389 Exam 2

Question 1

Internal Controls

Answer 1

Policies, plans and procedures designed to protect the assets of the company.

Question 2

Internal Control System

Answer 2

the methods used to achieve the following objectives:

• safeguarding assets
• checking the accuracy and reliability of accounting data
• promoting operational efficiency
• encouraging adherence to prescribed managerial policies.

Question 3

Threat

Answer 3

any potential adverse occurrence or unwanted event that could injure the AIS or the organization

Question 4

Exposure / Impact

Answer 4

the potential dollar loss that would occur if the threat becomes a reality

Question 5

risk / likelihood

Answer 5

the probability that the threat will occur

Question 6

Types of threats:

Answer 6

natural and political, software errors and equipment malfunction, unintentional acts, intentional acts.

Question 7

internal controls perform three important functions:

Answer 7

• preventive controls
• detective controls
• corrective controls.

Question 8

preventive controls? examples?

Answer 8

deter problems before they arise

i. e. firewall
i. e. locking doors before leaving home

Question 9

detective controls? examples?

Answer 9

discover problems when they do arise.

i. e. an alarm system. if someone were to get in your home the alarm would sound.
i. e. bank reconciliation
i. e. a trial balance making sure debits and credits balance and making sure nothing crazy is going on.

Question 10

Corrective controls? examples?

Answer 10

remedy problems that have occurred by:

identifying the cause, correcting the resulting errors, modifying the system to prevent future problems of this sort.

Question 11

What are some regulations of controls?

Answer 11

Foreign Corrupt Practices Act, COSO, SOX

Question 12

COSO meaning and what they do:

Answer 12

Committee of Sponsoring Organizations of Internal Control

• control environment
• risk assessment
• control activities
• information and communication
• monitoring

Question 13

Control environment:

Answer 13

establishes the tone of a company, influencing the control awareness of the company’s employees.

Is the general attitude towards the control environment within a company

Question 14

Factors included within the control environment are:

Answer 14

integrity, ethical values and competence of employees

management philosophy and operating style

Assignment of authority and responsibility

effectiveness of the board of directors.

Question 15

Control environment starts ___ and ___

Answer 15

at the top and works it way down.

Question 16

Risk assessment:

Answer 16

an important consideration when designing controls for a company

Question 17

Risks come from

Answer 17

internal and external sources

Question 18

Risks that may affect the accomplishment of a company’s goals and objectives should be ____

Answer 18

identified, analyzed and promptly addressed

Question 19

cost-benefit analysis

Answer 19

does the benefits of a particular control implementation outweigh the costs?

Question 20

A measure of lost should include ___

Answer 20

both the exposure and risk

Question 21

Control activities:

Answer 21

relate to the policies and procedures that help ensure that management directives are carried out in an effective manner.

Question 22

Audit trail

Answer 22

enables auditors and accountants to follow the path of a transaction

Question 23

Sound personal policies and competent employees

Answer 23

specific hiring procedures… rotation of certain key employees in different jobs, enforced vacations… regular performance reviews.

Question 24

Separation of Duties:

Answer 24

A control activity within an internal control system that essential says that one employees serves as a monitor for another employee. Keep separate custody of assets, recording transactions, and authorizing transactions.

Question 25

Separation of duties, custodial functions:

Answer 25

handling cash, inventories, tools, or fixed assets, writing checks, receiving checks in the mail

Question 26

Separation of duties, recording functions:

Answer 26

Preparing source documents, maintaining journals, ledgers or other files, preparing reconciliations, p preparing performance reports.

Question 27

separation on duties, authorization functions:

Answer 27

authorization of transactions

Question 28

collude:

Answer 28

come together.

this makes segregation of duties impotent and controls can be overridden.

Question 29

Physical protection of assets:

Answer 29

a process to safeguard inventory… how about cast?

Question 30

internal audits

Answer 30

perform periodic reviews

Question 31

opperational audits:

Answer 31

performed to evaluate the efficiency and effectiveness of that particular department

Question 32

information:

Answer 32

refers to the output of the accounting system

• it includes the methods used to record, process, summarize and report a company’s transactions and maintain accountability for assets, liabilities, and equity.

Question 33

Communication:

Answer 33

refers to providing a company’s personnel with an understanding of their role and responsibilities pertaining to internal control over financial reporting.

Question 34

Monitoring:

Answer 34

relates to the process that assesses the quality of internal control performance on continuous basis.

Question 35

examples of monitoring:

Answer 35

perform internal control evaluations, implement effective supervision, use responsibility accounting systems such as budgets, schedules, standard costs, etc., tract purchased software and mobile devices, periodic audits

Question 36

9-14 why?

a. separate cash payments from cash receipts

Answer 36

Both are custody

Question 37

9-14 why?

b. lock up signature plates

Answer 37

prevents unauthorized use

Question 38

9-14 why?

c. match invoices to receiving reports

Answer 38

ensure item was received and invoice quantity is correct

Question 39

9-14 why?

d. checks mailed by person not preparing check

Answer 39

separation of duties: person mailing may notice suspicious payments

Question 40

9-14 why?

e. match invoices to POs

Answer 40

Ensure purchase is authorized and invoice price is correct

Question 41

9-14 why?

f. keep checks under lock

Answer 41

prevent unauthorized payments

Question 42

9-14 why?

g. impress payroll account (deposit inly payroll amt.)

Answer 42

identify payroll fraud / error and limit loss

Question 43

9-14 why?

h. separate bank reconciliation from writing checks or handling cash

Answer 43

separation of duties- prevents concealing a theft by making it appear that GL cash reconciles to bank statement cash.

Question 44

9-14 why?

i. use check protector:

Answer 44

keep people from changing check amount

Question 45

9-14 why?

j. conduct surprise counts of cash

Answer 45

catch thieves who do not generate fictitious support documents at the time of the theft.

Question 46

9-14 why?

k. use approved vendors:

Answer 46

prevent vendors that are 1.) fictitious, 2.) have high prices, 3.) have poor quality products.

Question 47

9-14 why?

l. all purchases made by purchasing department

Answer 47

prevent vendors that are 1.) fictitious, 2.) have high prices, 3.) have poor quality products.

Question 48

electronic eavesdropping:

Answer 48

security risk with wireless technology

Question 49

data encryption

Answer 49

this can stop eavesdropping. this means the data is scrambled and only receiver can de-scramble

Question 50

VPN

Answer 50

Virtual private network:

security appliance that allows remote access to a company’s system.

Question 51

Security for wireless system:

Answer 51

electronic eavesdropping, data encryption, VPN

Question 52

Security for hard-wired system:

Answer 52

in distributed data processing processing, data processing is handled by many PCs

Routing verification procedures -

message acknowledgment procedures -

Question 53

in distributed data processing processing, data processing is handled by many PCs

Answer 53

PCS are linked to a central computer

Electronic eavesdropping could be a problem here as well

Question 54

Routing verification procedures

Answer 54

ensure that messages are routed to the correct computer

Header label: i.e. identify message destination

checked before acceptance of message

Question 55

message acknowledgment procedures

Answer 55

prevent loss of part of message

trailer label: i.e. data indicating message length
checked after data received

Question 56

Management is responsible for:

Answer 56

directing and controlling operations and establishing, communication, monitoring all company policies and procedures.

Question 57

security policies:

Answer 57

help protect the organization from internal and external threats

Question 58

5 components of internal control process

Answer 58

• control environment
• risk assessment
• control activities
• information and communication
• monitoring

Question 59

Types of general computer controls:

Answer 59

personnel controls, file security, backup, contingency planning, computer facility controls, access to computer files.

Question 60

file security controls:

purposes:
examples:

Answer 60

protect computer files from either accidental or intentional abuse.

i.e. external file labels, internal file labels, lockout procedures (prevents 2 applications from simultaneously updating file, read-only files

Question 61

fault-tolerant systems

purpose:
core concept:
types:

Answer 61

to tolerate computer errors and keep functioning.

Redundancy

consensus-based protocols, watchdog processor, disk mirroring or disk shadowing

Question 62

consensus-based protocols:

Answer 62

have odd number or processors, ignore incongruent processor

Question 63

watchdog processor:

Answer 63

second processor that takes over if main processor fails

Question 64

disk mirroring or disk shadowing

Answer 64

write all data to two disks

Question 65

backup procedures:

Answer 65

similar to fault-tolerant systems but not exactly the same.

Question 66

purpose of backup procedures:

Answer 66

mitigate risk of losing data before, during, or after processing work

Question 67

Grandparent-parent-child procedure:

Answer 67

a backup procedure that

keep three generations of the master file

Question 68

electronic vaulting:

Answer 68

a backup procedure that

electronically transmit data to a remote location for backup.

Question 69

contingency planning purpose:

Answer 69

ready the organization for disaster that could affect data processing capabilities

Question 70

offsite location types:

Answer 70

cold site
hot site
flying start site

Question 71

Disaster recovery plan:

Answer 71

procedures to be followed in case of an emergency

Question 72

cold site:

Answer 72

location where system could be installed quickly.

literally a room with nothing.

Question 73

hot site:

Answer 73

location with a working system.

room plus you have a site and software you just don’t have data

Question 74

flying start site:

Answer 74

hot site with backup data

location, data, system and software.

Question 75

computer facility controls purpose:

Answer 75

protect the physical assets of a data processing center

Question 76

key points of computer facility controls

Answer 76

data center location should be safe, employee access to data center should be listed, physical assets should be insured.

Question 77

access to computer files purpose:

Answer 77

safeguards sensitive data.

Question 78

key points to access to computer files

Answer 78

strong password policies, limiting logical access by authority, removing users from system after termination, limiting controlling remote login capability

Question 79

application controls:

Answer 79

controls designed to prevent errors in transaction processing

Question 80

three classifications of application controls:

Answer 80

input controls
processing controls
output controls

Question 81

types of inputs control:

Answer 81

observations

edit tests

Question 82

input controls - observation:

Answer 82

dual observation - having multiple employees involved in input process

recording safeguards- UPC, barcode scanners, POS devices

Standard AJEs

Question 83

input controls - edit tests:

Answer 83

edit checks

Question 84

Field check:

Answer 84

proper type of characters in a field

i.e. 9o210.
it won’t process that because it is suppose to be 90210

Question 85

Field Size check:

Answer 85

ensures that the input data will fit into the assigned field

i.e. twitter character count.

Question 86

sign check

Answer 86

appropriate arithmetic sign

Question 87

limit check

Answer 87

tests a numerical amount against a fixed value

floor or ceiling

Question 88

reasonableness check:

Answer 88

determines the correctness of a logical relationship between two data items

Question 89

types of processing controls

Answer 89

data access controls

data manipulation controls

Question 90

types of data access controls:

Answer 90

financial totals
has totals
record count
social security numbers

Question 91

types of data manipulation controls:

Answer 91

review software documentation

ensure proper programming using test data.

Question 92

Fraud:

Answer 92

any act of deception with intent to gain an unfair advantage over another person.

Question 93

Computer fraud:

Answer 93

illegal act that requires computer knowledge / use to perpetuate.

Question 94

Types of fraud:

Answer 94

misappropriation of assets, corruption, fraudulent financial reporting

Question 95

Examples of misappropriation of assets

Answer 95

Embezzlement, theft of money or property

Question 96

Examples of Corruption

Answer 96

Using your position to take advantage

Question 97

Example of Fraudulent financial reporting

Answer 97

intentional manipulation of financial statements i.e. Healthsouth

Question 98

Computer Crime:

Answer 98

the us of a computer for illegal financial gain or infliction of measurable loss on a person.

Question 99

Computer abuse:

Answer 99

mischievous, unauthorized use of a computer that is contrary to the owner’s wishes i.e. invasion of privacy.

Question 100

The Computer Fraud and Abuse Act of 1986 covers the following issues:

Answer 100

1. Use of, or conspiracy to use computer resources to commit a felony
2. Theft, use, access, modification, copying or destruction of software or data.
3. Theft of money by altering computer records, or theft of computer time.
4. Theft or vandalism of computer hardware.
5. Intent to illegally obtain information or property using the computer.
6. Trafficking in passwords or other login information.
7. Extortion using a computer system as a target.

Question 101

What are some techniques used to commit computer crimes?

Answer 101

Trojan Horse
Data diddling
Hacking
Phishing

Question 102

What is a trojan horse?

Answer 102

unauthorized commands hidden in authorized programs/

Question 103

What are different types of trojan horses?

Answer 103

Virus
Worm
Logic Bomb
Salami Technique

Question 104

What is a virus?

Answer 104

A program that attaches to other files or programs and spreads by copying itself. They can destroy programs and data and perform denial of service attacks.

Question 105

What is a worm?

Answer 105

A stand-alone program that replicates itself until all memory is utilized. Can also be used in denial of service attacks.

Target puts a worm on walmart. If walmart is slow, customers will choose target instead.

Question 106

What is a logic bomb?

Answer 106

A program that remains dormant until triggered by some event.
- Logic bombs can destroy programs and data.

Question 107

What is the salami technique?

Answer 107

A program that makes small adjustments to many accounts in an effort to steal large amounts of money in small increments.

Question 108

What is data diddling?

Answer 108

changing data before, during, or after an entry.

Question 109

What is hacking?

Answer 109

Gaining unauthorized access to a system.

Question 110

What is phishing?

Answer 110

e.g. pose as legitimate company.

Question 111

Types of security technologies:

Answer 111

1. Antivirus software
2. Firewalls
3. Access controls
4. Physical security
5. Intrusion detection systems
6. Data encryption

Question 112

Steps to identifying computer crime:

Answer 112

1. Look for accounting irregularities, or anomalous data.
2. Look for employees with lifestyle changes or unusually extravagant lifestyles given their income.
3. Look for employees with bizarre behavior. i.e. secretive and unwilling to take vacation.

Question 113

Forensic accountants:

Answer 113

specialize in preventing or detecting fraud or white-collar crime.

Question 114

Is it okay for your employer to read emails from your work account?

Answer 114

Yes

Question 115

Is it fair for your potential or current employers to use Facebook or Twitter to monitor employees?

Answer 115

Yes it is okay.

Question 116

When does the accounting cycle begin?

Answer 116

When the accounting personnel analyze a transaction from a source document.

Question 117

What is a source document?

Answer 117

A puede of paper or electronic form that records a business activity such as the purchase or sale of goods.

Question 118

Subsidiary ledger:

Answer 118

contains detailed records pertaining to a type of account (e.g. A/R, A/P, Payroll)

Question 119

General Ledger:

Answer 119

a collection of account balances.

Question 120

What is coding?

Answer 120

AIS depend on it to record, store, classify, and retrieve financial data.

Question 121

What is the purpose of coding?

Answer 121

uniquely identify transactions and accounts, compress data, aid in classification process, and convey special meaning.

Question 122

Types of codes:

Answer 122

mnemonic codes
Sequence codes
Block Codes
Group Codes

Question 123

Mnemonic Codes:

Answer 123

give visible clues concerning the objects they represent (e.g. S, M, L, XL)

Question 124

Sequence Codes

Answer 124

assign numbers or letters in consecutive order

Question 125

Block Codes

Answer 125

sequential codes in which blocks of numbers are reserved for particular use.

Question 126

Group codes:

Answer 126

Combines two or more codes.

Question 127

A payroll clerk created a ghost employee and entered the name into the payroll system. He then prepared a paycheck for this employee, endorsed it to himself, took the paycheck to the bank, and deposited the check.

Answer 127

Require supervisors to approve time worked.

Have someone other than payroll clerk distribute signed checks.

Use direct deposit

Have employees sign for checks.

Have employees clock-in electronically (use badged)

Use a record count of employees

Use a hash total.

Question 128

In a charitable organization, a cashier set aside checks for donations, endorsed them, and cashed them. She then sent gift acknowledgement cards to the donors.

Answer 128

• Use restrictive endorsement only (remove authority to cash checks).
• Have donations sent to a lockbox (remove custody).
• Accept donations online.
• Have 2 clerks open mail together.
• Have gift acknowledgement cards sent by someone other than cashier (separation of duties).
• Independently reconcile donations to gift acknowledgements (independent check).

Question 129

A computer programmer obtained the payroll master file, loaded it into the system, and changed his salary.

Answer 129

• Have someone independent of payroll review all changes to the employee master file.
• Limit access to payroll data entry.
• Outsource payroll.
• Use a financial total (hourly or other pay rates).

Question 130

A programmer quit in the middle of an assignment. Because no other programmers could make sense of the work already completed, the project was started over from scratch.

Answer 130

• Document systems in the planning and implementation phases.

Question 131

5. During keying in a customer’s payment, the digit 0 in a payment of $102.34 was mistakenly entered as the letter O. As a result, the transaction was not processed correctly, and the customer received an incorrect statement.

Answer 131

• Use a field check (preventive control).

Question 132

6. An employee gained unauthorized access to the system by observing her supervisor’s user name and then correctly guessing her password after 12 attempts.

Answer 132

• Limit numbers of attempts to enter system.
• Use smart passwords
• Change passwords frequently

Question 133

7. A salesperson for a PC manufacturer, keying in a customer order from a remote laptop computer, entered an incorrect stock number. As a result, an order of 50 printers was placed for a customer who wanted to order 50 PCs.

Answer 133

• Redundant data check

* Confirmation of order with customer

Question 134

8. A salesperson keying in a customer order from a remote computer inadvertently omitted the delivery address from the order.

Answer 134

• Completeness check

* Confirmation of order with customer

Question 135

Acme Glass Company makes glass windows. In the final step, the windows are cleaned on a raised table in order to protect workers from work-related injuries. During cleaning the windows are secured by a tether to avoid damage. In 2% of the cases, the tether malfunctions and the window falls off the table. In 5% of the falls, the window is broken. Each broken window costs Acme $800. Acme makes 24,000 windows each year.

The Enron Tether Maintenance Company has agreed to provide monthly tether maintenance to Acme at a cost of $1,000 per month. If Enron provides tether maintenance, the likelihood of a window falling off the table is cut in half. The likelihood of breakage as the result of a fall is not affected by Enron’s tether maintenance.

9. Without purchasing tether maintenance, what is the expected loss due to breakage each year?

Answer 135

Expected cost = Risk * Exposure

Risk is 2% of windows fall and 5% of those break. Risk = 2% * 5% = 0.001.
If 0.001 of all windows break, and there are 24,000 windows per year, there are 24 breaks (on average) per year.

Exposure is $800 per window.

24 breaks @ $800 each = $19,200 expected cost

Question 136

Acme Glass Company makes glass windows. In the final step, the windows are cleaned on a raised table in order to protect workers from work-related injuries. During cleaning the windows are secured by a tether to avoid damage. In 2% of the cases, the tether malfunctions and the window falls off the table. In 5% of the falls, the window is broken. Each broken window costs Acme $800. Acme makes 24,000 windows each year.

The Enron Tether Maintenance Company has agreed to provide monthly tether maintenance to Acme at a cost of $1,000 per month. If Enron provides tether maintenance, the likelihood of a window falling off the table is cut in half. The likelihood of breakage as the result of a fall is not affected by Enron’s tether maintenance.

9. Without purchasing tether maintenance, what is the expected loss due to breakage each year?

Answer 136

Expected cost without Enron Maintenance $19,200
Expected cost with Enron Maintenance $9,600*

	Savings with Enron Maintenance			  $9,600
	Cost of Enron Maintenance				$12,000
	Net Cost						($2,400)

*with Enron Maintenance, cost is ½ of current cost or:

1% * 5% = 0.0005 * 24,000 windows = 12 window breaks @ $800 each

Question 137

Design of an effective AIS begins by

Answer 137

considering the outputs from the system.

Question 138

Outputs of an AIS include:

Answer 138

1. Reports to MGT
2. Reports to investors and creditors.
3. Files that retain transaction data.
4. Files that retain current data about accounts.

Question 139

Business process:

Answer 139

a collection of events

Question 140

what are the two types of events in a business process?

Answer 140

• an economical event (accounting transaction)

- a business event does not affect the financial statements but still needs to be recorded (a sales order)

Question 141

What are the 2 core business processes?

Answer 141

sales

purchasing.

Question 142

The sales process begins with…

Answer 142

a customer order of goods or services and ends with the collection of cash from the customer.

Question 143

Simple description of Sales Process

Answer 143

GOODS OUT, CASH IN.

Question 144

What are the steps in the sales process?

Answer 144

sales order, shipment of goods, bill customer, and cash receipt. (maybe sales return)

Question 145

What are the o objectives of the sales process?

Answer 145

tracking sales, filing customer orders, billing customers, collecting payment, forecasting sales and cash receipts.

Question 146

Inputs to the sales process (or source documents)

Answer 146

sales order, sales invoice, check, remittance advice, shipping notice, debit/ credit memo.

Question 147

Outputs of the sales process:

Answer 147

customer billing statement, aging report, bad debt report, cash receipts forecast, approved customer list.

Question 148

Threat: incomplete or inaccurate customer orders:

control?

Answer 148

data entry edit checks.

Question 149

threat: credit sales to customers with poor credit.

Answer 149

credit approval by credit manager, not by sales function; accurate records of customer account balances.

Question 150

threat: legitimacy of orders:

Answer 150

signatures on paper documents; digital signatures and digital certificates for e-business.

Question 151

threat: stockout, carrying costs, and markdowns.

Answer 151

inventory control systems, improved sales forecast, supply chain management.

Question 152

threat: Shipping errors:

Answer 152

reconciliation of sales order with picking ticket and packing slip; bar code scanners ; data entry control application controls.

Question 153

threat: theft of inventory:

Answer 153

restrict physical access to inventory.
documentation of all internal transfers of inventory and reconciliation of counts of recorded amounts.
Separate inventory custody from recording inventory usage from authorization to ship.

Question 154

threat: failure to bill customers:

Answer 154

separation of shipping and billing functions.
renumbering of all shipping documents and periodic reconciliation to invoices; reconciliation of picking tickets and bills of lading with sales orders.

Question 155

threat: billing errors:

Answer 155

data entry edit control.
price lists
reconcile the sales order and shipping documents to the invoice.

Question 156

posting errors in updating account receivables

Answer 156

reconciliation of subsidiary accounts receivable ledger with general ledger; monthly statements to customers.

Question 157

threat: theft of cash:

Answer 157

segregation of duties; minimization of cash handling; lockbox arrangements; prompt endorsement and deposit of all receipts
periodic reconciliation of bank statements with records by someone not involved in cash receipts processing.

Question 158

threat: loss of data

Answer 158

backup and disaster recovery procedures. access controls.

Question 159

threat: poor performance.

Answer 159

preparation and review of performance reports.

Question 160

the purchasing process begins with

Answer 160

a request for goods or services and ends with a payment to the vendor.

Question 161

the purchasing process simplified:

Answer 161

goods in; cash out.

Question 162

steps in the purchasing process:

Answer 162

purchase requisition, purchase order, receive goods, approve payments and cash disbursements.

Question 163

objectives of the purchasing process:

Answer 163

tracking purchases of goods and services from vendors.

tracking amounts owed (A/P)

Maintaining vendor records.

controlling inventory

making timely and accurate vendor payments

forecasting purchases and cash outflows.

Question 164

inputs to the purchasing process:

Answer 164

purchase requisitions 
purchase order
invoice from vendor.
receiving report
bill of lading
packing slip
debit/credit memo.

Question 165

outputs of the purchasing process.

Answer 165

discrepancy reports
vendor checks
check register
cash requirements forecast.

Question 166

threat: prevent stockout or excess inventory:

Answer 166

inventory control systems bar code scanners; periodic counts of inventory

Question 167

threat: request unnecessary items:

Answer 167

accurate perpetual inventory records; require purchase requisition approval

Question 168

threat: inflated prices.

Answer 168

bids; approved suppliers; approved purchase orders; budget review.

Question 169

threat: inferior quality:

Answer 169

approved suppliers; approved purchase orders; monitory supplier performance.

Question 170

threat: unauthorized suppliers:

Answer 170

require purchase order approval; restrict access to supplier master files approved suppliers.

Question 171

kickback threat:

Answer 171

require disclosure of financial interests in suppliers; vendor audits.

Question 172

threat: receive unordered goods.

Answer 172

receiving department require the existence of valid purchase order prior to acceptance.

Question 173

threat: errors in counting goods.

Answer 173

bar code scanners; accuracy incentives.

Question 174

threat: theft of inventory:

Answer 174

restrict physical access; decrement all internal transfers of inventory’ periodic physical counts; reconciliation of counts to recorded amounts

Separate inventory custody from recording inventory usage from authorization to receive goods.

Question 175

threat: uncaught errors in invoice:

Answer 175

train AP staff

Reconcile invoice to PO and receiving report.

Question 176

threat- pay for goods not received.

Answer 176

reconcile invoice to receiving report

Question 177

threat- missed purchase discounts

Answer 177

proper filing; cash flow budgets.

Question 178

threat- pay same invoice twice-

Answer 178

support invoice with original voucher package.; timely cancel voucher package.

Question 179

threat- recording pristine errors in aP

Answer 179

Data entry and processing edit controls

Question 180

threat- theft of cash:

Answer 180

Segregation of duties between AP (approval and recording) and cashier; reconciliation of bank account by someone independent of cash disbursement; restrict access to blank checks; two signatures for higher check amounts