CIA Pt 3 Flashcards
Five Basic Forces
Threat of new entrants Threat of substitutes Threat of buyers' bargaining power Bargaining power of suppliers Rivalry among existing firms
Michael E. Porter’s five competitive forces
(1) the degree of rivalry among existing firms (2) threats of, and barriers to, entry
(3) the threat of substitute products or services
(4) the threat of buyers’ bargaining power; (5) the threat of suppliers’ bargaining power
current ratio
The current ratio equals current assets divided by current liabilities
The communication process has six elements
the sender, the symbols in which the message is encoded, the medium through which the message is sent, the decoding of the message, the receiver, and feedback.
PERT formula
(a + 4m + b) ÷ 6
When production exceeds sales, ending inventory increases…
Under absorption costing
some fixed costs are still in ending inventory.
Operating income is higher under absorption costing.
When production exceeds sales, ending inventory increases…
Under variable costing
all fixed costs have been expensed.
Operating income is higher under absorption costing.
When production is less than sales, ending inventory decreases…
Under absorption costing
fixed costs in beginning inventory are expensed. Operating income is higher under variable costing.
When production is less than sales, ending inventory decreases…
Under variable costing
only the current period’s fixed costs are expensed.
Operating income is higher under variable costing.
When production and sales are equal for a period,
variable costing and absorption costing report the same operating income.
As described in the COSO ERM framework, risk appetite should be considered in
Evaluating strategies,
Setting related objectives, and
Developing risk management methods.
Inherent risk is the risk when
management has not taken action to reduce the impact or likelihood of an adverse event. Thus, it is risk in the absence of a risk response.
An increase in inventory carrying costs decreases the EOQ because, in the EOQ model,
carrying cost is a denominator value.
What is a comprehensive system that processes and monitors electronic transactions, communications, and business interactions? Also described as “conducting commercial activities over the Internet.
e-commerce
The basic EOQ equals
the square root of a fraction consisting of a numerator equal to the product of twice the unit periodic demand and the variable cost per order and a denominator equal to the unit periodic carrying cost.
The basic EOQ formula is used to
minimize the total of inventory carrying and ordering costs.
Audit objectives for an e-commerce engagement may include:
Evidence of e-commerce transactions
Availability and reliability of security system
Effective interface between e-commerce and financial systems
Security of monetary transactions
Effectiveness of customer authentication process
Adequacy of business continuity processes, including the resumption of operations
Compliance with common security standards
Effective use and control of digital signatures
Adequacy of systems, policies, and procedures to control Public Key Certificates (using public key cryptographic techniques)
Adequacy and timeliness of operating data and information
Documented evidence of an effective system of internal control
Queuing (waiting-line) models minimize
(1) the cost of providing service (including facility costs and operating costs) and (2) the cost of idle resources waiting in line. The latter may be a direct cost, if paid employees are waiting, or an opportunity cost in the case of waiting customers. This minimization occurs at the point where the cost of waiting is balanced by the cost of providing service.
Failure costs are incurred
after defective output has been removed from production.
An example of an external failure cost is
A contract penalty for faulty goods
The benefits to the company of the achievement-oriented leader approach include
(1) greater employee confidence and commitment, (2) more employee decision making, (3) increased employee creativity, (4) more challenging objectives, and (5) reduced supervision for employees who work best independently.
A risk-averse leader will avoid
risky situations, make decisions more slowly, and seek more information than a person who is described as a risk taker.
Conflict triggers include
ambiguous jurisdictions (unclear job boundaries); competition for scarce resources; status differentials; time pressures; personality clashes; unreasonable standards, rules, etc.; communication breakdowns; and unrealized expectations. However, an appeal to superordinate goals is a conflict resolution technique, not a conflict trigger.
What is the primary obstacle to adoption of self-managed teams?
Managerial acceptance. Tradition-oriented managers often perceive the loss of authority to a self-managed team as a threat to their status.
What type of integration arrangement involves partial integration and implies the ability to fully support an efficient subunit?
Tapered (partial) integration. Tapered integration implies that the firm can fully support an efficient subunit but has additional needs to be met in the market. If the in-house subunit will not be efficient, that inefficiency must be weighed against the benefits of tapering. Tapering results in lower fixed costs than full integration. Furthermore, the strategy may allow the firm’s subunit(s) to maintain constant production rates while external parties bear the risk of fluctuations. Another use of tapering is to protect against operational imbalances among the subunits. A risk of tapering is selling to, or buying from, competitors. Another is greater coordination cost. Advantages of tapering are avoidance of locked-in relationships, some access to external expertise, increased managerial incentives, offering a credible threat of full integration to suppliers or customers, and obtaining knowledge of the adjacent business and an emergency supply source.
Network models are used to solve managerial problems pertaining to
project scheduling, information systems design, and transportation systems design. Networks consisting of nodes and arcs may be created to represent in graphic form problems related to transportation, assignment, and transshipment. The shortest-route, minimal spanning tree, and maximal flow problems are other applications of network models. A shortest-route algorithm minimizes total travel time from one site to each of the other sites in a transportation system.
Self-actualization is the highest level need in Maslow’s hierarchy. It is the desire to become
what one is capable of becoming, to realize one’s potential and accomplish to the limit of one’s ability. In other words, the job itself is an intrinsic motivation; no extrinsic motivation (such as rewards or reinforcements) is needed. Intrinsic motivation provides the worker with psychological income. Thus, challenging new job assignments meet an employee’s self-actualization needs.
Ingratiating tactics attempt to
raise the other person’s self-esteem prior to a request.
Benefits of using ISO 14000
- decrease the cost of wasted management
- provide savings in consumption of energy and materials
- lower distribution costs
- improve corporate image among regulators, customers, and the public
A risk committee may be created that…
- identifies key risks
- connects them to risk management processes
- delegates them to risk owners
- considers whether tolerance levels delegated to risk owners are consistent with the organization’s risk appetite
What are the major components of governance?
- Strategic direction
- Oversight
Strategic direction determines…
- the business model
- overall objectives
- risk appetite
- limits of organizational conduct
Elements of oversight are…
- the board’s responsibilities to stakeholders
- the risk management activities of senior management and the board
- internal and external assurance activities
Unit contribution margin =
Total contribution margin/Units sold
Breakeven point in unit sales=
fixed costs/ unit contribution margin
9 steps of the accounting cycle:
- journalizing transactions
- posting journal entries to the ledgers
- preparing an unadjusted trial balance
- recording adjusting entries
- preparing an adjusted trial balance
- preparing financial statements
- closing temporary (nominal) accounts
- preparing a post-closing trail balance (optional)
- reversing the accrual entries (optional)
The project life cycle has four phases:
- initiation
- planning
- execution
- closure
The planning (2nd) phase of the project life cycle involves
creating a detailed project plan and assigning resources
Electronic mail can be no more secure than…
the computer system on which it operates. Also, in larger organizations, there may be several electronic mail administrators and locations with varying levels of security
An object oriented approach is intended to produce reusable code. Because code segments can be reused in other programs, the time and cost of writing software should be…
reduced. This permits quicker and more reliable development of systems.
The primary objective of logical security controls for information systems is to…
restrict access to data and resources to only authorized individuals.
According to PA 2130-1, “Internal auditors determine whether senior management and the board have a …
clear understanding that information reliability and integrity is a management responsibility. This responsibility includes all critical information of the organization, regardless of how the information is stored.”
The life cycle approach is best employed when systems are…
large and highly structures, users understand the tasks to be performed by the information system, and the developers have directly applicable experience in designing similar systems. In the life cycle process, each stage of development is highly structured, and requirements are clearly defined. However, when the task is unstructured, prototyping may be the better approach.
Antivirus software designed to identify and remove known viruses is sometimes known as a ….
vaccine. A vaccine only works for known viruses and may not be effective for variants of those viruses or new viruses.
A ____ is an independent program that reproduces by copying itself from one system to another over a network and consumes computer and network resources.
worm
The objective of security software is to…
control access to information system resources, such as program libraries, data files, and proprietary software. Security software identifies and authenticates users, controls access to information, and records and investigates security related events and data.
Computer Aided Software Engineering (CASE) applies computers to software design and development. It permits creation and maintenance of…
systems documentation on the computer and the automation of a part of the programming effort. Using CASE would improve management of the development process because the CASE software maintains the links between the different components, provides built-in project management tolls, and supplies automated testing aids.
ISO 9001 is a generic standard that states the requirements for a…
quality management system. It applies when an entity needs to demonstrate its ability to:
- sell a product that meets customer and regulatory requirements and
- increase customer satisfactions through improving the quality management system and ensuring conformity with requirements.
Enterprise risk management helps management to…
- reach objectives
- prevent loss of reputation and resources
- report effectively
- comply with laws and regulations
ERM Components
I Only Ever ReAct, ReRun Control Is Money
Internal environment Objective setting Event identification Risk Assessment Risk Responses Control Activities Information and communication Monitoring
Internal Environment reflects the entity’s…
- risk management philosophy
- risk appetite
- integrity
- ethical values
- overall environment (sets tone at the top)
Categories of objectives:
SORC
- Strategic objectives are consistent with & support the mission
- Operations objectives address effectiveness and efficiency
- Reporting objectives concern reliability
- Compliance objectives relate to adherence to laws and regulations
The marginal tax rate is the tax applicable to the…
last unit of income.
The average tax rate=
the total tax rate divided by taxable income.
In a progressive tax system, higher incomes attract higher tax rates, so the marginal tax rate paid on the last unit of income exceeds…
the average tax rate
Regulatory agencies usually do not have the power to…
impose agency taxes on private industry. A regulatory agency may regulate some aspect of all industries or may regulate a specific industry in accordance with power delegated by the enabling legislation. Agency functions include executive, adjudicatory, and rule-making activities.
Regressive taxes are those for which the average tax rate falls as…
income rises. They take a smaller percentage of income as income rises, so they will not necessarily take a larger absolute amount of income as income rises
A nation has a progressive tax structure with income tax brackets that are not indexed to inflation. An individual taxpayer experiences an income increase just equal to the general inflation rate and moves into a higher tax bracket. The individual will the experience _____ nominal taxes payable and ____real taxes payable.
Increasing nominal taxes and increasing real taxes
If an imported good’s sale price is higher than a comparable, less expensive domestic good, consumers will…
purchase the domestic good and there will be lower domestic consumption of the imported item.
A domestic entity and a foreign entity purchased the same security on the foreign exchange and held the security for 1 year. The value of the foreign currency weakened against the domestic currency over this period. Comparing the returns of the two companies, which will be higher?
Foreign entity
In regards to monetary policy, selling government securities is contractional because…
it takes money out of circulation.
Reducing government spending, increasing taxes, reducing the money supply, and increasing interest rates are all…
contractionary policies, and thus appropriate for attempting to dampen the economy and prevent inflation.
The money supply in a nation’s economy will decrease following…
an increase in the reserve ratio.
The reserve ratio is the minimum % of its deposits that a bank must keep on deposit with the…
Federal Reserve. When the reserve ratio increases, banks must maintain larger reserves and less money is available for lending and investment. The money supply decreases.
Exchange rate appreciation/depreciation=
(the change in the rate)/(the starting rate)
Four essential elements of a contract:
- agreement (offer and acceptance)
- consideration
- legal capacity of the parties to contract
- legal objective or purpose
- a writing is no always required
Under the output approach, GDP is measured as =
consumption expenditures + investment + gov’t purchases + expenditures by foreigners
An increase in excise taxes will generate more tax revenue if it is levied on products for which demand is…
less elastic.
Low elasticity products: gas, tobacco, alcohol
Teams may be built by
Rating group effectiveness.
Participating in a series of outdoor challenges.
Incorporating a number of interdependent roles.
fault tolerant is
the ability to continue processing at all sites except a nonfunctioning one. An advantage of distributed processing is fault tolerant.
Process costing is used to assign costs to products or services. It is applicable to relatively homogeneous items that are mass produced on a continuous basis. Process costing calculates the…
average cost per unit produced, or total cost divided by the number of units.
According to PA 2130.A1-1, the CAE both determines…
whether the internal audit activity has competent audit resources for evaluating internal and external risks to information reliability and integrity and whether senior management, the board, and the internal audit activity will be promptly notified about breaches and conditions that might represent a threat.
According to Fred E. Fiedler’s contingency theory, people become leaders not only because of personality attributes, but also because of…
various situational factors and the interaction between the leaders and the situation. Thus, the right person at the right time may rise to a position of leadership if his or her personality and the needs of the situation complement each other. The same person might not become a leader in different circumstances because of failure to interact successfully with that situation.
The contingency theory model has three dimensions:
(1) Position power is a function of the formal authority structure. It is the degree to which the position held enables a leader to evaluate, reward, sanction, or promote the group members independent of other sources of power, such as personality or expertise. (2) Task structure is how clearly and carefully members’ responsibilities for various tasks are defined. Quality of performance is more easily controlled when tasks are clearly defined. (3) Leader-member relations reflect the extent to which group members like, trust, and are willing to follow a leader.
Use of unlicensed software in an organization increases the risk of introducing viruses into the organization and can be…
detected by software checking routines that run from a network server
o reduce security exposure when transmitting proprietary data over communication lines, a company should use
Cryptographic devices. (encryption)
Strategic management is a five-step process:
My Sweet Aunt Sally Is Fine
- Mission and goals
- SWOT analysis
- strategy
- implementation, controls
- feedback
Strategic management is a five-step process:
The board of directors drafts the organization’s mission statement, a general statement of what the organization intends to accomplish and its reason for existing. The statement may be accompanied by one or more goals, which are concrete targets for measuring the organization’s success. The organization performs a situational analysis, also called a SWOT analysis, involving identification of its strengths, weaknesses, opportunities, and threats. Based on the results of the situational analysis, upper management develops a group of strategies describing how the mission statement will be fulfilled. Strategic plans are implemented through the execution of component plans at each level of the entity. Strategic controls and feedback are used to monitor progress, isolate problems, and take corrective action. Over the long term, feedback can be used to adjust the original mission and goals.
Operating leverage is the extent to which a firm’s costs of operating are fixed as opposed to variable. Operating leverage equals fixed costs divided by total costs. Therefore, if a high percentage of an entity’s total cost is fixed, the entity is said to have high operating leverage.
high operating leverage.
What activities are included in ERM?
- Determining risk appetite
- Identifying potential risks
- Communicating information on risks consistently and at all levels
- Providing assurance on the effectiveness of risk management
To avoid creating conflict between the chief executive officer (CEO) and the audit committee, the chief audit executive (CAE) should
Request board establishment of policies covering the internal audit activity’s relationships with the audit committee.
Independence is not sufficient to avert conflict unless reporting relationships are well defined.
What will allow a manufacturer with limited resources to maximize profits?
Linear programming.
Linear programming is a mathematical technique for planning resource allocation that optimizes a given objective function subject to certain constraints. Thus, it maximizes a revenue or profit function or minimizes a cost function, subject to constraints. For example, constraints may be limited (scarce) resources or minimum/maximum levels of production, performance, etc. In business, linear programming is used for planning resource allocations. Managers are often faced with problems of selecting the most profitable or least costly way to use available resources.
The funds-needed line does not pass through the origin unless the entity has a
100% dividend payout policy. If all earnings are paid as dividends, no earnings are retained. All sales growth must be financed from spontaneous or external sources.
An appropriate technique for allocating its funds between equities and bonds is…
Linear programming.
Linear programming is a mathematical technique for planning resource allocation that optimizes a given objective function that is subject to certain constraints. In this case, the maximum investment is constrained by a % limit on either investment choice.
What is a malicious program with the purpose to reproduce itself throughout the network and produce a denial of service attack by excessively utilizing system resources?
Worm
A _____ is an independent program that appears to perform a useful function but hides another unauthorized program inside it.
Trojan horse
A _____ is a code fragment (not an independent program) that reproduces by attaching to another program.
virus
A _______ is a mechanism for releasing a system attack of some kind, which is triggered when a particular condition (for example, a certain date or system operation) occurs.
logic bomb
A device used to connect dissimilar networks is a
gateway. Often implemented via software, a gateway translates between two or more different protocol families and makes connections between dissimilar networks possible.
A _____ connects two or more network segments, such that the segments maintain their separate logical identities.
router
A _____ joins network segments so that they appear to be one physical segment.
bridge
An organization is changing to a quality assurance program that incorporates quality throughout the process. This is very different from its years of dependence on quality control at the end of the process. This type of change is a
cultural change.
A cultural change involves a change in attitudes and mindset.
Both users and management approve the initial proposal, design specifications, conversion plan, and testing plan of an information system. This is an example of
Implementation controls.
Implementation controls occur in the systems development process at various points to ensure that implementation is properly controlled and managed.
Globalization assists in achieving economies of scale, is a ____ benefit.
cost.
Cost benefits are obtained from economies of scale as a firm expands its operations. Average costs of output decline because of standardization of products or processes, and increased bargaining power versus suppliers of raw materials, components, and services. Moreover, economies of scale may arise from centralized production or from marketing, logistical, or purchasing factors.
Decentralization results in greater speed in making operating decisions because they are made by lower-level managers instead of being referred to top management. The quality of operating decisions should also be enhanced, assuming proper training of managers, because…
those closest to the problems should be the most knowledgeable about them.