Filters
Question type
Study Flashcards

List three pairs of system functions that should be separated in the centralized computer services organization. Describe a risk exposure if the functions are not separated. Functions to Separate Risk Exposure __________________________ __________________________ __________________________ __________________________ __________________________ __________________________

Correct Answer

verifed

verified

separate systems development from data p...

View Answer

Discuss the key features of Section 302 of the Sarbanes-Oxley Act.

Correct Answer

verifed

verified

Section 302 requires corporate managemen...

View Answer

Computer fraud can take on many forms, including each of the following except


A) theft or illegal use of computer-readable information
B) theft, misuse, or misappropriation of computer equipment
C) theft, misuse, or misappropriation of assets by altering computer-readable records and files
D) theft, misuse, or misappropriation of printer supplies

Correct Answer

verifed

verified

The most common access point for perpetrating computer fraud is at the data collection stage.

Correct Answer

verifed

verified

Tests of controls include


A) confirming accounts receivable
B) counting inventory
C) completing questionnaires
D) counting cash

Correct Answer

verifed

verified

The PCAOB's standard No. 5 specifically requires auditors to understand transaction flows in designing their test of controls. What steps does this entail?

Correct Answer

verifed

verified

This involves:
1. Selecting the financia...

View Answer

The same internal control objectives apply to manual and computer-based information systems.

Correct Answer

verifed

verified

What is program fraud?

Correct Answer

verifed

verified

Program fraud involves making ...

View Answer

Which of the following is not true?


A) Management may outsource their organizations' IT functions, but they cannot outsource their management responsibilities for internal control.
B) Section 404 requires the explicit testing of outsourced controls.
C) The SAS 70 report, which is prepared by the outsourcer's auditor, attests to the adequacy of the vendor's internal controls.
D) Auditors issue two types of SAS 70 reports: SAS 70 Type I report and SAS 70 Type II report.

Correct Answer

verifed

verified

What are commodity IT assets?

Correct Answer

verifed

verified

Commodity IT assets are not unique to a ...

View Answer

All of the following are recommended features of a fire protection system for a computer center except


A) clearly marked exits
B) an elaborate water sprinkler system
C) manual fire extinguishers in strategic locations
D) automatic and manual alarms in strategic locations

Correct Answer

verifed

verified

Name three forms of computer fraud.

Correct Answer

verifed

verified

Computer fraud includes:
The theft, misu...

View Answer

What primary IT functions must be separated in a centralized firm?

Correct Answer

verifed

verified

separate systems development f...

View Answer

Prior to SOX, external auditors were required to be familiar with the client organization's internal controls, but not test them. Explain.

Correct Answer

verifed

verified

Auditors had the option of not relying o...

View Answer

For most companies, which of the following is the least critical application for disaster recovery purposes?


A) month-end adjustments
B) accounts receivable
C) accounts payable
D) order entry/billing

Correct Answer

verifed

verified

The database administrator should be separated from systems development.

Correct Answer

verifed

verified

Which organizational structure is most likely to result in good documentation procedures?


A) separate systems development from systems maintenance
B) separate systems analysis from application programming
C) separate systems development from data processing
D) separate database administrator from data processing

Correct Answer

verifed

verified

Briefly explain how a SSAE 16 report is used in assessing internal controls of outsourced facilities.

Correct Answer

verifed

verified

The internal controls over the outsource...

View Answer

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

Correct Answer

verifed

verified

Explain how IT outsourcing can lead to loss of strategic advantage.

Correct Answer

verifed

verified

Alignment between IT strategy and busine...

View Answer

Showing 41 - 60 of 129

Related Exams

Exam 1

The Information System: an Accountants Perspective

96 Questions

Exam 2

Introduction to Transaction Processing

119 Questions

Exam 3

Ethics, Fraud, and Internal Control

161 Questions

Exam 4

The Revenue Cycle

119 Questions

Exam 5

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

111 Questions

Exam 6

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

94 Questions

Exam 7

The Conversion Cycle

102 Questions

Exam 8

Financial Reporting, and Management Reporting Systems

94 Questions

Exam 9

Database Management Systems

105 Questions

Exam 10

The Rea Approach to Business Process Modeling

76 Questions

Exam 11

Enterprise Resource Planning Systems

96 Questions

Exam 12

Electronic Commerce Systems

111 Questions

Exam 13

Managing the Systems Development Life Cycle

93 Questions

Exam 14

Construct, Deliver, and Maintain Systems Projects

92 Questions

Exam 16

IT Controls Part II: Security and Access

96 Questions

Exam 17

IT Controls Part III: Systems Development, Program Changes, and Application Controls

67 Questions

Show Answer