Search
Info
Warning
Danger

Study Resources (Accounting)

11) What are the five essential components of an effective internal control system listed in COSO Internal Control-Integrated Framework? 12) What factors are part of the control environment? 13) List and describe the control activities for mitigating financial, operational, and compliance controls risks. .
0 Views
View Answer
Objective 1 1) Well-designed databases and queries determine whether accounting professionals are able to retrieve accurate accounting data. 2) The database design impact how well the database serves the needs of the enterprise. 3) The database integrity rule Referential Integrity states that field values must be from a predefined domain. 4) The database integrity.
3 Views
View Answer
35) Which stage of the ABC methodology of software development focusses on the features common to most accounting systems? A) Baseline stage B) Analysis stage C) Design stage D) Customization stage 36) Which stage of the ABC methodology of software development focusses on the meeting the specific needs of the particular company? A) Install stage B) Build.
0 Views
View Answer
Objective 4 1) COBIT provides high-level strategic guidance for meeting overall internal control objectives. 2) While COSO is a broad framework for internal control in general, COBIT provides the detailed IT processes necessary to provide IT controls for monitoring and evaluating the IT environment. 3) In the COBIT framework, which IT.
0 Views
View Answer
14) What is a microcomputer? A) A computer with moderate computing power B) A personal computer or laptop C) A smart phone D) A powerful, high-speed computer used for complex numerical calculations 15) Which of the following is a computer input device? A) Touch screen B) Plotter C) Speakers D) Flash drive 16) Which routing device connects the enterprise's intranet.
0 Views
View Answer
21) How can a risk management philosophy provide consistency in risk attitudes throughout an organization? A) By anticipating all possible risks B) By providing event specific examples C) By being well-developed and articulated D) By setting employee expectations 22) Strategic objectives, also called ________, establish an organization's purpose. A) Mission B) Goal C) Vision D) A and C 23) Strategic.
0 Views
View Answer
11) In which phase of the SDLC is a need identified that a new system would address? A) Design B) Analyze C) Build D) Plan 12) Which phase in the SDLC typically takes the longest? A) Buy/Build B) Deploy C) Plan D) Design 13) Which activity is a cross-life-cycle activity? A) Testing B) Presentations C) Documentation D) B and C 14) Which of the activities.
0 Views
View Answer
14) What percent of electronic records breached were in the financial services industry? A) 84% B) 89% C) 93% D) 97% 15) What percent of the breaches in the financial services industry were tied to organized crime? A) 34% B) 66% C) 84% D) 90% 16) What percent of breaches were aided by significant errors? A) 45% B) 67% C) 78% D) 87% 17) What.
0 Views
View Answer
Objective 1 1) Most occupational frauds are committed by the accounting department or upper management. 2) The typical fraud lasts three years before it is detected. 3) Tips are the most likely means of detecting fraud. 4) Accounting professionals often refer to the fraud triangle as incentive/opportunity/rationalization. 5) ________ focuses on managing when.
3 Views
View Answer
Objective 3 1) Risk assessment is the acceptable level of variation in attaining objectives. 2) In ERM risk assessment, possibility may refer to assessing likelihood using a quantitative measure, such as percentages. 3) When risk responses are being considered, the costs and benefits of options may play a major role in the final.
0 Views
View Answer
Objective 5 1) Increasingly the expectation is that the auditor and the IT professional learn more about the other's field. 2) Internal controls for the accounting system are incomplete without IT controls. 3) Application controls ensure completeness and accuracy of transaction processing, authorization, and validity. 4) Input controls ensure data is processed properly. 5).
0 Views
View Answer
15) Which of the following is not a dimension in an ERM cube? A) ERM resources B) ERM objectives C) ERM components D) ERM units 16) Which of the following is not part of the ERM units? A) Subsidiary B) Entity-level C) Operations D) Division 17) Which ERM category relates to the effective and efficient use of a corporation's resources? A).
0 Views
View Answer
Objective 1 1) The IT used in the accounting system can actually create vulnerabilities to cyberattacks of this confidential data. 2) Personal data, such as home address and credit card number, are stored on hotel card keys. 3) ________ developed the 10-domain Common Body of Knowledge (CBK) for IT security and controls. 4).
4 Views
View Answer
31) What is risk tolerance? Provide an example. 32) What are the important questions to ask when assessing a risk's impact? 33) What are the important questions to ask with assessing a risk's likelihood of occurring? 34) Assessment techniques used to assess risk are grouped into two categories. What are these categories? Define.
0 Views
View Answer
Objective 1 1) Accounting professionals are often the end users of the accounting system. 2) Database developers design and write the software for applications, such as accounting software. 3)  System development life cycle is the order and timing of when the SDLC phases are completed. 4) ________ uses techniques to organize and streamline.
4 Views
View Answer
46) What project management activities are typically conducted in the planning phase of the SDLC? 47) List and define the categories in Weatherbe's PIECES framework for problem analysis. 48) After the system design phase is complete, the system proposal is submitted to the client for approval. What information is included in the.
1 Views
View Answer
11) How long does the typical fraud last before being detected? A) Six months B) One year C) Two years D) Three years 12) What percentage for frauds are detected by tips? A) 33% B) 36% C) 46% D) 56% 13) Earnings management focuses on managing when revenues and expenses are recorded in order to favorably reflect a company's financial.
0 Views
View Answer
11) In ERM risk assessment, ________ may refer to assessing likelihood using qualitative measures, such as high, medium, or low. 12) In ERM risk assessment, ________ may refer to assessing likelihood using a quantitative measure, such as percentages. 13) In the context of enterprise risk management, ________ refers to the process.
0 Views
View Answer
Objective 1 1) Controls are risk driven, so understanding risk is a prerequisite to the appreciation and application of control. 2) Risk intelligence moves beyond just managing risk to using risk intelligently to create value for the enterprise. 3) Enterprise risk management (ERM) goes beyond just security and controls. 4) Identifying, assessing, and.
2 Views
View Answer
Objective 4 1) To understand cybersecurity and how to evaluate whether cybersecurity is adequate for an accounting system, a basic understanding of IT architecture is not needed. 2) Application software are computer programs used for managing computer hardware. 3) Wide area networks (WANs) cover a large geographic region, such as the lower.
0 Views
View Answer
11) What are the three phases for documenting control HotSpots? 12) What are the steps for building a HotSpot DFD? Books Ga'Lore! Shipping DFD 13) Using the Books Ga'Lore! shipping DFD, create an event-agent-datastore-control table. 14) Document the preventive and detective controls on the Books Ga'Lore! shipping DFD. .
0 Views
View Answer
Objective 2 1) The COSO Enterprise Risk Management framework replaces the COSO framework for internal control. 2) ERM Operational objectives relate to goals that support the entity's mission. 3) It is possible for a company to be 100% risk free. 4) ________ is a COSO framework that provides guidance for managing risk..
0 Views
View Answer
15) Document the risk level of the HotSpots on the Books Ga'Lore! shipping DFD. The following coding is used for the HotSpot DFD: - Red identifies the greatest risk (HotSpots). -Yellow is for significant risk (warm). - Green identifies areas with adequate controls (cool). Books Ga'Lore! Invoice DFD 16) Using the Books Ga'Lore! invoice.
0 Views
View Answer
11) Which principle in the Code of Ethics for internal auditors states that they are to respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so? A) Confidentiality B) Competency C) Objectivity D) Integrity 12) Which Rule.
1 Views
View Answer
Objective 6 1) Application controls for business processes cannot be documented using DFDs. 2) Internal controls are an integral part of business processes and the accompanying accounting transaction cycles. 3) Control ________ are control weaknesses. Match the DFD symbol to the name. A) Agent B) Dataflow C) Datastore D) Process 4) 5) 6) 7) 8) When.
0 Views
View Answer
Objective 4 1) The SDLC provides a common language for communicating with programmers, system analysts, database administrators, and other IT professionals engaged in accounting system development. 2) The plan phase of a SDLC involves designing new system models to satisfy user requirements, either by creating a new model or by modifying.
0 Views
View Answer
11) Database modeling consists of preparing a pictorial representation of the accounting database. 12) Design feasibility includes operational, economic, technical, schedule, cultural, and risk feasibility of the proposed IT architecture for the new system. 13) Economic feasibility assesses the probability of successful implementation and use of the new system, including any.
1 Views
View Answer
Objective 6 1) A ________ is a hardware device containing a password generator protocol that creates a new password each time the token is used. 2) Which access control threat are programs or devices that examine traffic on the enterprise network? A) Password attack B) Network sniffer C) Identify theft D) Spoofing at log-on 3) Which.
0 Views
View Answer
Objective 3 1) The system development life cycle lists what steps to complete. 2) The waterfall methodology of software development consists of two stages: Baseline and Customization. 3) In the prototyping methodology of software development, all the user requirements are gathered and analyzed before the product is built. 4) A ________ determines the specific.
0 Views
View Answer
4) Laws related to cybersecurity originate from legislation, regulations, and case law. 5) The civil code, legislation passed by federal or state legislatures specifying civil penalties, is enforced by governmental agencies with monetary penalties and prison sentences. 6) ________ are crimes connected to information assets and IT. 7) ________ relates to the laws.
0 Views
View Answer
Objective 2 1) If the internal audit revealed any significant deficiencies, it is not required to be disclosed by the signing officers of the company. 2) The SOX legislation basically requires management of privately held companies must assess and report on the effectiveness of internal controls for financial reporting using a recognized.
0 Views
View Answer
Objective 3 1) Physical controls ensure appropriate information processing, authorization, and data integrity. 2) To comply with SOX, companies must use a framework for evaluating internal control. 3) The COSO ________ provides a blueprint for implementing an internal control system to assist in ensuring the reliability of financial statements and compliance with Sarbanes-Oxley.
0 Views
View Answer
Objective 4 1) Sustainability practices offer a solution to reduce risk. 2) Effective implementation of ERM requires a robust discussion of the potential impact of not mitigating risks and the likelihood that the risk will impact the organization. 3) ________ practices offer a solution to reduce risk. 4) Focusing on ________ operations reduces.
0 Views
View Answer
Objective 5 1) The network administrator must know how to identify potential vulnerabilities and troubleshoot effectively. 2) ________ is the electrical transmission of data through analog or digital transmission media. 3) Network cyberattacks typically target ________ because they offer access to the network. 4) ________ firewall is a special type of firewall located.
0 Views
View Answer
Objective 3 1) Information security consists of the policies and procedures required to secure information assets, including IT hardware, software, and stored data. 2) In the private sector, data with this classification requires higher than normal security measures to ensure data integrity and security. A) Confidential B) Sensitive C) Private D) Public 3) In the.
0 Views
View Answer
7) What is a denial-of-service attack? A) A hacker tracks customer transactions and steals customer payments or redirect goods to a different shipping address B) A hacker uses the e-commerce client application to access the enterprise's financial system for fraudulent purposes C) A hacker overloads the enterprise's bandwidth, effectively shutting down the Web.
0 Views
View Answer
11) The company where you work is implementing risk management for spreadsheets. This includes adding a user log and change log to each spreadsheet. A co worker complains to you about having this information attached to spreadsheets. How do you explain the purpose of the these logs? 12) The company where.
0 Views
View Answer
21) A ________ analysis identifies any difference between the specifications of the baseline accounting system and the enterprise-specific user requirements. 22) According to Weatherbe's PIECES framework for problem analysis, a problem that relates to system issues, such as system availability, is classified as a ________ problem. Match the category in Weatherbe's.
0 Views
View Answer
Chapter Extension 10A 1) The ________ of internal auditors establishes trust and thus provides the basis for reliance on their judgment. Match the internal auditors code of ethics principle to the appropriate definition. A) Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority.
0 Views
View Answer
11) Which software methodology more closely reflects the methodology used in practice today for most systems development? A) Prototyping methodology B) ABC methodology C) Spiral methodology D) Waterfall methodology 12) Which of the following is an advantage of the ABC methodology of software development over the waterfall methodology? A) It more closely reflects the methodology used.
0 Views
View Answer