IF You Want To Purchase A+ Work Then
Click The Link Below , Instant Download
Accounting
Information Systems, 12e (Romney/Steinbart)
Chapter 7 Control
and Accounting Information Systems
1)
What is one reason why AIS threats are increasing?
A)
LANs and client/server systems are easier to control than centralized,
mainframe systems.
B)
Many companies do not realize that data security is crucial to their survival.
C)
Computer control problems are often overestimated and overly emphasized by management.
D)
Many companies believe that protecting information is a strategic requirement.
2)
Which of the following is not one of the risk responses identified in
the COSO Enterprise Risk Management Framework?
A)
Monitoring
B)
Avoidance
C)
Acceptance
D)
Sharing
3)
A control procedure designed so that the employee that records cash received
from customers does not also have access to the cash itself is an example of
a(n)
A)
preventive control.
B)
detective control.
C)
corrective control.
D)
authorization control.
4)
At a movie theater box office, all tickets are sequentially prenumbered. At the
end of each day, the beginning ticket number is subtracted from the ending
number to calculate the number of tickets sold. Then, ticket stubs collected at
the theater entrance are counted and compared with the number of tickets sold.
Which of the following situations does this control detect?
A)
Some customers presented tickets purchased on a previous day when there wasn't
a ticket taker at the theater entrance (so the tickets didn't get torn.)
B)
A group of kids snuck into the theater through a back door when customers left
after a show.
C)
The box office cashier accidentally gives too much change to a customer.
D)
The ticket taker admits his friends without tickets.
5)
At a movie theater box office, all tickets are sequentially prenumbered. At the
end of each day, the beginning ticket number is subtracted from the ending
number to calculate the number of tickets sold. Cash is counted and compared
with the number of tickets sold. Which of the following situations does this
control detect?
A)
Some customers presented tickets purchased on a previous day when there wasn't
a ticket taker at the theater entrance (so the tickets didn't get torn.)
B)
A group of kids snuck into the theater through a back door when customers left
after a show.
C)
The box office cashier accidentally gives too much change to a customer.
D)
The ticket taker admits his friends without tickets.
6)
Which of the following is an example of a preventive control?
A)
approving customer credit prior to approving a sales order
B)
reconciling the bank statement to the cash control account
C)
counting inventory on hand and comparing counts to the perpetual inventory
records
D)
maintaining frequent backup records to prevent loss of data
7)
Independent checks on performance include all the following except
A)
data input validation checks.
B)
reconciling hash totals.
C)
preparing a trial balance report.
D)
supervisor review of journal entries and supporting documentation.
8)
A computer operator is allowed to work as a programmer on a new payroll
software project. Does this create a potential internal control problem?
A)
Yes, the computer operator could alter the payroll program to increase her
salary.
B)
Yes, this is a potential problem unless the computer operator is
supervised by the payroll manager.
C)
No, ideal segregation of duties is not usually possible, and operators are
often the best at programming changes and updates.
D)
No, as long as the computer operator separately accounts for hours worked in
programming and in operations.
9)
One of the objectives of the segregation of duties is to
A)
make sure that different people handle different parts of the same transaction.
B)
ensure that no collusion will occur.
C)
make sure that different people handle different transactions.
D)
achieve an optimal division of labor for efficient operations.
Page
Ref: 196
10)
Pam is a receptionist for Dunderhead Paper Co., which has strict corporate
policies on appropriate use of corporate resources. The first week of August,
Pam saw Michael, the branch manager, putting pencils, pens, erasers, paper and
other supplies into his briefcase on his way out the door. This situation best
reflects a weakness in which aspect of internal environment, as discussed in
the COSO Enterprise Risk Management Framework?
A)
Integrity and ethical values
B)
Risk management philosophy
C)
Restrict access to assets
D)
Methods of assigning authority and responsibility
Page
Ref: 189
11)
Which of the following statements is true?
A)
Internal auditors, rather than external auditors, can conduct evaluations of
effectiveness of Enterprise Risk Management processes.
B)
Re-adding the total of a batch of invoices and comparing the total with the
first total you calculated is an example of an independent check.
C)
Requiring two signatures on checks over $20,000 is an example of segregation of
duties.
D)
Although forensic specialists utilize computers, only people can accurately
identify fraud.
Page
Ref: 201
12)
Of the following examples of fraud, which will be the most difficult to
prevent and detect? Assume the company enforces adequate segregation of duties.
A)
Jim issues credit cards to him and Marie, and when the credit card balances are
just under $1,000, Marie writes off the accounts as bad debt. Jim then issues
new cards.
B)
An employee puts inventory behind the dumpster while unloading a vendor's
delivery truck, then picks up the inventory later in the day and puts it in her
car.
C)
A mail room employee steals a check received from a customer and destroys the
documentation.
D)
The accounts receivable clerk does not record sales invoices for friends or
family, so they can receive free goods.
Page
Ref: 197
13)
According to The Sarbanes-Oxley Act of 2002, the audit committee of the board
of directors is directly responsible for
A)
hiring and firing the external auditors.
B)
performing tests of the company's internal control structure.
C)
certifying the accuracy of the company's financial reporting process.
D)
overseeing day-to-day operations of the internal audit department.
Page
Ref: 186
14)
Go-Go Corporation, a publicly traded company, has three brothers who serve as
President, Vice President of Finance and CEO. This situation
A)
increases the risk associated with an audit.
B)
must be changed before your audit firm could accept the audit engagement.
C)
is a violation of the Sarbanes-Oxley Act.
D)
violates the Securities and Exchange Act.
Page
Ref: 193
15)
Which of the following is a control related to design and use of documents and
records?
A)
Sequentially prenumbering sales invoices
B)
Comparing physical inventory counts with perpetual inventory records
C)
Reconciling the bank statement to the general ledger
D)
Locking blank checks in a drawer or safe
Page
Ref: 199
16)
Which of the following duties could be performed by the same individual without
violating segregation of duties controls?
A)
Approving accounting software change requests and testing production scheduling
software changes
B)
Programming new code for accounting software and testing accounting software
upgrades
C)
Approving software changes and implementing the upgraded software
D)
Managing accounts payable function and revising code for accounting software to
more efficiently process discount due dates on vendor invoices
Page
Ref: 198
17)
With a limited work force and a desire to maintain strong internal control,
which combination of duties would result in the lowest risk exposure?
A)
Updating the inventory subsidiary ledgers and recording purchases in the
purchases journal
B)
Approving a sales return on a customer's account and depositing customers'
checks in the bank
C)
Updating the general ledger and working in the inventory warehouse
D)
Entering payments to vendors in the cash disbursements journal and entering
cash received from customers in the cash receipts journal
Page
Ref: 196-197
18)
Which of the following is not a factor of internal environment according
to the COSO Enterprise Risk Management Framework?
A)
Analyzing past financial performance and reporting
B)
Providing sufficient resources to knowledgeable employees to carry out duties
C)
Disciplining employees for violations of expected behavior
D)
Setting realistic targets for long-term performance
Page
Ref: 188
19)
Which of the following suggests a weakness in a company's internal environment?
A)
The audit committee regularly meets with the external auditors.
B)
The Board of Directors is primarily independent directors.
C)
The company has an up-to-date organizational chart.
D)
Formal employee performance evaluations are prepared every three years.
Page
Ref: 191
20)
Which of the following statements about internal environment is false?
A)
Management's attitudes toward internal control and ethical behavior have only
minimal impact on employee beliefs or actions.
B)
Supervision is especially important in organizations that cannot afford
elaborate responsibility reporting or are too small to have adequate
segregation of duties.
C)
An overly complex or unclear organizational structure may be indicative of more
serious problems.
D)
A written policy and procedures manual is an important tool for assigning
authority and responsibility.
Page
Ref: 189
21)
Which of the following is not a reason for the increase in security
problems for AIS?
A)
Confidentiality issues caused by interlinked inter-company networks
B)
Difficult to control distributed computing networks
C)
Increasing efficiency resulting from more automation
D)
Increasing numbers of information systems and users
22)
One reason why many organizations do not adequately protect their systems is
because
A)
control problems may be overestimated by many companies.
B)
productivity and cost cutting cause management to forgo implementing and
maintaining internal controls.
C)
control technology has not yet been developed.
D)
all of the above
23)
Accountants must try to protect the AIS from threats. Which of the following
would be a measure that should be taken?
A)
Take a proactive approach to eliminate threats.
B)
Detect threats that do occur.
C)
Correct and recover from threats that do occur.
D)
All of the above are proper measures for the accountant to take.
24)
The process that a business uses to safeguard assets, provide accurate and
reliable information, and promote and improve operational efficiency is known
as
A)
a phenomenon.
B)
internal control.
C)
an AIS threat.
D)
a preventive control.
25)
Safeguarding assets is one of the control objectives of internal control. Which
of the following is not one of the other control objectives?
A)
providing accurate and reliable information
B)
promoting operational efficiency
C)
ensuring that no fraud has occurred
D)
encouraging adherence to management policies
26)
Internal control is often referred to as a(n) ________, because it permeates an
organization's operating activities and is an integral part of management
activities.
A)
event
B)
activity
C)
process
D)
system
27)
Which of the following is accomplished by corrective controls?
A)
Identify the cause of the problem.
B)
Correct the resulting errors.
C)
Modify the system to prevent future occurrences of the problem.
D)
All of the above are accomplished by corrective controls.
28)
Duplicate checking of calculations is an example of a ________ control, and
procedures to resubmit rejected transactions is an example of a ________
control.
A)
corrective; detective
B)
detective; corrective
C)
preventive; corrective
D)
detective; preventive
29)
What is not a corrective control procedure?
A)
Identify the cause of a problem.
B)
Deter problems before they arise.
C)
Correct resulting errors or difficulties.
D)
Modify the system so that future problems are minimized or eliminated.
30)
________ controls are designed to make sure an organization's control
environment is stable and well managed.
A)
Application
B)
Detective
C)
General
D)
Preventive
31)
________ controls prevent, detect and correct transaction errors and fraud.
A)
Application
B)
Detective
C)
General
D)
Preventive
32)
The primary purpose of the Foreign Corrupt Practices Act of 1977 was
A)
to require corporations to maintain a good system of internal control.
B)
to prevent the bribery of foreign officials by American companies.
C)
to require the reporting of any material fraud by a business.
D)
All of the above are required by the act.
33)
Congress passed this federal law for the purpose of preventing financial
statement fraud, to make financial reports more transparent and to strengthen
the internal control of public companies.
A)
Foreign Corrupt Practices Act of 1977
B)
The Securities Exchange Act of 1934
C)
The Sarbanes-Oxley Act of 2002
D)
The Control Provision of 1998
34)
Which of the following is not one of the important aspects of the
Sarbanes-Oxley Act?
A)
The creation of the Public Company Accounting Oversight Board
B)
New rules for auditors and management
C)
New roles for audit committees
D)
New rules for information systems development
Page
Ref: 186
35)
A(n) ________ helps employees act ethically by setting limits beyond which an
employee must not pass.
A)
boundary system
B)
diagnostic control system
C)
interactive control system
D)
internal control system
36)
A(n) ________ measures company progress by comparing actual performance to
planned performance.
A)
boundary system
B)
diagnostic control system
C)
interactive control system
D)
internal control system
37)
A(n) ________ helps top-level managers with high-level activities that demand
frequent and regular attention.
A)
boundary system
B)
diagnostic control system
C)
interactive control system
D)
internal control system
38)
This control framework addresses the issue of control from three vantage
points: business objectives, information technology resources, and information
technology processes.
A)
ISACA's control objectives for information and related technology
B)
COSO's internal control framework
C)
COSO's enterprise risk management framework
D)
none of the above
Page
Ref: 186
39)
This control framework's intent includes helping the organization to provide
reasonable assurance that objectives are achieved and problems are minimized,
and to avoid adverse publicity and damage to the organization's reputation.
A)
ISACA's control objectives for information and related technology
B)
COSO's internal control framework
C)
COSO's enterprise risk management framework
D)
none of the above
Page
Ref: 187
40)
The COSO Enterprise Risk Management Framework includes eight components. Which
of the following is not one of them?
A)
control environment
B)
risk assessment
C)
compliance with federal, state, or local laws
D)
monitoring
Page
Ref: 188
41)
Which of the following is not one of the eight interrelated risk and
control components of COSO Enterprise Risk Management Framework?
A)
Internal environment
B)
Monitoring
C)
Risk response
D)
Event assessment
Page
Ref: 188
42)
The COSO Enterprise Risk Management Integrated Framework stresses that
A)
risk management activities are an inherent part of all business operations and
should be considered during strategy setting.
B)
effective risk management is comprised of just three interrelated components;
internal environment, risk assessment, and control activities.
C)
risk management is the sole responsibility of top management.
D)
risk management policies, if enforced, guarantee achievement of corporate
objectives.
Page
Ref: 187
43)
Which of the following would be considered a "red flag" for problems
with management operating style if the question were answered "yes"?
A)
Does management take undue business risks to achieve its objectives?
B)
Does management attempt to manipulate performance measures such as net income?
C)
Does management pressure employees to achieve results regardless of the
methods?
D)
All of the above statements would raise "red flags" if answered
"yes."
Page
Ref: 189
44)
Which component of the COSO Enterprise Risk Management Integrated Framework is
concerned with understanding how transactions are initiated, data are captured
and processed, and information is reported?
A)
Information and communication
B)
Internal environment
C)
Event identification
D)
Objective setting
Page
Ref: 201
45)
The COSO Enterprise Risk Management Integrated Framework identifies four
objectives necessary to achieve corporate goals. Objectives specifically
identified include all of the following except
A)
implementation of newest technologies.
B)
compliance with laws and regulations.
C)
effective and efficient operations.
D)
reliable reporting.
Page
Ref: 192
46)
The audit committee of the board of directors
A)
is usually chaired by the CFO.
B)
conducts testing of controls on behalf of the external auditors.
C)
provides a check and balance on management.
D)
does all of the above.
Page
Ref: 189
47)
The audit committee is responsible for
A)
overseeing the internal control structure.
B)
overseeing the financial reporting process.
C)
working with the internal and external auditors.
D)
All of the above are responsibilities.
Page
Ref: 189
48)
The definition of the lines of authority and responsibility and the overall
framework for planning, directing, and controlling is laid out by the
A)
control activities
B)
organizational structure
C)
budget framework
D)
internal environment
Page
Ref: 190
49)
Reducing management layers, creating self-directed work teams, and emphasizing
continuous improvement are all related to which aspect of internal environment?
A)
Organizational structure
B)
Methods of assigning authority and responsibility
C)
Management philosophy and operating style
D)
Commitment to competence
Page
Ref: 190
50)
Personnel policies such as background checks, mandatory vacations, and rotation
of duties tend to deter
A)
unintentional errors.
B)
employee fraud or embezzlement.
C)
fraud by outsiders.
D)
disgruntled employees.
Page
Ref: 190-191
51)
The SEC and FASB are best described as external influences that directly affect
an organization's
A)
hiring practices.
B)
philosophy and operating style.
C)
internal environment.
D)
methods of assigning authority.
Page
Ref: 192
52)
Which attribute below is not an aspect of the COSO ERM Framework
internal environment?
A)
Enforcing a written code of conduct
B)
Holding employees accountable for achieving objectives
C)
Restricting access to assets
D)
Avoiding unrealistic expectations
Page
Ref: 188
53)
The amount of risk a company is willing to accept in order to achieve its goals
and objectives is
A)
Inherent risk
B)
Residual risk
C)
Risk appetite
D)
Risk assessment
Page
Ref: 189
54)
The risk that remains after management implements internal controls is
A)
Inherent risk
B)
Residual risk
C)
Risk appetite
D)
Risk assessment
Page
Ref: 193
55)
The risk that exists before management takes any steps to control the likelihood
or impact of a risk is
A)
Inherent risk
B)
Residual risk
C)
Risk appetite
D)
Risk assessment
Page
Ref: 193
56)
When undertaking risk assessment, the expected loss is calculated like this.
A)
Impact times expected loss
B)
Impact times likelihood
C)
Inherent risk times likelihood
D)
Residual risk times likelihood
Page
Ref: 194
57)
Generally in a risk assessment process, the first step is to
A)
identify the threats that the company currently faces.
B)
estimate the risk probability of negative events occurring.
C)
estimate the exposure from negative events.
D)
identify controls to reduce all risk to zero.
Page
Ref: 194
58)
Store policy that allows retail clerks to process sales returns for $300 or
less, with a receipt dated within the past 60 days, is an example of
A)
general authorization.
B)
specific authorization.
C)
special authorization.
D)
generic authorization.
Page
Ref: 196
59)
Corporate policy that requires a purchasing agent and purchasing department
manager to sign off on asset purchases over $1,500 is an example of
A)
general authorization.
B)
specific authorization.
C)
special authorization.
D)
generic authorization.
Page
Ref: 196
60)
A document that shows all projects that must be completed and the related IT
needs in order to achieve long-range company goals is known as a
A)
performance evaluation.
B)
project development plan.
C)
data processing schedule.
D)
strategic master plan.
Page
Ref: 198
61)
A ________ is created to guide and oversee systems development and acquisition.
A)
performance evaluation
B)
project development plan
C)
steering committee
D)
strategic master plan
Page
Ref: 198
62)
A ________ shows how a project will be completed, including tasks and who will
perform them as well as a timeline and cost estimates.
A)
performance evaluation
B)
project development plan
C)
steering committee
D)
strategic master plan
Page
Ref: 198
63) Which of the
following is not a violation of the Sarbanes-Oxley Act (SOX)? The
management at Folding Squid Technologies
A) asked their
auditors to make recommendations for the redesign of their information
technology system and to aid in the implementation process.
B) hired the
manager from the external audit team as company CFO twelve months after the
manager had worked on the audit.
C) selected the
company's Chief Financial Officer to chair the audit committee.
D) did not
mention to auditors that the company had experienced significant losses due to
fraud during the past year.
Page
Ref: 186
64) The
Sarbanes-Oxley Act (SOX) applies to
A) all companies
with gross annual revenues exceeding $500 million.
B)
publicly held companies with gross annual revenues exceeding $500 million.
C)
all private and publicly held companies incorporated in the United States.
D)
all publicly held companies.
65) Chuck Hewitt
was relaxing after work with a colleague at a local watering hole. Well into
his second martini, he began expressing his opinions about his company's
budgeting practices. It seems that, as a result of "budget handcuffs"
that require managers to explain material deviations from budgeted
expenditures, his ability to creatively manage his department's activities have
been curtailed. The level of control that the company is using in this case is
a
A) boundary
system.
B) belief
system.
C) interactive
control system.
D) diagnostic
control system.
66) Chuck Hewitt
was relaxing after work with a colleague at a local watering hole. Well into
his second martini, he began expressing his opinions about his work
environment. It seems that, as a result of "feminazi" interference,
the suggestive banter that had been prevalent in the workplace during his youth
was no longer acceptable. He even had to sit through a sexual harassment
workshop! The level of control that the company is using in this case is a
A) boundary
system.
B) belief
system.
C) interactive
control system.
D) diagnostic
control system.
67) River
Rafting Adventures of Iowa provides rafts and tour guides to tourists eager to
ride the wild rivers of Iowa. Management has determined that there is one
chance in a thousand of a client being injured or killed. Settlement of
resulting lawsuits has an average cost of $650,000. Insurance with a $50,000
deductible is available. It covers the costs of lawsuits, unless there is
evidence of criminal negligence. What is the impact of this risk without
insurance?
A) $50,000
B) $650,000
C) $650
D) $50
Page
Ref: 194
68) River
Rafting Adventures of Iowa provides rafts and tour guides to tourists eager to
ride the wild rivers of Iowa. Management has determined that there is one
chance in a thousand of a client being injured or killed. Settlement of
resulting lawsuits has an average cost of $650,000. Insurance with a $50,000
deductible is available. It covers the costs of lawsuits, unless there is
evidence of criminal negligence. What is the expected loss without insurance?
A) $50,000
B) $650,000
C) $650
D) $50
Page
Ref: 194
69) River
Rafting Adventures of Iowa provides rafts and tour guides to tourists eager to
ride the wild rivers of Iowa. Management has determined that there is one
chance in a thousand of a client being injured or killed. Settlement of resulting
lawsuits has an average cost of $650,000. Insurance with a $50,000 deductible
is available. It covers the costs of lawsuits, unless there is evidence of
criminal negligence. What is the expected loss with insurance?
A) $50,000
B) $650,000
C) $650
D) $50
Page
Ref: 194
70) River
Rafting Adventures of Iowa provides rafts and tour guides to tourists eager to
ride the wild rivers of Iowa. Management has determined that there is one
chance in a thousand of a client being injured or killed. Settlement of
resulting lawsuits have an average cost of $650,000. Insurance with a $50,000
deductible is available. It covers the costs of lawsuits, unless there is
evidence of criminal negligence. Based on cost-benefit analysis, what is the
most that the business should pay for the insurance?
A) $500
B) $650
C) $600
D) $50
Page
Ref: 194
71)
Due to data errors occurring from time to time in processing the Albert
Company's payroll, the company's management is considering the addition of a
data validation control procedure that is projected to reduce the risk of these
data errors from 13% to 2%. The cost of the payroll reprocessing is estimated
to be $11,000. The cost of implementing the data validation control procedure
is expected to be $700. Which of the following statements is true?
A)
The data validation control procedure should be implemented because its net
estimated benefit is $510.
B)
The data validation control procedure should be implemented because its cost of
$700 is less than the payroll reprocessing cost of $1,430.
C)
The data validation control procedure should not be implemented because its
cost of $700 exceeds the expected benefit by $480.
D)
The data validation control procedure should not be implemented because its net
estimated benefit is a negative $1,210.
Page
Ref: 194
72)
The organization chart for Geerts Corporation includes a controller and an
information processing manager, both of whom report to the vice president of
finance. Which of the following would be a control weakness?
A)
Assigning the programming and operating of the computer system to an
independent control group which reports to the controller
B)
Providing for maintenance of input data controls by an independent control
group which reports to the controller
C)
Periodically rotating assignment of application processing among machine
operators, who all report to the information processing manager
D)
Providing for review and distribution of system-generated reports by an
independent control group which reports to the controller
Page
Ref: 198
73) Global
Economic Strategies, L.L.D., has been diligent in ensuring that their
operations meet modern control standards. Recently, they have extended their
control compliance system by incorporating policies and procedures that require
the specification of company objectives, uncertainties associated with
objectives, and contingency plans. They are transitioning from a ________ to a
________ control framework.
A)
COSO-Integrated Framework; COBIT
B) COBIT;
COSO-Integrated Framework
C) COBIT;
COSO-ERM
D)
COSO-Integrated Framework; COSO-ERM
E) COSO-ERM;
COBIT
Page
Ref: 187-188
74) FranticHouse
Partners, L.L.C., does home remodeling and repair. All employees are bonded, so
the firm's risk exposure to employee fraud is
A) reduced.
B) shared.
C) avoided.
D) accepted.
Page
Ref: 193
75) FranticHouse
Partners, L.L.C., does home remodeling and repair. The firm does not accept
jobs that require the installation of slate or copper roofing because these
materials often require costly post-installation services. The firm's risk
exposure to costly post-installation services is
A) reduced.
B) shared.
C) avoided.
D) accepted.
Page
Ref: 193
76)
According to the COSO Enterprise Risk Management Framework, the risk assessment
process incorporates all of the following components except
A)
reporting potential risks to auditors.
B)
identifying events that could impact the enterprise.
C)
evaluating the impact of potential events on achievement of objectives.
D)
establishing objectives for the enterprise.
Page
Ref: 193
77) Ferdinand
Waldo Demara was known as the great imposter. He had an astounding ability to
convince people that he was who he truly was not. He worked as a naval officer,
physician, college teacher, prison warden, and other jobs without any of the
prerequisite qualifications. By not diligently checking references, the
organizations fooled by Demara (including the Canadian Navy) apparently chose
to ________ the risk of fraud.
A) reduce
B) share
C) avoid
D) accept
Page
Ref: 193
78) Which of the
following is an independent check on performance?
A) The
Purchasing Agent physically reviews the contents of shipments and compares them
with the purchase orders he has placed.
B) Production
teams perform quality evaluations of the products that they produce.
C) The General
Manager compares budgeted amounts with expenditure records from all
departments.
D) Petty cash is
disbursed by Fred Haynes. He also maintains records of disbursements, places
requests to finance to replace expended funds, and periodically reconciles the
petty cash balance.
Page
Ref: 200
79) Petty cash
is disbursed by the Fred Haynes in the Cashier's Office. He also maintains
records of disbursements, places requests to the Finance Department to replace
expended funds, and periodically reconciles the petty cash balance. This
represents a(an) ________ segregation of duties.
A) effective
B) ideal
C) ineffective
D) limited
Page
Ref: 196
80) Hiring
decisions at Frazier's Razors are made by Sheila Frazier, the Director of Human
Resources. Pay rates are approved by the Vice President for Operations. At the
end of each pay period, supervisors submit time cards to Sheila, who prepares
paycheck requisitions. Paychecks are then distributed through the company's
mail room. This represents a(an) ________ segregation of duties.
A) effective
B) partial
C) ineffective
D) limited
Page
Ref: 196
81) Change
management refers to
A) disbursement
controls on petty cash.
B) operational
controls applied to companies after mergers or acquisitions.
C) replacement
of upper management and their introduction to the organization.
D) controls
designed to ensure that updates in information technology do not have negative
consequences.
Page
Ref: 199
82) The Director
of Information Technology for the city of Bumpkiss, Minnesota, formed a company
to sell computer supplies and software. All purchases made on behalf of the
City were made from his company. He was later charged with fraud for
overcharging the City, but was not convicted. The control issue in this case
arose because the Director had both ________ and ________ duties.
A) custody;
authorization
B) custody;
recording
C) recording;
authorization
D) management;
custody
Page
Ref: 196
83)
According to the ERM, these help the company address all applicable laws and
regulations.
A)
Compliance objectives
B)
Operations objectives
C)
Reporting objectives
D)
Strategic objectives
Page
Ref: 192
84)
According to the ERM, high level goals that are aligned with and support the
company's mission are
A)
compliance objectives.
B)
operations objectives.
C)
reporting objectives.
D)
strategic objectives.
Page
Ref: 192
85)
According to the ERM, these deal with the effectiveness and efficiency of
company operations, such as performance and profitability goals.
A)
Compliance objectives
B)
Operations objectives
C)
Reporting objectives
D)
Strategic objectives
Page
Ref: 192
86)
According to the ERM, these objectives help ensure the accuracy, completeness
and reliability of internal and external company reports.
A)
Compliance objectives
B)
Operations objectives
C)
Reporting objectives
D)
Strategic objectives
Page
Ref: 192
87)
Which of the following is not a risk reduction element of a disaster
recovery plan?
A)
Identification of alternate work site
B)
Off-site storage of backup files and programs
C)
Documentation of procedures and responsibilitie
D)
Adequate casualty insurance
Page
Ref: 193
88)
Describe the differences between general and specific authorization.
89)
Explain how a company could be the victim of fraud, even if ideal segregation
of duties is enforced.
90)
Classify each of the following controls as preventive, detective, or
corrective.
Periodic
bank reconciliation
Separation
of cash and accounting records
Maintaining
backup copies of master and transaction files
Pre-numbering
of sales invoices
Chart
of accounts
Retina
scan before entering a sensitive R & D facility
Resubmission
of error transactions for subsequent processing
Internal
auditor rechecking the debits and credits on the payment voucher
Depositing
all cash receipts intact
Hiring
qualified accounting personnel
91)
Discuss four reasons why AIS threats are increasing.
92)
Explain why the Foreign Corrupt Practices Act was important to accountants.
93)
Discuss the internal environment and identify the elements that comprise the
internal environment.
94)
Explain why management's philosophy and operating style are considered to be
the most important element of the internal environment.
95)
What are some of the ways to assign authority and responsibility within an
organization?
96)
Discuss the weaknesses in COSO's internal control framework that led to the
development of the COSO Enterprise Risk Management framework.
No comments:
Post a Comment