Exam 1

Question 1

What is an Accounting Information System

Answer 1

Set of interrelated processes/activities, documents, and technologies that collect, process, and report information to the right people in the right form at the right time

Question 2

What is a business process?

Answer 2

Prescribed sequence of work steps performed in order to produce a desired result for the organization

Question 3

What are the main processes (per TWC)

Answer 3

Revenue, Expenditure, Conversion, Administrative

Question 4

What creates journal entries

Answer 4

Journals

Question 5

What holds documents

Answer 5

Storage- database, data warehouse, data lakes, OLAP Cubes

Question 6

Compare journals vs ledger

Answer 6

Journals- create journal entries
Ledgers- are balances

Question 7

compare general journal vs special journals

Answer 7

General journal- place of original entry for any transactions that are not recorded in special journals

Special journal-Used for everyday transactions

Question 8

compare general vs subsidiary ledgers

Answer 8

Subsidiary Ledgers- maintain detailed information regarding routine transactions with an account

General Ledger- provides detail of the entire set of accounts used in the organizations accounting systems

Question 9

what are source and turnaround documents (remittance advices)

Answer 9

turnaround- computer output that will be used to add input to a computer

Source- proves a transaction occurred

Question 10

Sarbanes-Oxley Act 2002 effect on internal controls and ethics

Answer 10

Organizations define their own controls to meet the regulator’s goals.

Question 11

COSO Internal Control Frame work (five)

Answer 11

control environment, risk assessment, information/comm, monitoring activities, existing control activities

Question 12

what are the two types of IT controls

Answer 12

General and application

Question 13

What is SOD

Answer 13

Separation of duties

Question 14

AIS generic Structre (4)

Answer 14

Input, Output, storage, process

Question 15

four main business process

Answer 15

Revenue process, expenditure process, conversion process, administrative process

Question 16

what is information literacy

Answer 16

Ability to find, use, and communicate information ethically and legally

Question 17

Data hierarchy (bit…)

Answer 17

bit, byte (8 bits), field (one item within a record), record (set of related field for same entity), file (entire set of related records), database ( collection of data stored so that it can be accessed.

Question 18

compare master files vs transaction files

Answer 18

Master file- relatively permanent files that maintain the detailed date for each major process

Transaction File- set of relatively temporary records that will be processed to update the master file

Question 19

is a master file or transaction more stable

Answer 19

Master file

Question 20

which changes with each transaction, a master file or transaction file

Answer 20

Master file- update

transaction file- record

Question 21

Batch processing

Answer 21

Requires that all similar transactions be grouped together for a specified time

Question 22

What kind of information is still batch processed

Answer 22

Payroll processing

Question 23

data warehouse vs operational database

Answer 23

Data Warehouse- integrated collection of enterprise wide data that generally includes several years of dat for decision making and planning

Operational database- contains the data that is continually updated as transactions are processed. used for day to day

Question 24

is data warehouse or operational database used for reporting

Answer 24

Data Warehouse

Question 25

is data warehouse or operational database used for day to day business

Answer 25

Operational database

Question 26

what asset is most important to a company

Answer 26

Data because it supports decision making, difficult to recreate, constantly sought after

Question 27

structured vs unstructured data

Answer 27

structured- easily fits into rows and columns (phone number) Unstructured data- does not easily fit into rows and columns (reviews)

Question 28

what is corporate governance

Answer 28

an elaborate system of check and balances whereby a company's leadership is held accountable for building shareholder value and creating confidence in financial reporting process

Question 29

What is the general ledger used for

Answer 29

keep track of financial transactions and to prepare financial reports

Question 30

describe types of AIS

Answer 30

manual, legacy, modern

Question 31

Manual AIS

Answer 31

generally used by small organizations. Paper only! documents, ledgers, journals

Question 32

Legacy AIS

Answer 32

Older, contains long history

Question 33

Modern AIS

Answer 33

Integrated, enterprise resource planning and enterprise systems

Question 34

Pros/Cons of Legacy system

Answer 34

Pros: tailored to the company Cons: costly to maintain, obsolete hardware, not user friendly

Question 35

What is an ERP

Answer 35

Enterprise Resource Planning- multi module system designed to manage all aspects of an enterprise

Question 36

What is ES

Answer 36

Enterprise Systems

Question 37

Tier 1 vs Tier 2

Answer 37

Tier 1 is high end ERP, Tier 1 is beginning ERP

Question 38

Five input methods for business

Answer 38

source document, bar codes, point of sale, EDI, internet

Question 39

EDI

Answer 39

Electronic Data Interchange- intercompany computer to computer transfer of business documents in a standard business format

Question 40

Internet

Answer 40

Global network or information super highway

Question 41

Pros and Cons of batch processing

Answer 41

Pros: efficient for large volumes, audit trail is maintained, less costly, easier to control, specialization Cons: takes longer, adding/deleting records take alot of maintenance, duplication, transaction and master files have to be sequential

Question 42

online processing

Answer 42

each transaction is entered and processed one at a time

Question 43

pros and cons of online processing

Answer 43

Pros: System checks for input errors, info on a timely basis, files are up to date, integrated storage Cons: hardware and software are expensive, single database more susceptible to unauthorized use, real time systems can be difficult to audit.

Question 44

real time processing

Answer 44

transaction is processed immediately in real time

Question 45

pros and cons of real time processing

Answer 45

Pros: System checks for input errors, info on a timely basis, files are up to date, integrated storage Cons: hardware and software are expensive, single database more susceptible to unauthorized use, real time systems can be difficult to audit.

Question 46

Why do we need to document business processes

Answer 46

understand the process, audit, improve efficiency, provide information, evaluate risk

Question 47

What is DFD? be able to identify

Answer 47

Data Flow Diagrams- usually system development

Question 48

What is a process map? be able to identify

Answer 48

Document business processes in easy-to-follow diagrams

Question 49

What is a flowchart? be able to identify

Answer 49

used to analyze how to improve business processes and document flows

Question 50

What is a program flowchart? be able to identify

Answer 50

deals with computer programs

Question 51

What is fraud

Answer 51

an advantage a person uses to gain an unfair advantage over another person by false misrepresentation.

Question 52

what is the typical loss per year

Answer 52

5%

Question 53

what is collusion

Answer 53

multiple individuals taking place in fraud

Question 54

what is the three step fraud processs

Answer 54

Theft of something, conversion to cash, concealment

Question 55

how do fraudsters conceal fraud

Answer 55

physical documents, altered physical documents, created electronic documents, alter electronic documents, destroy physical documents

Question 56

according to report to the nation what are the 3 types of fraud

Answer 56

misappropriation of assets, misstatement of financial records, corruption

Question 57

4 categories of accounting related fraud (exh 2-3)

Answer 57

management, employee, customer, vendor

Question 58

why do managers commit fraud

Answer 58

increase stock price, improve financial statements, enhanced chances of promotion, increase incentive based promotion

Question 59

how can the financial statements be manipulated

Answer 59

overstating revenues and assets, understating expenses and liabilities, misapplying accounting principles

Question 60

types of management fraud

Answer 60

misstating financial statements, internal controls can't prevent

Question 61

types of vendor fraud

Answer 61

requesting duplicate payment for one invoice, internal controls yes

Question 62

types of customer fraud

Answer 62

returning stolen items for cash, internal controls can prevent

Question 63

types of employee fraud

Answer 63

inflating hours worked on time card, yes internal controls.

Question 64

what is computer fraud

Answer 64

any illegal act for which knowledge of computer technology is essential for its preparation investigation, or prosecution

Question 65

what is the relationship between internal controls and employee fraud

Answer 65

The better the internal controls, the less chance of employee fraud

Question 66

missing internal controls vs overrides

Answer 66

Missing internal controls allow for ordinary employees to commit fraud, override allows for management to commit fraud

Question 67

which 4 departments commit the most fraud

Answer 67

Operations, Accounting, Executive, Sales

Question 68

what are the red flags of fraud

Answer 68

living beyond means, financial difficulties, unusually close association with vendor, control issues

Question 69

what is the best thing to prevent fraud

Answer 69

Internal controls

Question 70

what is data diddling

Answer 70

Changing data before, during, or after it is entered into the system to delete, alter, or add system data

Question 71

Where in the data flow can fraud take place

Answer 71

Beginning, middle, end

Question 72

what is the difference between skimming and larceny

Answer 72

cash is stolen before it is entered into accounting records, cash is stolen after it is entered in the accounting records

Question 73

what is the difference between general and specific authorization

Answer 73

guidelines that allow transactions based on established parameters, explicit approval is needed

Question 74

what is an audit trail and how do auditors use it

Answer 74

verifiable information about the accuracy of accounting records, this is used to re create details of a transaction

Question 75

Barry Minkow what did he do

Answer 75

Stole from the mob, credit card fraud, money laundering, tax fraud, racketeering, embezzlement

Question 76

what is management override

Answer 76

management circumvention of systems or internal controls in place

Question 77

preventative, vs detective, vs corrective controls

Answer 77

avoid errors and fraud, uncover errors and fraud, corrects error or problem

Question 78

reasonable vs absolute assurance

Answer 78

achieve sensible balance of reducing risk when compared with the cost of control, impossible

Question 79

AICPA Trust services criteria

Answer 79

security, availability, processing integrity, online privacy, confidentiality

Question 80

according to SOX who is responsible for controls

Answer 80

CEO and CFO

Question 81

how do companies used COSO internal control framework and what are the five components

Answer 81

Control environment, risk assessment, control activities, information and communication, monitoring activities

Question 82

What is governance

Answer 82

system by which an organization is controlled, and operated and mechanism in which its people are held to account (transparency, accountability, stewardship, integrity)

Question 83

How does IT, data, AI, and analytics governance fit in

Answer 83

IT- provides the structures that links processes, resources, and information Data- availability, quality, security Analytics- analytics projects and models AI- AI/ML tools and safe and ethical

Question 84

what are the 4 objectives of an internal control system

Answer 84

safeguard assets, accuracy and integrity of data, promote operational efficiency, ensure compliance

Question 85

what is a risk

Answer 85

potential for harm or neagative outcome

Question 86

what should be separated

Answer 86

custody, recording, authorization

Question 87

what is the difference between supervision and independent verification

Answer 87

supervision takes places when tasks are being performed, verification takes place when activities are being performed

Question 88

What should be separated in IT (SOD in IT)

Answer 88

Database, development, operations, data library, users

Question 89

what are layers of protection for physical and logical/data access

Answer 89

perimeter controls, building controls, identification, authentication

Question 90

how can a computer log be used

Answer 90

can be examined in more detail to determine any weakness in log-in procedures.

Question 91

what are biometrics

Answer 91

physical characteristics of a user

Question 92

what is an authority table

Answer 92

list of valid, authorized users and the access level granted to each one.

Question 93

what is an access control matrix

Answer 93

table in which a row represents a subject, a column an object, and each entry has a set of access rights to the two

Question 94

2 types of IT controls: general vs application

Answer 94

General- apply overall to the IT accounting system Application- specific to accounting control input, processing, outputs

Question 95

what is a disaster recovery plan

Answer 95

Plan for the continuance of IT systems after a disaster

Question 96

control totals: record count, batch totals, hash totals

Answer 96

record count- count of number of records processed Batch total- totals of financial data Hash total- totals of fields that have no apparent logical reason to be added

Question 97

AICPA Trust services Criteria

Answer 97

Security, availability, processing integrity, confidentiality, online privacy

Question 98

programmed input validation routine types (9)

Answer 98

Field check, validity check, limit check, range check, reasonableness check, completeness check, sign check, sequence check, self checking digit.

Question 99

What is EDI? how does it work

Answer 99

Electronic Data Interchange- company to company transfer of standard business documents in electronic form. ex. email

Question 100

what did Walt Pavlo do

Answer 100

Used fraudulent accounting methods to mask its declining earnings by painting a false picture of financial growth.

Question 101

what is the COSO ERM Framework

Answer 101

Monitoring, info and communication, control activities, risk assessment, control environment

Question 102

what are the limitations of internal controls

Answer 102

breakdown, human error, inefficient segregation of duties, collusion, override

Question 103

what is the difference between reasonable and absolute assurance

Answer 103

high level of confidence that risk is low, certain that there is no risk.