Info
Warning
Danger

Study Resources (Accounting)

179. Application controls include input, processing, and output controls. One type of input control is source document controls.  Briefly explain the importance of each of the following source document controls: Form design, Form authorization and control, and Retention of source documents. 180. Explain how control totals such as record counts, batch totals, and hash.
8 Views
View Answer
- CHAPTER 4 – SHORT ANSWER QUESTIONS 151. What is the difference between general controls and application controls?  152. Is it necessary to have both general controls and application controls to have a strong system of internal controls?  153. What kinds of risks or problems can occur if an organization does not.
5 Views
View Answer
- CHAPTER 4 – SHORT ESSAY 175. Categorize each of the following as either a general control or an application control:  a. validity check b. encryption c. security token d. batch total e. output distribution f. vulnerability assessment g. firewall h. antivirus software 176. Each of the given situations is independent of the other. For each, list the programmed.
6 Views
View Answer
77.This form of encryption uses a public key, which is known by everyone, to encrypt data, and a private key, to decode the data. A.Multiple encryptions B.Public key encryption C.Wired encryption D.Symmetric encryption 78.This encryption method, used with wireless network equipment, is symmetric in that both the sending and receiving network nodes must use the.
6 Views
View Answer
TEXTBOOK – CHAPTER 3 – END OF CHAPTER QUESTIONS 111.The careful and responsible oversight and use of the assets entrusted to management is called: A.Control environment. B.Stewardship. C.Preventive control. D.Security. 112.Which of the following is not a condition in the fraud triangle? A.Rationalization B.Incentive C.Conversion D.Opportunity 113.There are many possible indirect benefits to management when management fraud occurs. Which of the.
8 Views
View Answer
157.Identify whether each of the following activities represents preventative controls, detective controls, or corrective controls: •Job rotation – •Preparation of a bank reconciliation – •Segregation of duties – •Recalculating totals on computer reports – •Use of passwords – •Preparing batch totals for check processing – •Establishing a code of ethics – •Use of a security guard – •Verifying source documents.
12 Views
View Answer
117.Internal controls over the input, processing, and output of accounting applications are called: A.Accounting Controls B.Application Controls C.Network Controls D.LAN Controls 118.This type of control is intended to ensure the accuracy and completeness of data input procedures and the resulting data: A.Input Controls B.Internal Controls C.Processing Controls D.Output Controls 119.This type of control is intended to ensure the accuracy and.
7 Views
View Answer
126. Why do corporate leaders see their jobs as more risky since the Sarbanes-Oxley Act became effective?  127. Which governing body holds the top position of management oversight?  128. Identify two ways that companies are making efforts to improve the financial stewardship of their managers.  129. How can IT departments assist corporate.
10 Views
View Answer
- CHAPTER 5 - TRUE / FALSE 1.Research indicates that companies who stress corporate governance tend to be rewarded with higher rates of return and a lower cost of capital. 2.The high cost related to corporate governance far outweighs any of the related benefits. 3.The purpose of corporate governance is to encourage the.
16 Views
View Answer
- CHAPTER 5 – END OF CHAPTER QUESTIONS 94.Which of the following is not considered a component of corporate governance? A.Board of Directors Oversight B.IRS Audits C.Internal Audits D.External Audits 95.Good corporate governance is achieved when the interests of which of the following groups are balanced? A.Internal auditors and external auditors B.Shareholders and regulators C.Shareholders, the corporation, and the.
7 Views
View Answer
67.This type of authentication uses some unique physical characteristic of the user to identify the user and allow the appropriate access to the system. A.Nonrepudiation card B.Biometric device C.Configuration table D.Computer log 68.Which of the following is not an example of physical characteristics being used in biometric devices? A.Retina scans B.Fingerprint matching C.Social security number D.Voice verification 69.There are.
6 Views
View Answer
- CHAPTER 4 - MULTIPLE CHOICE 57.Unchecked risks and threats to the IT could result in: A.An interruption of the computer operations B.Damage to an organization C.Incorrect or incomplete accounting information D.All of the above 58.In order to master risks and controls and how they fit together, which of the following is NOT one of the.
6 Views
View Answer
76.The establishment of the SEC and the enactment of securities laws were responses to: A.The stock market crash of 1929 and the Great Depression of the 1930s B.Market pressures during the 1980s C.Increased inflation and cost of capital during the 1970s D.High-profile accounting scandals in the early 2000s 77.This legislation was enacted in an effort.
8 Views
View Answer
156. Why should an organization be concerned about repudiation of sales transactions by the customer?  157. A firewall should inspect incoming and outgoing data to limit the passage of unauthorized data flow.  Is it possible for a firewall to restrict too much data flow?  158. How does encryption assist in limiting unauthorized.
8 Views
View Answer
153.Think of a job you have held, and consider whether the control environment was risky or conservative. Describe which you chose and why. 154.Identify the steps involved in risk assessment. Do you think it would be effective for an organization to hire external consultants to develop its risk assessment plan? 155.Discuss the.
5 Views
View Answer
135.Name the COSO report’s five internal controls activities. 136. Distinguish between general and specific authorization. 137.Due to cost/benefit considerations, many business organizations are unable to achieve complete segregation of duties. What else could they do to minimize risks? 138.Why is a policies and procedures manual considered an element of internal control? 139.Why does a.
7 Views
View Answer
121. Identify the six financial matters that must be certified by a company’s top officers under the requirements of Section 302 of the Sarbanes-Oxley Act. 122. Explain the relationship between Section 401 of the Sarbanes-Oxley Act and the concept of transparency.  123. Explain the difference between management’s responsibility and the company’s external auditors’.
5 Views
View Answer
- CHAPTER 5 - MULTIPLE CHOICE 36.Which of the following groups would use factors such as those that affect the supply and demand of corporate leaders and tend to emphasize the importance of motivating leaders through the use of incentive programs as part of their definition of corporate governance? A.Financiers B.Economists C.Accountants D.Lawyers 37.This group of.
6 Views
View Answer
66.A special obligation of trust, especially with respect to the finances of another, is called: A.Financial Stewardship B.Fiscal Transparency C.Fiduciary Duty D.Internal Controls 67.Within the corporate environment, this term means that management has been entrusted with the power to manage the assets of the corporation, which are owned by the shareholders. A.Fiscal Transparency B.Fiduciary C.Stewardship D.Accuracy 68.The manner in which.
6 Views
View Answer
86.This section of the Sarbanes-Oxley Act requires management assessment and reporting of the company’s internal controls. A.Section 404 B.Section 409 C.Section 301 D.Section 201 87.This section of the Sarbanes-Oxley Act requires that auditors include, as part of their audit procedures, an attestation to the internal control report prepared by management. A.Section 404 B.Section 409 C.Section 301 D.Section 201 88.This section.
5 Views
View Answer
189. Visit the AICPA website at www.aicpa.org. Search for the terms “WebTrust” and “SysTrust.” Describe these services and the role of Trust Services Principles in these services. 190. Using a search site, look up the terms “disaster recovery,” along with “9/11.” The easiest way to search for both items together is.
8 Views
View Answer
130.Describe three popular program manipulation techniques. 131.Distinguish between Internet spoofing and e-mail spoofing. 132.What are the objectives of a system of internal control? 133.Name and distinguish among the three types of internal controls. 134.Identify the COSO report’s five interrelated components of internal controls.   .
6 Views
View Answer
21.Non-audit services are now prohibited because of the potential to impair the auditor’s objectivity. 22.Even though non-audit services are prohibited by Sarbanes-Oxley, the auditor may perform income tax services for their audit clients if they are pre-approved by the CEO. 23.The auditors report directly to the Board of Directors. 24.The Audit Committee is.
6 Views
View Answer
- CHAPTER 4 – PROBLEMS 182. Explain why an organization should establish and enforce policies for its IT systems in the following areas regarding the use of passwords for log-in: a.Length of password. b.The use of numbers or symbols in passwords. c.Using common words or names as passwords. d.Rotation of passwords. e.Writing passwords on paper or sticky.
4 Views
View Answer
TEXTBOOK – CHAPTER 3 – SHORT ESSAY 148.What possible motivation might a business manager have for perpetrating fraud? 149.Discuss whether any of the following can be examples of customer fraud: •An employee billed a customer twice for the same transaction. •A customer remitted payment in the wrong amount. •A customer received merchandise in.
6 Views
View Answer
161. What is the difference between business continuity planning and disaster recovery planning? 162. How can a redundant array of independent disks (RAID) help protect the data of an organization?  163. What kinds of duties should be segregated in IT systems?  164. Why do you think the uppermost managers should serve on.
7 Views
View Answer
TEXTBOOK – CHAPTER 3 – PROBLEMS 156.Identify whether each of the following accounting positions or duties involves authorization, recording, or custody: •cashier •payroll processor •credit clerk •mailroom clerk •data entry clerk •deliver paychecks •deliver the bank deposit •prepare the bank reconciliation •check signer •inventory warehouse supervisor •staff accountant   .
6 Views
View Answer
185. Control totals include batch totals, hash totals, and record counts. Which of these totals would be useful in preventing or detecting IT system input and processing errors or fraud described as follows? a.A payroll clerk accidentally entered the same time card twice. b.The accounts payable department overlooked an invoice and did not enter.
6 Views
View Answer
21.The longer the encryption key is bits; the more difficult it will be to break the code. 22.The longest encryption keys are 128 bits. 23.Encryption is more important for dial-up networks than for wireless networks. 24.Using a unique service set identifier (SSID) makes it more difficult for an outsider to access the wireless.
9 Views
View Answer
107.The accuracy, completeness, and timeliness of the process in IT systems are referred to as: A.Availability Risks B.Security Risks C.Confidentiality Risks D.Processing Integrity Risks 108.The software that controls the basic input and output activities of the computer are called: A.Operating System B.Application Software C.Data Base Management System D.Electronic Data Interchange 109.Unauthorized access to the operating system would allow the unauthorized.
8 Views
View Answer
97.General controls for an IT system include: A.Controls over the physical environment only. B.Controls over the physical access only. C.Controls over the physical environment and over the physical access. D.None of the above. 98.A battery to maintain power in the event of a power outage meant to keep the computer running for several minutes after.
8 Views
View Answer
- CHAPTER 5 – SHORT ANSWER QUESTIONS 106. Why is tone at the top so important to corporate governance?  107. Why do you think companies that practice good corporate governance tend to be successful in business?  108. Which stakeholder group (internal or external) is more likely to be affected by corporate governance, and.
6 Views
View Answer
127.The data preparation procedures are to be well-defined so that employees will be sure of: A.Which forms to use B.When to use them C.Where to route them D.All of the above 128.Field check, limit check, range check and sequence check are all examples of: A.Input Validation Checks B.Source Document Controls C.Control Reconciliation D.Application Controls 129.This type of input validation check.
6 Views
View Answer
51. The form authorization and control includes the requirement that source documents should be prenumbered and are to be used in sequence. 52.Once the data from the source documents have been keyed into the computer, the source document can be destroyed. 53.With the proper training of employees and the adequate controls, it.
7 Views
View Answer
111. How can internal auditors maintain independence, since they are employees of the company? 112. Identify the four functions of the corporate governance process.  113. Describe the key connection between tone at the top and management oversight.  114. Explain the connection between fiduciary duty and financial stewardship.  115. Why is it.
7 Views
View Answer
116. What is the primary difference between the Securities Act of 1933 and the Securities Exchange Act of 1934?  117. Why did the SEC establish the PCAOB?  118. Why can auditors no longer be involved in helping their audit clients establish accounting information systems?  119. Under what conditions are auditors permitted to.
5 Views
View Answer
- CHAPTER 4 – END OF CHAPTER QUESTIONS: 138.Internal controls that apply overall to the IT system are called: A.Overall Controls B.Technology Controls C.Application Controls D.General Controls 139.In entering client contact information in the computerized database of a telemarketing business, a clerk erroneously entered nonexistent area codes for a block of new clients.  This error rendered.
5 Views
View Answer
87.This type of software should be used to avoid destruction of data programs and to maintain operation of the IT system.  It continually scans the system for viruses and worms and either deletes or quarantines them. A.Penicillin Software B.Antivirus Software C.Infection Software D.Internet Software 88.The process of proactively examining the IT system for weaknesses that.
6 Views
View Answer
56.This governing group is the federal regulatory agency responsible for protecting the interests of investors by making sure that public companies provide complete and transparent financial information: A.COSO B.SEC C.FASB D.IASB 57.This governing group created the framework for internal controls evaluations: A.COSO B.SEC C.FASB D.IASB 58.It is necessary that certain stakeholders remain independent related to the corporation’s financial reporting.  Which.
8 Views
View Answer
11.To increase the effectiveness of login restrictions, user Ids must be unique for each user. 12.To increase the effectiveness of login restrictions, passwords must be unique for each user. 13.Biometric devises use unique physical characteristics to identify users.  The most common method used is retina scans. 14.There are a number of methods described.
15 Views
View Answer
31.To the extent possible, IT systems should be installed in locations away from any location likely to be affected by natural disasters. 32.It is not necessary to control the humidity and temperature in the location where the computer system is housed. 33.Disaster recovery planning is a proactive plan to protect IT systems.
6 Views
View Answer
TEXTBOOK – CHAPTER 3 – SHORT ANSWER QUESTIONS 125.Management is held accountable to various parties, both internal and external to the business organization. To whom does management have a stewardship obligation and to whom does it have reporting responsibilities? 126.If an employee made a mistake that resulted in a loss of.
8 Views
View Answer
46.The internal stakeholders who own a portion of the corporation are called: A.Directors B.Shareholders C.Audit Board D.Executives 47.This group of stakeholders should have the highest level of authority related to the company’s objectives and strategies.  Elected by the shareholders, it’s role is to align the interests of the shareholders and management. A.Audit Committee B.Internal Auditors C.Board of.
6 Views
View Answer
41.Controlling access to the operating system is critical because that access opens access to any data or program within the system. 42.A database is often less open to unauthorized access than the physical, paper records, because the database has fewer access points. 43.The workstations and the network cabling and connections represent spots.
8 Views
View Answer
140.Many companies have mandatory vacation and periodic job rotation policies. Discuss how these practices can be useful in strengthening internal controls. 141.Name the objectives of an effective accounting system. 142.What does it mean when information flows “down, across, and up the organization”? 143. Provide examples of continuous monitoring and periodic monitoring. 144.What are the.
7 Views
View Answer
11.Even though the people and organizations within a community are not directly related to a corporation, they would still be considered one of the stakeholders. 12.Internal auditors should not allow any financial connections to influence the decisions they make about the company’s financial statements or disclosures. 13.Good management oversight involves leaders who.
10 Views
View Answer