Chapter 8 part 1

Question 1

1. Involves the creation of roles, processes, and formal reporting relationships in an organization
2. Includes establishing departmental relationships
3. Involves personnel reporting structures, such as chain of command and approval levels

Answer 1

Organizational design

Question 2

Separates the four basic functions of even processing:
Function 1: authorizing events
Function 2: executing events
Function 3: recording events
Function 4: safeguarding resources resulting from consummating events

Answer 2

Segregation of duties

Question 3

PREVENTS UNAUTHORIZED EXECUTION OF EVENTS and helps PREVENT FRAUD by ensuring that ONLY VALID EVENTS are recorded

Answer 3

Segregation of duties control

Question 4

Requires that different units (departments) carry out each of the four phases of event processing

Answer 4

Ideal segregation

Question 5

Would need to occur between one or more persons (or departments) to exploit the system and conceal abuse

Answer 5

Collusion

Question 6

A plan or process to guide actions and achieve goals. Can guide behavior towards actions that achieve desired goals

Answer 6

Policy

Question 7

Can compel behaviors and enforce penalties

Answer 7

Laws

Question 8

Identify the skill requirements needed in employees to accomplish the firms goals

Answer 8

Personnel planning control plans

Question 9

Forecast the number of employees needed in each position, take turnover into consideration, and develop a strategy for filling necessary positions

Answer 9

Management control plans

Question 10

Requires an employee to alternate jobs periodically

Answer 10

Rotation of duties

Question 11

Requires an employee to take leave from the job and substitutes another employee in her or her place

Answer 11

Forced vacations

Question 12

Indemnifies a company in case it suffers losses from defalcations committed by its employees. Employees who have access to cash and other negotiable assets are usually bonded

Answer 12

Fidelity bond

Question 13

Management assessment to determine whether control plans are functioning appropriately

Answer 13

Monitoring

Question 14

Monitoring consists of:

Answer 14

1. Putting controls in place to periodically follow up on the operation of control plans. Determine a BASELINE to know when a control is operating effectively, to identify if there is a CHANGE in a process or a control plan, and to periodically TEST that a control is operating
2. Ensuring that appropriate communications of control weaknesses occur

Question 15

Monitoring control plans vs normal control plans

Answer 15

1. A normal control plan only serves to DETECT AND CORRECT ERRORS
2. Monitoring control plans lead to the identification of the ROOT CAUSE OF THE ERROR

Question 16

Process that ensures the enterprises IT SUPPORTS the organizations strategies and objectives and PROTECTS the organizations assets

Answer 16

IT governance

Question 17

IT departments responsibility:

Answer 17

IT department is responsible for making the applications work to the satisfaction of the users