Module 7

Question 1

Electronic business

Answer 1

Refers to any online transaction

Question 2

E-commerce

Answer 2

Is part of e-business requires the digital transmission of accounting transaction information

Question 3

Benefits of e-commerce for businesses (7)

Answer 3

• Can reach more geographically dispersed customer base
• Lower overheads
• Increased inventory range
• Easier and quicker to fulfil orders
• Better customer service
• Lower sales and marketing costs
• Would be at a disadvantage if didn’t have online presence

Question 4

Benefits of e-commerce for consumers (6)

Answer 4

• Eletronic delivery of ebooks etc straight to device
• Increased information available
• Greater range of vendors and products
• Ability to browse and purchase 24/7
• Ability to locate more competitive prices/ delivery options
• Increased personalisation

Question 5

Three key risks of e-commerce

Answer 5

• Financial
• Reputational
• Legal

Question 6

General business risks (5)

Answer 6

• Venture is unsucessful
• Loss of competitive advantage
• Cash flow difficulties
• Risk of loss of intellectual property
• Reduction in customer satisfaction

Question 7

Accounting policy/ issues associated with e-business (5)

Answer 7

• Whether the entity is the principle/ agent
• Treatment of introductory offers/ trade discounts
• Revenue cut off
• Sales and marketing barter transactions
• Purchasing integration (in systems)

Question 8

Main control company can implement to ensure internet transactions and communications are secure is…

Answer 8

Well designed, implemented and maintained system

Question 9

Specific risks of e-commerce acronym

Answer 9

DESCRIP

Question 10

D >

Answer 10

Data theft and loss

Question 11

Ways data can be lost (4)

Answer 11

• Hackers
• Interception
• Data corruption
• Loss during transmission

Question 12

Controls to address data theft and loss (6)

Answer 12

• Firewalls
• Encryption
• Biometric devices
• Audit logs (locked after a certain number of attempts)
• Authentication (something you have, know or are)
• Challenge response (security question)

Question 13

Firewall

Answer 13

System or group of systems that enforces access control policy between two networks

Question 14

E >

Answer 14

Electronic contracts repudiation

Question 15

Electronic contracts repudiation

Answer 15

To deny/ refuse to accept contract is legally binding when performed online

Question 16

Controls to address electronic contracts repudiation

Answer 16

• Confirmations (proof of delivery + return receipts)
• Timestamps
• Digital signatures

Question 17

S >

Answer 17

Server failure

Question 18

Server failure

Answer 18

From unintentional operational problems or malicious attacks

Question 19

Types of sever failure (3)

Answer 19

• Denial of service attacks (flood)
• Virus attacks
• Spyware

Question 20

Controls to address server failure (4)

Answer 20

• Disaster recovery
• Virus scans
• Anti-spyware programs
• Anti-spam programs

Question 21

C >

Answer 21

Compliance with tax and legal requirements

Question 22

VAT jurisdiction

Answer 22

Where the supply of goods/ services takes place

Question 23

Corporation tax

Answer 23

Based on where the location of the server is

Question 24

Controls to address compliance with tax and legal requirements

Answer 24

• Organisation must be aware of law
• Staff training on applications of laws
• Engage expert advisors
• Ensure accounting policies in line with applicable legal frameworks

Question 25

R >

Answer 25

Returns of goods sold electronically

Question 26

Controls to address returns of goods (3)

Answer 26

• Effective inventory management system
• Discretionary returns policy
• Ensure pricing policies reflect additional cost of returns

Question 27

I >

Answer 27

Impersonation

Question 28

Impersonation can be

Answer 28

Customer or organisation

Question 29

Methods of impersonation (2)

Answer 29

• Spam emails/ phishing

- False websites

Question 30

Controls to address impersonation (2)

Answer 30

• Authentication and passwords

- Customer education

Question 31

P >

Answer 31

Information privacy

Question 32

Key information privacy directive

Answer 32

Data Protection Directive

Question 33

Ramifications of breaches of information privacy legislation (5)

Answer 33

• Loss of customer goodwill
• Negative publicity
• Legal action
• Poor staff morale
• Financial loss

Question 34

New EU guidance

Answer 34

General Data Protection Regulation (2016)

Question 35

Key organisation in UK for data protection

Answer 35

Information Commissioner’s Office (ICO)

Question 36

Controls for information privacy (4)

Answer 36

• Well designed system that stores data accurately and securely
• Audit logs
• Authentication controls
• Clear policies around data retention

Question 37

GDPR applies to who

Answer 37

All organisations collecting and processing personal data

Question 38

GDPR applies to what

Answer 38

All personal data (including IP addresses)

Question 39

Key GDPR considerations (4)

Answer 39

• Fines for most serious offences
• Mandatory requirement to notify ICO within 72 hours of breach of personal data
• ‘Right to be forgotten’
• ‘Right to access’