S2-m2 Flashcards

1
Q

Enterprise Resource Planning Systems (ERP)

A

are cross functional systems that support different business functions and facilitate integration of information across departments such as accounting, customer management, finance, human resources, inventory management, manufacturing, marketing, and vendor management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Accounting Information Systems (AIS)

A

Collects, records, and stores accounting information, then compiles that information using accounting rules to report both financial and nonfinancial information to decision makers in an enterprise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Transaction Processing System (TPS)

AIS Subsystem

A

converts economic events into financial transactions and distributes the information to support daily operations. A TPS typically covers three main transaction cycles: sales, conversation, expenditure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Financial Reporting System (FRS)

AIS Subsystem

A

Aggregates daily financial information fromm the TPS and other sources for infrequent events such as mergers, lawsuit settlements, or natural diasters to enable timely regulatory and financial reporting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Management Reporting System (MRS)

AIS Subsystem

A

Provides internal financial information to solve day to day business problems, such as budgeting, variance analysis, or cost volume profit analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the objectives of an AIS

A

Think assertions
1. Record valid transactions
2. Properly classify those transactions
3. Record the transactions at their correct value
4. Recorded the transactions in the correct accounting period
5. Properly present the transactions and related information in the financial statements of the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Sequence of Events of an AIS

A
  1. Transaction data from source documents is entered into the AIS by an end user. Alternatively, an order may be entered through the internet by a customer.
  2. Original source documents, if they exist are filed
  3. Transactions are recorded in the appropriate journal
  4. Transactions are posted to the general and subsidiary ledgers
  5. Trial balances are prepared
  6. Adjustments, accruals, and corrections are entered
  7. Financial reports are generated
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AIS Audit Trail

A

A well designed AIS creates an audit trail for accounting transactions. The audit trail allows a user to:
-trace a transaction from source documents to the ledger
-vouch from the ledger back to source documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Key AIS Functions of the revenue and cash collections cycle include:

A

-real time access to the inventory subsidiary ledger to check availability upon receiving a customer order
-automatically approves or denies credit based on the customers record
-concurrently records sales invoices in the database, digitally transmit inventory release orders to the warehouse, sends packing slips to the shipping department
-has a terminal for the shipping department to digitally input shipping notices upon shipment
-has terminal for the cash receipts clerk to access the cash receipt system and record remittance
-closes sales invoice, posts to the general ledger accounts, updates the customers payment record

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Key AIS functions of the purchasing and disbursement cycle

A

-reads the requested purchase to verify that it is on the approved list
-digitally prepares the purchase order and delivers the PO to the vendor
-has a terminal for the receiving department to enter the PO number and input quantities received
-has a terminal for the accounts payable clerk to enter invoices from suppliers into the system
-automatically approves payment of invoices and sets the payment date according to terms
-prints and distributes the signed checks to the mail room for mailing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Key AIS functions of the HR and Payroll cycle

A

-integrated with HRMS to enable real-time changes of employment data
-in connection with operational systems, allows employees to enter timekeeping data in real-time
-allocates labor costs to job costs, accumulated direct and indirect labor expenses at the end of a work period
-creates digital journal entries, attaches the original documents to the entries, updates ledger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Key AIS functions of the production cycle

A

-receives a work order for a production run from the production planning department
-labor and materials are added to the production run, and documents reflecting these events, such as material requisitions and labor tickets
- tracks standard production costs for labor, materials, and manufacturing overhead
-closes the WIP account when it receives the final ticket marking the production move from WIP to finished goods inventory
-prepares journal entries as changes to the WIP account are recorded and automatically updates the general ledger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Key AIS functions of the fixed asset cycle

A

-terminal for fixed asset groups to create a record of the asset subsidiary ledger that includes each asset’s useful life, salvage value, depreciation method
-automatically updates the general ledger, prepares journal entries
-automatically calculates depreciation, accumulated depreciation, and book value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Key functions of the treasury cycle

A

-source documents such as deposit slips, checks, stock market data, and interest data are used to post journal entries affecting cash balances
-The accounting department performs bank reconciliations by using bank statements to reconcile the cash account balance
-journal entries are posted for each change in cash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Keys AIS functions of the general ledger

A

-updates the general ledger as various transactions occur and journal entries are posted
-at the end of an accounting period, AIS automatically produces a trial balance showing the dr and cr balances in each account
-The accounting department posts any necessary adjusting entries such as entries for depreciation, prepaid expenses
-produces final financial statements after adjusted entries are made and the debit and credit amounts in the trial balance are equal
-automatically closes temporary accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can an organization improve the performance of its information systems?

A

By improving business processes that provide inputs to those systems. Improving consistency and reliability in processes results in better data. Better processes = fewer errors = more efficient accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Business process automation

A

term for the automation of business processes using computer programs designed to perform repetitive tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Shared services

A

refers to seeking out redundant services, combining them, and sharing those services within a group or organization. they are shared within an organization or group of affiliates and almost always involve software that is designed to process large batches of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Outsourcing

A

contracting of services to an external provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Quality Risk

A

an outsourced product or service might be defective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Quality of service

A

poorly designed service agreements may impede the quality of service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Productivity

A

Real productivity may be reduced even though service provider employees are paid less

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Staff Turnover

A

experienced and valued staff whose functions have been outsourcing may leave the organizations

24
Q

Language skills

A

Language barriers may reduce the quality of service

25
Q

Security

A

security information with a third party might be compromised

26
Q

Qualifications of Outsourcers

A

credentials may be flawed

27
Q

Labor Insecurity

A

increases when jobs move to an external service provider

28
Q

Robotic Process Automation (RPA)

A

refers to the use of programs to perform repetitive tasks that do not require skilled human labor

29
Q

Natural language processing

A

involves technology developed and used to encode and interpret human languages

30
Q

Neural Networks

A

an artificial neural network is a form of technology that is modeled after neurons that facilitate the function of human or animal memory. Input layer/hidden layer/output layer

31
Q

Processing Integrity

A

refers to a system’s ability to initiate and complete transactions so that they are valid, accurate, completed timely, and authorized to meet a company objective

32
Q

How are design control deficiencies in a SOC 2 engagement defined?

A
  1. necessary controls that are missing or
  2. existing controls that are not designed properly
33
Q

How are design deficiencies related to processing integrity identified?

A

By applying the trust services criteria. Understand the risk assessment process, evaluate the link between controls in the system description and relevant services criteria, and determine whether the appropriate controls are in place.

34
Q

Description Criteria for a Description of a Service Organization System in a SOC 2 Report

A

used to identify deficiencies by comparing organization system design documentation. A set of benchmarks

35
Q

Principle service commitment and the Principle system requirements

A

Required to be disclosed by management to support the understanding of the system and the services provided, and the design of the controls

36
Q

How are operation control deficiencies in a SOC 2 engagement defined?

A
  1. Does not operate as designed or
  2. is performed by a person who lacks authority or competence to perform the control effectively
36
Q

What is the service auditor responsible for?

A

Designing and performing the tests of controls: inquiries, reperforming controls, observation

37
Q

What are some considerations the service auditor should make?

A

Timing
Size and frequency of sampling

38
Q

Control Activities category, principle 11

A

States that there should be general controls over technology in order to achieve organizational objectives. To establish these controls, the company must understand the dependency between general controls over technology and the use of technology in business processes.

39
Q

Information and Communication category, principle 13

A

States that organizations should acquire, create, and use quality information in order to support internal controls. These include:
identifying the company’s information needs;
capturing both external and internal sources of data;
processing relevant data into useful information;
maintaining quality when processing that data

40
Q

Principle 14

A

States that effective communication of information is necessary to support internal controls. This means communicating internal information to the proper stakeholders, including the board of directors

41
Q

Blockchain

A

a control system originally designed to govern the creation and distribution of Bitcoin

42
Q

What is cryptocurrency mining mean?

A

Mining involves a person or group of people performing cryptography which is solving of complex mathematical equations. Bitcoin must be mined in order to confirm transactions

43
Q

What is the result of cryptography?

A

Blocks of a fixed number of transactions are confirmed at a time. The reward for solving (validating) the equation is both:
the receipt of bitcoin; and
the validation of a new block of transactions

44
Q

Blockchain was developed to…

A

prevent Bitcoin from being replicated; and to limit its initial creation so that there is only a finite number of Bitcoins.
Also serves as a audit trail. An auditor can use the chain to verify transactions.
Not all data needed to validate transaction is on the blockchain.

45
Q

Control Environment

A
  1. Demonstrates commitment to integrity and ethical values
  2. Exercises oversight responsibility
  3. Establishes structure, authority, and responsibility
  4. Demonstrates commitment to competence
  5. Enforces accountability
46
Q

Risk Assessment

A
  1. Specifies suitable objectives
  2. identifies and analyzes risk
  3. Assesses fraud risk
  4. Identifies and analyzes significant change
47
Q

Control Activities

A
  1. Selects and develops control activities
  2. Selects and develops general controls over tech
  3. Deploys control activities through policies
48
Q

Information and Communication

A
  1. Uses relevant, quality information
  2. Communicates internally
  3. Communicates externally
49
Q

Monitoring Activities

A
  1. Conducts ongoing and/separate evaluations
  2. Evaluates and communicated deficiencies
50
Q

When implementing COSO controls to a blockchain setting, an organization should consider the following…

A

-focus on preventative controls due to volume and speed of transactions being processes
-Increase the frequency of detective controls, also due to the volume
-develop controls that use other analytic tech like AI tools
-develop a code of conduct
-create cross disciplinary teams

51
Q

A reasonableness test…

A

will likely prompt an error message when the offset transaction total exceeds the original transaction

52
Q

Check digit tests…

A

determines whether an ID number entered is a valid entry

53
Q

A size check tests compares…

A

the transaction with predetermined threshold on a standalone basis.

54
Q

Waterfall method (changes to business processes and managing system changes)

A

Teams work linearly, allows organizations to focus on system design, testing, deployment, change review, and maintenance.

55
Q

Agile method (changes to business processes and managing system changes)

A

structures projects so that different teams work simultaneously

56
Q

What is the goal of protecting cardholder data?

PCI DSS

A

Encryption of the transmission of cardholder data across open, public networks enhances the ability to acomplish th goal