Ch 11 Computer Fraud

Question 1

Perhaps the most striking fact about natural disasters in relation to AIS controls is that
A) many companies in one location can be seriously affected at one time by a disaster.
B) losses are absolutely unpreventable.
C) there are a large number of major disasters every year.
D) disaster planning has largely been ignored in the literature.

Answer 1

A) many companies in one location can be seriously affected at one time by a disaster.

Question 2

Which of the following is the greatest risk to information systems and causes the greatest dollar losses?
A) human errors and omissions
B) physical threats such as natural disasters
C) dishonest employees
D) fraud and embezzlement

Answer 2

A) human errors and omissions

Question 3

Identify the threat below that is not one of the four types of threats faced by accounting information systems.
A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency

Answer 3

D) system inefficiency

Question 4

4) A power outage is an example of a(n) ________ threat.
A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency

Answer 4

B) software errors and equipment malfunctions

Question 5

Excessive heat is an example of a(n) ________ threat.
A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency

Answer 5

A) natural and political disasters

Question 6

What was the first known cyber-attack intended to harm a real-world physical target?
A) Sasser
B) Stuxnet
C) Michelangelo
D) Doomsday

Answer 6

B) Stuxnet

Question 7

What agency did the United States create to use cyber weapons and to defend against cyber attacks?
A) U.S. Cyber Command
B) Department of Network Security
C) Department of Cyber Defense
D) Department of Technology Strategy

Answer 7

A) U.S. Cyber Command

Question 8

Which type of threat causes the greatest dollar losses?
A) software errors and equipment malfunctions
B) unintentional acts
C) intentional acts
D) system inefficiency

Answer 8

B) unintentional acts

Question 9

Logic errors are an example of which type of threat?
A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency

Answer 9

C) unintentional acts

Question 10

Seble wants to open a floral shop in a downtown business district. She doesn’t have funds enough to purchase inventory and pay six months’’ rent up front. Seble approaches a good friend, Zhou, to discuss the possibility of Zhou investing funds and becoming a 25% partner in the business. After a lengthy discussion Zhou agrees to invest. Eight months later, Zhou and Seble have a major argument. In order for Zhou to sue Seble for fraud, all the following must be true except
A) Zhou’s decision to invest was primarily based on Seble’s assertion that she had prior floral retail experience.
B) Seble told Zhou she had worked at a floral shop for several years, when in fact she did not have any prior experience in floral retail.
C) before Zhou invested, Seble prepared a detailed business plan and sales forecasts, and provided Zhou with copies.
D) Zhou’s 25% share of the business is worth substantially less than her initial investment.

Answer 10

C) before Zhou invested, Seble prepared a detailed business plan and sales forecasts, and provided Zhou with copies.

Question 11

Perpetrators do not typically
A) attempt to return or pay back stolen amounts soon after the initial theft, but find they are unable to make full restitution.
B) use trickery or lies to gain the confidence and trust of others at the organization they defraud.
C) become bolder and more greedy the longer the theft remains undetected.
D) begin to rely on stolen amounts as part of their income.

Answer 11

A) attempt to return or pay back stolen amounts soon after the initial theft, but find they are unable to make full restitution.

Question 12

) "Cooking the books" is typically accomplished by all the following except
A) overstating inventory.
B) accelerating recognition of revenue.
C) inflating accounts payable.
D) delaying recording of expenses.

Answer 12

C) inflating accounts payable.

Question 13

) SAS No. 99 requires that auditors
A) plan audits based on an analysis of fraud risk.
B) detect all material fraud.
C) alert the Securities and Exchange Commission of any fraud detected.
D) take all of the above actions.

Answer 13

A) plan audits based on an analysis of fraud risk.

Question 14

Intentional or reckless conduct that results in materially misleading financial statements is called 
A) financial fraud. 
B) misstatement fraud. 
C) fraudulent financial reporting. 
D) audit failure fraud.

Answer 14

C) fraudulent financial reporting.

Question 15

Which of the following is not an example of one of the basic types of fraud?
A) While straightening the store at the end of the day, a shoe store employee finds and keeps an expensive pair of sunglasses left by a customer.
B) An executive devised and implemented a plan to accelerate revenue recognition on a long-term contract, which will allow the company to forestall filing for bankruptcy. The executive does not own any stock, stock options or grants, and will not receive a bonus or perk because of the overstated revenue.
C) A purchasing agent places a large order at higher-than-normal unit prices with a vendor that gave the agent tickets to several football games.
D) A salesperson approves a large sales discount on an order from a company owned partially by the salesperson’s sister.

Answer 15

A) While straightening the store at the end of the day, a shoe store employee finds and keeps an expensive pair of sunglasses left by a customer.

Question 16

All of the following are required for an act to be legally classified as fraudulent except 
A) a falsehood is made.
B) about a material fact.
C) to inflict pain.
D) resulting in a financial loss.

Answer 16

C) to inflict pain.

Question 17

) Misappropriation of assets is a fraudulent act that involves
A) dishonest conduct by those in power.
B) misrepresenting facts to promote an investment.
C) using computer technology to perpetrate.
D) theft of company property.

Answer 17

D) theft of company property.

Question 18

Lapping is best described as the process of
A) applying cash receipts to a different customer’s account in an attempt to conceal previous thefts of cash receipts.
B) inflating bank balances by transferring money among different bank accounts.
C) stealing small amounts of cash, many times over a period of time.
D) increasing expenses to conceal that an asset was stolen.

Answer 18

A) applying cash receipts to a different customer’s account in an attempt to conceal previous thefts of cash receipts.

Question 19

Which of the following is not an example of the fraud triangle characteristic concerned with rationalization?
A) revenge against the company
B) intent to repay “borrowed” funds in the future
C) sense of entitlement as compensation for receiving a lower than average raise
D) belief that the company won’t suffer because an insurance company will reimburse losses

Answer 19

A) revenge against the company

Question 20

) Insiders are frequently the ones who commit fraud because
A) they are more dishonest than outsiders.
B) they need money more than outsiders.
C) they are less likely to get caught than outsiders.
D) they know more about the system and its weaknesses than outsiders.

Answer 20

D) they know more about the system and its weaknesses than outsiders.

Question 21

Which of the following is not a management characteristic that increases pressure to commit fraudulent financial reporting?
A) close relationship with the current audit engagement partner and manager
B) pay for performance incentives based on short-term performance measures
C) high management and employee turnover
D) highly optimistic earnings projections

Answer 21

A) close relationship with the current audit engagement partner and manager

Question 22

Researchers have compared the psychological and demographic characteristics of white-collar criminals, violent criminals, and the general public. They found that
A) few differences exist between white-collar criminals and the general public.
B) white-collar criminals eventually become violent criminals.
C) most white-collar criminals invest their illegal income rather than spend it.
D) most white-collar criminals are older and not technologically proficient.

Answer 22

A) few differences exist between white-collar criminals and the general public.

Question 23

Identify the opportunity below that could enable an employee to commit fraud.
A) An employee’s spouse loses her job.
B) An employee has a close association with suppliers or customers.
C) An employee suddenly acquires lots of credit cards.
D) An employee is upset that he was passed over for a promotion.

Answer 23

B) An employee has a close association with suppliers or customers.

Question 24

Which of the following is a financial pressure that could cause an employee to commit fraud?
A) a feeling of not being appreciated
B) failing to receive a deserved promotion
C) believing that their pay is too low relative to others around them
D) having a spouse injured in a car accident and in the hospital for several weeks

Answer 24

D) having a spouse injured in a car accident and in the hospital for several weeks

Question 25

Which of the following fraudulent acts generally takes most time and effort?
A) lapping accounts receivable
B) selling stolen inventory to get cash
C) stealing inventory from the warehouse
D) creating false journal entries to overstate revenue

Answer 25

A) lapping accounts receivable

Question 26

In many cases of fraud, the \_\_\_\_\_\_\_\_ takes more time and effort than the \_\_\_\_\_\_\_\_. 
A) concealment; theft 
B) theft; concealment 
C) conversion; theft 
D) conversion; concealment

Answer 26

A) concealment; theft

Question 27

Which of the following is the best way to hide theft of assets?
A) creating “cash” through the transfer of money between banks
B) conversion of stolen assets into cash
C) stealing cash from customer A and then using customer B’s balance to pay customer A’s accounts receivable
D) charging the stolen asset to an expense account

Answer 27

D) charging the stolen asset to an expense account

Question 28

Which fraud scheme involves stealing customer receipts and applying subsequent customer cash payments to cover the theft?
A) kiting 
B) laundering 
C) lapping 
D) bogus expense

Answer 28

C) lapping

Question 29

One fraudulent scheme covers up a theft by creating cash through the transfer of money between banks. This is known as 
A) lapping. 
B) misappropriation of assets. 
C) kiting. 
D) concealment.

Answer 29

C) kiting.

Question 30

Which characteristic of the fraud triangle often stems from a lack of internal controls within an organization? 
A) pressure 
B) opportunity 
C) rationalization 
D) concealment

Answer 30

B) opportunity

Question 31

) Which situation below makes it easy for someone to commit a fraud?
A) placing excessive trust in key employees
B) inadequate staffing within the organization
C) unclear company policies
D) All of the above situations make it easy for someone to commit a fraud.

Answer 31

D) All of the above situations make it easy for someone to commit a fraud.

Question 32

What is the most prevalent opportunity within most companies to commit fraud?
A) lack of any internal controls
B) failure to enforce the internal controls
C) loopholes in the design of internal controls
D) management’s failure to believe employees would commit fraud

Answer 32

B) failure to enforce the internal controls

Question 33

This component of the fraud triangle explains how perpetrators justify their (illegal) behavior.
A) pressure
B) rationalization 
C) concealment
D) opportunity

Answer 33

B) rationalization

Question 34

The most efficient way to conceal asset misappropriation is to
A) write-off a customer receivable as bad debt.
B) alter monthly bank statements before reconciliation.
C) alter monthly physical inventory counts to reconcile to perpetual inventory records.
D) record phony payments to vendors.

Answer 34

A) write-off a customer receivable as bad debt.

Question 35

Which of the following is least likely to result in computer fraud?
A) releasing data to unauthorized users
B) allowing computer users to test software upgrades
C) allowing computer operators full access to the computer room
D) storing backup tapes in a location where they can be quickly accessed

Answer 35

C) allowing computer operators full access to the computer room

Question 36

How does the U.S. Justice Department define computer fraud?
A) as any crime in which a computer is used
B) as any act in which cash is stolen using a computer
C) as an illegal act in which a computer is an integral part of the crime
D) as an illegal act in which knowledge of computer technology is essential

Answer 36

D) as an illegal act in which knowledge of computer technology is essential

Question 37

Why is computer fraud often much more difficult to detect than other types of fraud?
A) because massive fraud can be committed in only seconds, leaving little-to-no evidence
B) because most perpetrators invest their illegal income rather than spend it, concealing key evidence
C) because most computer criminals are older and more cunning than perpetrators of other types of fraud
D) because perpetrators usually only steal very small amounts of money at a time, requiring a long period of time to pass before discovery

Answer 37

A) because massive fraud can be committed in only seconds, leaving little-to-no evidence

Question 38

Why is computer fraud often more difficult to detect than other types of fraud?
A) Rarely is cash stolen in computer fraud.
B) The fraud may leave little or no evidence it ever happened.
C) Computers provide more opportunities for fraud.
D) Computer fraud perpetrators are just more clever than other types of criminals.

Answer 38

B) The fraud may leave little or no evidence it ever happened.

Question 39

Why do many fraud cases go unreported and unprosecuted?
A) Major fraud is a public relations nightmare.
B) Fraud is difficult, costly, and time-consuming to investigate and prosecute.
C) Law enforcement and the courts are often so busy with violent crimes that little time is left for fraud cases.
D) all of the above

Answer 39

D) all of the above

Question 40

The fraud that requires the least computer knowledge or skill involves 
A) altering or falsifying source data. 
B) unauthorized use of computers. 
C) tampering with or copying software.
D) forging documents like paychecks.

Answer 40

A) altering or falsifying source data.

Question 41

The simplest and most common way to commit a computer fraud is to 
A) alter computer input. 
B) alter computer output. 
C) modify the processing. 
D) corrupt the database.

Answer 41

A) alter computer input.

Question 42

) Downloading a master list of customers and selling it to a competitor is an example of 
A) data fraud. 
B) output theft. 
C) download fraud. 
D) fraudulent financial reporting.

Answer 42

A) data fraud.

Question 43

Most frauds are detected by
A) external auditors.
B) hotline tip.
C) internal auditors.
D) the police.

Answer 43

B) hotline tip.

Question 44

Which of the following will not reduce the likelihood of an occurrence of fraud?
A) encryption of data and programs
B) use of forensic accountants
C) adequate insurance coverage
D) required vacations and rotation of duties

Answer 44

C) adequate insurance coverage

Question 45

) On Tuesday morning, Chen Lee, Chief Information Officer at American Trading Corporation (ATC), got some bad news. The hard drive use to store system data backups was lost while it was being transported to an offsite storage location. Chen called a meeting of her technical staff to discuss the implications of the loss. Which of the following is most likely to relieve her concerns over the potential cost of the loss?
A) ATC has a comprehensive disaster recovery plan.
B) The hard drive was encrypted and password protected.
C) The shipper has insurance that will reimburse ATC for the cost of the hard drive.
D) ATC has a copy of the hard drive onsite, so a new copy for storage offsite can easily be prepared.

Answer 45

B) The hard drive was encrypted and password protected.

Question 46

________ is a simple, yet effective, method for catching or preventing many types of employee fraud.
A) Requiring all employees to take annual vacations
B) Monitoring employee bank accounts and net worth
C) Monitoring employee behavior using video cameras
D) Explaining that fraud is illegal and will be severely punished to employees

Answer 46

A) Requiring all employees to take annual vacations

Question 47

Which of the following is not a way to make fraud less likely to occur?
A) Adopt an organizational structure that minimizes the likelihood of fraud.
B) Create an organizational culture that stresses integrity and commitment to ethical values.
C) Create an audit trail so individual transactions can be traced.
D) Effectively supervise employees.

Answer 47

C) Create an audit trail so individual transactions can be traced.

Question 48

Which of the following is not a way to reduce fraud losses?
A) Conduct periodic external and internal audits.
B) Maintain adequate insurance.
C) Use software to monitor system activity.
D) Store backup copies of program and data files.

Answer 48

A) Conduct periodic external and internal audits.

Question 49

Which of the following is not a way to improve fraud detection?
A) Install fraud detection software.
B) Implement a fraud hotline.
C) Employ a computer security officer.
D) Implement computer-based controls over input, processing, storage, and output activities.

Answer 49

D) Implement computer-based controls over input, processing, storage, and output activities.