) The Sarbanes-Oxley Act (SOX) applies to
answer
D) all publicly held companies.
question
98) Global Economic Strategies, L.L.D., has been diligent in ensuring that their operations meet modern control standards. Recently, they have extended their control compliance system by incorporating policies and procedures that require the specification of company objectives, uncertainties associated with objectives, and contingency plans. They are transitioning from a ________ to a ________ control framework.
answer
D) COSO-Integrated Framework; COSO-ERM
question
99) According to the COSO Enterprise Risk Management Framework, the risk assessment process incorporates all of the following components except
answer
A) reporting potential risks to auditors.
question
100) Change management refers to
answer
D) controls designed to ensure that updates in information technology do not have negative consequences.
question
Database Design Using the REA Data Model
answer
Database Design Using the REA Data Model
question
101) The REA data model is so named because it classifies entities into three distinct categories. These categories include all of the following except: A) The Entities that are identified for a business B) The Resources the organization acquires and uses C) The Events that are the business activities in which the organization engages D) The Agents participating in these events Answer: A
answer
A) The Entities that are identified for a business
question
102) Which of the following statements about REA modeling and REA diagrams is true?
answer
A) REA is an acronym for Resources, Events, and Agents.
question
103) The process of defining a database so that it faithfully represents all aspects of the organization including its interactions with the external environment is called
answer
A) data modeling.
question
104) In which stage(s) of the database design process does data modeling occur?
answer
C) in both the systems analysis and design stages
question
105) A(n) ________ diagram graphically depicts a database's contents by showing entities and relationships.
answer
C) entity-relationship
question
106) On an entity-relationship (E-R) diagram, anything about which an organization wants to collect and store information is called
answer
B) an entity.
question
107) In a relational database, entities such as shown in a E-R diagram are contained in
answer
D) tables
question
108) In a relational database, the relationship between tables (entities) is always
answer
C) 1-to-many
question
109) A "1-to-many" relationship between Customer Number in the Customer Table and Customer Number in the Sales Order Table means there can be _________.
answer
A) Many sales orders for a given customer, but only one customer per sales order
question
110) You define a relationship between the Sales Order (Child) table and the Customer (parent) table using a 1-to-many link between
answer
B) the Foreign Key in the Sales Order Table and the Primary Key in the Customer table
question
111) When you define a relationship between the Customer Number in the Sales Order (Child) Table and the Customer Number in the Customer (Parent) Table using a 1-to-many link, setting the Referential Integrity control on the relationship means:
answer
C) You cannot use a Customer Number in entering a new Sales Order that does not already exist in the Customer Table
question
Introduction to Systems Development and Systems Analysis
answer
Introduction to Systems Development and Systems Analysis
question
112) What is the correct sequence of the phases in the systems development life cycle?
answer
C) system analysis, conceptual design, physical design, implementation and conversion, and operations and maintenance
question
Use the following information to answer 113 and 114
answer
During the first two phases of the SDLC, systems analysis and conceptual design, control requirements are considered. During the third phase of SDLC, the physical design stage, input, output, and database attributes are designed, as well as specific controls. Programs and procedures are developed during this stage as well. A final part of this stage is the delivery of the developed system, which will be further enhanced during the implementation and conversion stage of the SDLC.
question
113) In developing new systems using the SDLC,
answer
D) It is best to analyze, design, test and implement IT controls at the same time that you analyze, design, test and implement non-control functionality.
question
114) An example of a detective control that a new system implementation team may introduce during the physical design phase of a SDLC for implementing a new ERP system for discrete manufacturing is:
answer
C) A report that shown any zero cost parts.
question
115) Instead of using the SDLC to develop a new system "in-house," a company may choose to purchase an "Off-the-Shelf" (OTS) system from a software company. This situation means:
answer
B) The OTS will need to be configured (set up) so it can effectively support the business C) Any data in the legacy system that will be loaded into the OTS may need to be converted so that the data can be processed in the new OTS D) Both B and C Answer: D
