Search
Info
Warning
Danger

Study Resources (Accounting)

106) Disk shadowing is an example of a fault tolerance applied at what level? A) Network communications B) DASD C) Transaction D) CPU processor 107) An example of a fault tolerance at the network communications level is A) a watchdog processor. B) disk mirroring. C) rollback processing. D) an uninterruptable power supply. 108) Since many personal computer users do not.
0 Views
View Answer
11) ISO 27000 family of standards defines standards for building, operating, and maintaining ISMSs. 12) ISO27001 includes 132 general security controls, organized under 11 topics and further broken down into over 5000 detailed controls. 13) Passive threats include information systems fraud and computer sabotage. 14) System faults represent component equipment failures such as.
1 Views
View Answer
136) The information security management system life cycle includes analysis, design, implementation, and A) operation, evaluation, and management. B) operation, evaluation, and control. C) operation, management, and continuity. D) operation, control, and continuity. 137) Guidelines and standards that are important to Information Security Management Systems include all the following except A) COSO. B) COBIT. C) ERM. D) ISO 27000.
0 Views
View Answer
158) Presented below is a list of terms relating to accounting information systems, followed by definitions of those terms. Required: Match the letter next to each definition with the appropriate term. Each answer will be used only once. ________ 1. Database shadowing ________ 2. Logic bomb ________ 3. Information security system ________ 4. Risk management ________.
0 Views
View Answer
86) Information security management systems (ISMS) have which of the following objectives? A) Confidentiality B) Integrity C) Availability D) All of the above are correct. 87) A well-known standard for information security management systems development is A) SOX. B) ISO 27000. C) COBIT. D) both B and C 88) An example of fraud indicators is A) mismatch in an inventory count. B).
0 Views
View Answer
55) The information security management system is an organizational ________ ________ ________ that controls special risks associated with computer-based information systems. 56) The method of risk assessment for computer systems where system vulnerabilities and threats are listed and subjectively ranked is known as the ________ approach. 57) The Treadway Commission has linked.
0 Views
View Answer
11) Accounting data entered into an Accounting Information System must be in the form of debits and credits. 12) Sophisticated information systems can capture system events and their attributes. 13) Bar coding is a manual identification technique used in a real-time system. 14) Bar coding is an automatic identification technique used in a.
0 Views
View Answer
75) ________ is a form of social engineering in which one impersonates another typically in a phone call or electronic communication. 76) ________ is a form of social engineering which is aimed directly at tricking victims into giving information, money, or other valuable assets to perpetrators. 77) ________ ________ includes unnoticed intruders,.
0 Views
View Answer
116) Disaster risk management is concerned with A) the prevention of disasters. B) the layered-access approach to security. C) contingency planning. D) Answers A and C are both correct. 117) The first step in managing disaster risk is A) to obtain business interruption insurance. B) disaster prevention. C) contingency planning. D) to analyze and list recovery priorities. 118) Which of.
0 Views
View Answer
54) The use of ________ control over the entire data processing input-process-output sequence is fundamental to organizational independence. 55) The use of programmed edit checks to discriminate among acceptable data is called ________ ________ auditing. 56) Using ________ ________ can compensate for the loss of manual internal controls. 57) ________ ________ input sales.
0 Views
View Answer
98) Alberta Products Company updates their accounts receivable master file each day. The EDP department uses the son-father-grandfather retention of master files. A computer operator accidentally destroyed the most recent accounts receivable master file by using the purchase transaction file to update it. The operator now has today's correct transaction.
0 Views
View Answer
129) Discuss three behavioral issues that should be considered when implementing an internal control plan. 130) Give five examples of ways a company may be exposed to excessive costs. 131) Discuss why a fraud examiner needs to be educated in the fields of accounting, law, and criminology to properly perform a fraud.
0 Views
View Answer
11) Fraud detection is often an imperfect process. 12) Type 1 error occurs when a fraud indicator fails to signal fraud. 13) Type 2 errors result in unnecessary fraud investigations. 14) Total fraud cost is defined as the summation of costs of prevention, costs of investigations, costs of detections, and costs of losses. 15).
0 Views
View Answer
41) Expert qualifications include things such as race, gender, and social status. 42) Earnings management is always illegal and can never be justified by GAAP. 43) Managers can legally manipulate or manage reported financial statement figures within GAAP. 44) Stock option is an executive mechanism to prevent financial statement fraud. 45) Internal auditors should.
0 Views
View Answer
116) Which of the following procedures would deter the lapping of accounts receivable? A) Segregation of accounting duties B) Training cashiers to follow strict procedures for making change C) Performing reconciliations on a register-by-register basis and separately for each cashier shift D) Limiting employee after-hours access to company resources 117) The fraud scheme that involves.
0 Views
View Answer
31) In the health insurance sector, the Gramm-Leach-Bliley Act, requires federal agencies that oversee the health insurance sector to implement regulatory standards aimed at protecting the security of critical information resources. 32) GASB statement #34 requires utility companies to maintain business continuity plans. 33) Criminal Code 301.2(1) makes it a federal crime.
0 Views
View Answer
165) When devising its disaster recovery plan, a company should have a detailed set of recovery strategies and procedures. What are five considerations that should be covered by the company's recovery strategies and procedures? 166) Discuss how U.S. law has addressed the issue of information systems fraud. 167) Discuss the information security.
0 Views
View Answer
78) A data editing routine that compares data with acceptable values is a A) limit test. B) table lookup. C) financial total check. D) valid code check. 79) A data editing routine that compares numeric data input within a range is a(n) A) table lookup. B) hash total check. C) limit test. D) internal label test. 80) An extra digit.
0 Views
View Answer
  1) Fraud examination and fraud investigation both refer to the application of accounting and other specialized skills to the prevention, detection, investigation, correction, and reporting of fraud. 2) Fraud prevention requires implementing control checklists that contain items such as firewalls and anti-virus software. 3) The ISO 27000 family of standards has over.
4 Views
View Answer
68) Fundamental controls over data transfer between user departments and data processing include A) batch control totals. B) data transfer registers. C) activity file totals. D) Answers A and B are both correct. 69) Input data should be accompanied by the completion of a(n) A) data transfer log. B) input document control form. C) data transfer register. D) key.
0 Views
View Answer
63) Content analysis determines the ________ of computer files and electronic communications. 64) Locating and extracting data of interest from computer-storage devices is known as a(n) ________ ________. 65) ________ ________ represents the gaining of access to files or communications that are encrypted or protected by passwords. 66) Pulling the plug can defeat.
0 Views
View Answer
21) A transmission acknowledgment reports in detail the items in the received message. 22) A functional acknowledgment acknowledges receipt of the message and reports in detail the items in the received message. 23) An input document control form documents real-time totals of input data transmitted between user departments and the data processing.
0 Views
View Answer
126) A flying-start site A) is the most commonly adopted option for companies with disaster recovery plans. B) usually cannot be made operational within 24 hours. C) involves mirroring of transactions at the primary site, followed by transmission of data to the backup site. D) is arranged through a service bureau. 127) After a planning.
0 Views
View Answer
86) A significant benefit of the quantitative approach to risk assessment is that A) often the most likely threat to occur is not the one with the largest exposure. B) the relevant cost of the loss's occurrence is an estimate. C) the likelihood of a given failure requires predicting the future. D) the approach.
0 Views
View Answer
21) Malware can be hidden in email, downloaded software, disk or Web browser. 22) Hacker methods include social engineering, direct observation, electronic interception, and exploits. 23) Direct observation includes shoulder surfing and piggybacking. 24) Direct observation includes shoulder surfing and dumpster diving. 25) In general, vulnerabilities arise from improperly installed or configured software and.
0 Views
View Answer
126) Metaluna, Inc., is a new software company that recently began operations in 2003. Metaluna's stock is publicly traded. Listed below are several statements made recently by the CEO and Chairman of the Board of Metaluna at a directors meeting. Required: Please comment on each statement in light of the requirements.
0 Views
View Answer
146) In general, ________ arise from improperly installed or configured software and from unforeseen defects or deficiencies in the software. A) exploits B) virtualizations C) vulnerabilities D) exposures 147) Sabotage is a(n) ________ threat. A) active B) passive C) direct D) second layer 148) Input ________ is an example of a system attack method. A) vector B) manipulation C) hacking D) buffer 149) ________ involves.
0 Views
View Answer
21) A fraud theory provides answers to the basic question regarding who, what, when, where, how, and why. 22) Physical and document evidence include things such as fingerprints, trace evidence, and forged or incriminating documents. 23) Physical and document evidence include audio or video recordings of suspects' activities. 24) Evidence should be collected.
0 Views
View Answer
73) The method that involves beginning with a source document and following the related transaction through the entire accounting cycle is called ________. 74) The method that begins with numbers in accounts and follows them backward to the source documents is called ________. 75) ________ ________ are individuals who specialize in analyzing.
0 Views
View Answer
106) Individuals who respond more to audio stimuli typically A) look down and to the left when recalling information. B) look up and to the left when recalling information. C) look down and to the right when recalling information. D) look up and to the right when recalling information. 107) How many written confessions should.
0 Views
View Answer
  1) An information security system has the basic elements of any information system: hardware, software, databases, procedures, and reports. 2) The objective of the first phase of the security system life cycle is to design risk control measures such as various security measures and contingency plans. 3) One of the duties of.
6 Views
View Answer
130) Describe the similarities and differences between financial statement fraud and financial statement manipulation. 131) Describe procedures or activities that a company can implement to minimize financial statement fraud. 132) You have been hired by your client to investigate an alleged fraud case. Due to the complex nature of your client's transactions,.
1 Views
View Answer
160) You've been hired as the chief security officer of your company. Before long, you learn that one of the operators has been making changes to the accounts receivable database. Upon this discovery, the employee is immediately terminated. Required: List three procedures that you should implement to prevent this problem from happening.
0 Views
View Answer
31) Invigilation is a technique used by fraud investigators to authenticate documentation. 32) A well-prepared interview conducted by a skilled interviewer can sometimes result in a confession that completely unwinds a complicated case. 33) Calibration is part of the fraud triangle. 34) Polygraphs may sometimes be used to detect dishonesty in fraud investigations. 35).
0 Views
View Answer
128) Presented below is a list of terms relating to the different types of evidence and the evidence collection process, followed by definitions of those terms. Required: Match the letter next to each definition with the appropriate term. Each answer will be used only once. ________ 1. Observation ________ 2. Invigilation ________ 3. Surveillance ________.
0 Views
View Answer
31) Few manual processing systems are batch oriented. 32) Batch processing is economical when large numbers of transactions must be processed. 33) Batch processing can only be performed using random-accessed (i.e., direct or indexed) file updating. 34) A sequentially organized master file commonly resides on a direct-access storage device. 35) When preparing the transaction.
0 Views
View Answer
41) Sequential-access file updating is simpler than random-access file updating. 42) An accounts receivable control file is a summary of the accounts receivable by type of account, such as "installment" or "net 30 days." 43) The last step in the cash remittance processing of customer payments by check is to restrictively endorse.
0 Views
View Answer
129) Presented below is a list of terms relating to fraud schemes, followed by definitions of those terms. Required: Match the letter next to each definition with the appropriate term. Each answer will be used only once. ________ 1. Sales skimming ________ 2. Bid rigging frauds ________ 3. Payroll fraud ________ 4. Fraudulent cost-plus billing ________.
1 Views
View Answer
108) Which application would not be ideally suited to processing by an OLRS system? A) Payroll B) On-line reservations C) Inventory control D) Customer accounts 109) A technology that is not typically used in a real-time sales system is A) bar coding. B) sequential file processing. C) a POS system. D) an EDI ordering system. 110) A retail sales Point-of-Sale.
0 Views
View Answer
96) Physical and document evidence include A) fingerprints. B) trace evidence. C) forged document. D) all of the above 97) A signed confession is A) a court-admissible evidence. B) protected under the umbrella of attorney-client privilege. C) a physical evidence. D) not admissible in court. 98) Evidence is collected in the following order: A) Observations, physical and document evidence, and interviews. B).
0 Views
View Answer
88) Three technologies make extended supply-chain systems feasible. Which of the below is not one? A) XML-type data generation B) POS system C) Bar coding for automatic identification D) EDI ordering system 89) A transaction log that is "tagged" means that A) it has been catalogued in the EDP library. B) it is full and cannot hold.
0 Views
View Answer
168) The main group of international standards for information security is ISO/IEC 27000 series published by the International Organization for Standardization (ISO). ISO/IEC 27002 addresses over 5,000 controls categorized under 12 categories. Discuss 10 of the 12 categories that should be used as a general guide by any company considering.
0 Views
View Answer
53) ________ ________ ________ typically involves an employee pocketing cash but not recording its collection. 54) The solution in preventing lapping of accounts receivable is ________ ________ ________ ________. 55) ________ ________ typically involves using a stolen customer check to make a payment on account. 56) ________ ________ ________ ________ may occur when.
0 Views
View Answer
96) Sometimes computer programs are used to commit acts of sabotage. A destructive program masquerading as a legitimate one is called a A) logic bomb. B) worm. C) virus. D) Trojan horse. 97) Sometimes computer programs are used to commit acts of sabotage. A computer program that actually grows in size as it infects more.
0 Views
View Answer
41) In a denial of service attack, an intruder is denied access to an organization's Web site after the intruder attempts to break through its firewalls and proxy server countermeasures. 42) In most organizations, accounting, computing, and data processing are all organized under the controller. 43) Employees should be laid off or.
0 Views
View Answer
157) Presented below is a list of terms relating to accounting information systems, followed by definitions of those terms. Required: Match the letter next to each definition with the appropriate term. Each answer will be used only once. ________ 1. Biometric hardware authentication ________ 2. Archive bit ________ 3. Trapdoor ________ 4. Consensus-based protocol ________ 5..
0 Views
View Answer