Chapter 7 Flashcards Preview

Accounting Information Systems > Chapter 7 > Flashcards

Flashcards in Chapter 7 Deck (53)
Loading flashcards...
1
Q

why are threats to accounting information systems increasing

A

Many companies do not realize that data security is crucial to their survival

2
Q

a control procedure designed so that the employee that records cash received from customers does not also have access to the cash itself is an example of a

A

preventative control

3
Q

Identify the preventative control

A

a) reconciling the bank statement to the cash control account
b) approving customer credit prior to approving a sales order
c) maintaining frequent backup records to prevent loss of data
d) counting inventory on hand and comparing counts to the perpetual inventory records

B

4
Q

according to Sarbanes-Oxley Act of 2002, the audit committee of the board of directors is directly responsible for

A

hiring and firing external auditors

5
Q

what measures can be taken to protect a company from AIS threats

A
  1. take a proactive approach to eliminate threats
  2. detect threats that do occur
  3. correct and recover from threats that do occur
6
Q

Internal control is often referred as what, because it permeates an organization’s operating activities and is an integral part of management activities

A

process

7
Q

duplicate checking of calculations is an example of what kind of control

A

detective

8
Q

procedures to resubmit rejected transactions are an example of what kind of control

A

corrective

9
Q

which type of control is associated with making sure an organization’s control environment is stable

A

general

10
Q

which type of control prevents, detects, and corrects transaction errors and fraud

A

application

11
Q

the primary purpose of the Foreign Corrupt Practices Act of 1977 was

A

to prevent the bribery of foreign officials by American companies

12
Q

What was not an important change introduced by the Sarbanes-Oxley Act of 2002

A

new rules for information systems development

13
Q

measures company progress by comparing actual performance to planned performance

A

diagnostic control system

14
Q

helps top level managers with high level activities that demand frequent and regular attention

A

interactive control system

15
Q

Sarbanes-Oxley Act applies to whom

A

all publicly traded companies

16
Q

measures, monitors, and compares actual company progress to budgets and performance goals

A

diagnostic control system

17
Q

describes how a company creates value, helps employees understand management’s vision, communicates company core values, and inspires employees to live by those rules

A

belief system

18
Q

helps employees act ethically by setting boundaries on employee behavior

A

boundary system

19
Q

helps managers to focus subordinates’ attention on key strategic issues and to be more involved in their decisions

A

interactive control system

20
Q

COSO framework that improves the risk management process by expanding COSO’s Internal Control–Integrated

A

Enterprise Risk Management (ERM)

21
Q

which of the following is not a component of COSO ERM

A

a) monitoring
b) control environment
c) risk assessment
d) compliance with federal, state, or local laws

D

22
Q

The COSO Enterprise Risk Management Integrated Framework stresses that

A

risk management activities are an inherent part of all business operations and should be considering during strategy setting

23
Q

T or F: the COSO ERM contains all five of the same COSO Integrated Framework components

A

TRUE

24
Q

how many principles are in the updated COSO integrated framework

A

17

25
Q

how many principles are in the updated COSO integrated framework

A

17

26
Q

Why was COSO integrated control framework updating in 2013 from 1992

A

to more effectively address technological advancements

27
Q

COBIT 5 key principles

A
  1. Meeting Stakeholder needs
  2. Covering the enterprise end-to-end
  3. Applying a single, integrated framework
  4. Enabling a holistic approach
  5. Separating governance from management
28
Q

COBIT 5 framework primarily relates to

A

best practices and effective governance and management of organizational assets

29
Q

Applying COBIT 5 framework governance is the responsibility of

A

the board of directors

30
Q

applying the COBIT 5 framework monitoring is the responsibility of

A

CEO, CFO, and board of directors

31
Q

what is not a factor of internal environment according to the COSO ERM framework

A

analyzing past financial performance and reporting

32
Q

the audit committee of the board of directors

A

provides checks and balances on management

33
Q

reducing management layers, creating self directed work teams, and emphasizing continuous improvement are all related to which aspect of internal enviornment

A

organizational structure

34
Q

the SEC and FASB are best described as external influences that directly affect an organization’s

A

internal environment

35
Q

an attribute that is not apart of the COSO ERM framework internal environment is

A

restricting access to assets

36
Q

according to ERM, these help the company address all applicable laws and regulations

A

compliance objectives

37
Q

using the COSO definition of an event, and event repressents

A

uncertainty

38
Q

using the COSO definition of an event, and event repressents

A

uncertainty

39
Q

is not a risk response identified in the COSO ERM framework

A

Monitoring

40
Q

a publicly traded company were three best friends serve as its key officers

A

increases the risk associated with an audit

41
Q

how is expected loss calculated

A

Impact X likelihood

42
Q

According to COSO ERM framework he risk assessment process does not include

A

reporting potential risks to auditors

43
Q

independent checks on performance do not include

A

data input validation checks

44
Q

one of the key objectives of segregating duties is to

A

make sure that different people handle different parts of the same transaction

45
Q

approving accounting software change requests and testing production scheduling software changes

A

is an example of coupling duties that do not violate the segregation of duties

46
Q

a document that shows all projects that must be completed and the related IT needs in order to achieve long range company goals is known as a

A

strategic master plan

47
Q

this is created to guide and oversee systems development and acquisition

A

steering committee

48
Q

shows how a project will be completed, including tasks and who will perform them as well as a timeline and cost estimates

A

project development plan

49
Q

which component of the COSO ERM integrated framework is concerned with understanding how transactions are initiated, data are captured and processed, and information reported

A

information and communication

50
Q

COSO requires that any internal deficiencies identified through monitoring be reported to whom

A

the board of directors

51
Q

to ensure compliance with copyrights and to protect itself from software piracy lawsuits, companies should

A

periodically conduct software audits

52
Q

something not monitored by a responsibility accounting system

A

vendor analysis

53
Q

budgets quotas and quality standards

A

are monitored by a responsibility accounting system