Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

D217 - Accounting Systems > Unit 6 Test > Flashcards

Unit 6 Test Flashcards

1
Q

An organization’s internal controls have been deemed effective by management and external audits for the last five years. A proposal is made to upgrade the enterprise resource planning (ERP) system at a significant cost. The proposal mentions slightly increased IT controls to better detect errors.
Which modifying assumption would keep management from implementing the upgrade?

Management responsibility
Reasonable assurance
System limitations
Methods of data processing
A

Reasonable assurance

The correct answer is “Reasonable assurance.” The reasonable assurance modifying assumption states that the four objectives of internal control are met in a cost-effective manner. The upgrade is expensive, and the benefits will be limited. Since the current system is effective, the management team may decide to reject the upgrade due to cost-effectiveness.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which component of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework is being considered when an auditor is comparing a company’s organization chart to the prior year’s chart to identify new personnel who are responsible for internal controls?

Control activities
Control environment
Risk assessment
Monitoring
A

Risk assessment

The correct answer is “Risk assessment.” Risk assessment’s purpose is to identify, analyze, and manage risks related to financial reporting. New personnel create risk because they may not fully understand or be aware of an organization’s internal controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is one of the four areas that ethical issues in business can be divided into?

Risk minimization
Honesty
Proportionality
Computer ethics
A

Honesty

The correct answer is “Honesty.” Ethical issues in business can be divided into the areas of equity, rights, honesty, and exercise of corporate power. These areas can be used to assess any ethical situation, whether it is a computer-based issue or not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A disgruntled employee places a logic bomb to erase an organization’s supplier list.
Which type of fraud does this scenario reflect?

Program fraud
Operations fraud
Scavenging fraud
Database management fraud
A

Database management fraud

The correct answer is “Database management fraud.” Database management fraud involves altering, deleting, corrupting, destroying, or stealing an organization’s data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which access point is the most common for committing computer fraud?

Information dissemination
Data collection
Information generation
Data processing
A

Data collection

The correct answer is “Data collection.” The data collection stage is the most common access point for perpetrating computer fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

According to the Public Company Accounting Oversight Board (PCAOB) Standard No. 5, auditors need to understand transaction flows, including the controls pertaining to how transactions are initiated, authorized, recorded, and reported.
Which accounts are affected by this requirement?

All financial accounts of an organization
All financial accounts with material implications for financial reporting
All financial accounts with implications for financial reporting
All financial and nonfinancial accounts of an organization
A

All financial accounts with material implications for financial reporting

The correct answer is “All financial accounts with material implications for financial reporting.” The auditors are interested in the financial accounts that can materially affect the accuracy of the financial statements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Management is required to provide external auditors with documented evidence of functioning controls related to selected material accounts in a report on control effectiveness.
How is this evidence obtained?

The IT department documents this evidence.
The internal audit department documents this evidence.
The documented evidence is provided by the information system.
The documented evidence is provided by the information system vendor.
A

The internal audit department documents this evidence.

The correct answer is “The internal audit department documents this evidence.” The internal audit department of the organization would perform and document the necessary tests.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a common form of contra-security behavior?

Changing passwords
Complex passwords
Challenge-response syndrome
Post-it syndrome
A

Post-it syndrome

The correct answer is “Post-it syndrome.” The post-it syndrome, in which passwords are written down and displayed for others to see, is a contra-security behavior.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are two general forms of risk related to the technology of network communications?

Data corruption and degraded computer performance
Subversive threats and equipment failures
Abuse of authority and application errors
Internal and external individuals who exploit security flaws
A

Subversive threats and equipment failures

The correct answer is “Subversive threats and equipment failures.” The technology of network communications is subject to two general forms of risk: subversive threats and equipment failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What represents an equipment failure risk in a communication system?

A denial-of-service attack
A loss of databases stored on network servers
A computer hacker gaining unauthorized access
A computer criminal intercepting a message
A

A loss of databases stored on network servers

The correct answer is “A loss of databases stored on network servers.” Equipment failures can result in the loss of databases and programs stored on network servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which information technology (IT) test category verifies that credit checks and accounts payable (AP) three-way matches are performed by an application?

Accuracy test
Completeness test
Validity test
Redundancy test
A

Validity test

The correct answer is “Validity test.” A validity test verifies that credit checks and AP three-way matches are properly performed by the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which characteristic applies to black box testing?

It is used for inputs and outputs that are easily reconciled.
It requires the use of generalized audit software.
It is used on complex applications.
It requires test files for execution.
A

It is used for inputs and outputs that are easily reconciled.

The correct answer is “It is used for inputs and outputs that are easily reconciled.” Black box testing is feasible for applications that are relatively simple with inputs and outputs that are easily reconciled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Why is an accumulator routine used in a banking application?

To explain differences in reporting
To address rounding errors
To collect account balances
To catch overpayments
A

To address rounding errors

The correct answer is “To address rounding errors.” An accumulator routine is a special technique used to keep track of the rounding differences between calculated and reported balances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which scenario accurately represents the general approach used to test application controls for a batch processing application?

Auditor-created data are submitted in a transaction file.
Accountant-created data are submitted from their workstations.
Auditor-created data are submitted via a dummy terminal.
Accountant-created data are submitted in a data upload.
A

Auditor-created data are submitted in a transaction file.

The correct answer is “Auditor-created data are submitted in a transaction file.” Auditor-created data are submitted in a transaction file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which component of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework is being considered when an auditor is reviewing a walk-through and process narrative of an established process and decides to gain an understanding of the process by tracing a single transaction from the source documents through the accounting information system to the financial statements?

Risk assessment
Control environment
Information and communication
Monitoring
A

Information and communication

The correct answer is “Information and communication.” By gaining an understanding of the process and following a transaction through the system an auditor can assess how the system processes information (transaction processing) and communicates the results (reporting). Testing a single transaction would not qualify as testing of the control environment , ensuring monitoring or showing how management assesses risk. It would help in gaining an understanding of what information is in the system and how it is reported.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which internal control is primarily supported by a manager’s review of a checklist after a task has been completed?

  • Measure compliance with an organization’s prescribed policies and procedures
  • Ensure the accuracy and reliability of accounting records and information
  • Confirm management is safeguarding an organization’s assets
  • Promote efficiency in a firm’s operations
A

Measure compliance with an organization’s prescribed policies and procedures

17
Q

What is a limitation of the preventive-detective-corrective (PDC) control model?

Is conceptually incomplete
Lacks management accountability
Does not address risk
Lacks practical guidance
A

Lacks practical guidance

The correct answer is “Lacks practical guidance.” Conceptually, the PDC framework addresses all necessary areas regarding preventing, detecting, and correcting errors, but it fails to give specific examples of controls to implement.

18
Q

According to the Sarbanes-Oxley Act (SOX), what is management’s responsibility regarding controls designed to prevent and detect fraud that could lead to financial statements being materially misstated?

Management is responsible for reviewing controls.
Management is responsible for implementing controls.
Management is responsible for testing controls.
Management is responsible for attesting to the quality of controls.
A

Management is responsible for implementing controls.

The correct answer is “Management is responsible for implementing controls.” Management is responsible for implementing the controls designed to prevent and detect fraud that could lead to financial statements being materially misstated.

19
Q

After completing the annual audit for a publicly traded company, an external auditor issues a qualified opinion about the effectiveness of internal controls.
What is the implication of this finding?

  • The auditor issued an unqualified opinion on the fairness of the financial statements.
  • The auditor issued a qualified opinion on the fairness of the financial statements.
  • The auditor identified no material weaknesses in internal controls.
  • The auditor identified at least one material weakness in internal controls.
A

The auditor identified at least one material weakness in internal controls.

The correct answer is “The auditor identified at least one material weakness in internal controls.” The standard for the audit opinion on internal controls is high. The auditor cannot issue an unqualified opinion if one material weakness in internal control is detected.

20
Q

What is the role of management regarding the effectiveness of internal controls over financial reporting, according to the Sarbanes-Oxley Act (SOX)?

Review their effectiveness
Test their effectiveness
Attest their effectiveness
Assess their effectiveness
A

Assess their effectiveness

The correct answer is “Assess their effectiveness.” SOX mandates that management must assess the effectiveness of the organization’s internal controls over financial reporting.

21
Q

Why should the systems development function be separated into two independent groups: new systems development and systems maintenance?

To improve systems documentation
To increase operational feasibility
To improve user satisfaction
To increase cost savings
A

To improve systems documentation

The correct answer is “To improve systems documentation.” The segregation of duties between the new systems development team and the systems maintenance team leads to improved systems documentation. The maintenance group needs to have adequate documentation to perform their maintenance duties.

22
Q

Which trait is associated with an antiviral program?

-The program is a safeguard for mainframes, networks, and personal computers.
-The program works on mutations and modified changes.
-The program must be started by executing an application.
-The program tests specifically selected files uploaded to a host.

A

The program is a safeguard for mainframes, networks, and personal computers.

The correct answer is “The program is a safeguard for mainframes, networks, and personal computers.” Antiviral programs are used to safeguard mainframes, networks, and personal computers.

23
Q

What is an example of a password standard?

Discretionary access privilege
Privileged personnel access
Expiration interval
Access token
A

Expiration interval

The correct answer is “Expiration interval.” Password expiration interval is an example of a password standard.

24
Q

Which control objective ensures that no module should be allowed to destroy or corrupt another module?

The operating system must protect users from each other.
The operating system must be protected from itself.
The operating system must be protected from the environment.
The operating system must protect itself from other users.
A

The operating system must be protected from itself.

The correct answer is “The operating system must be protected from itself.” The operating system is made up of modules. For the operating system to be protected from itself, no module should be allowed to destroy or corrupt another module.

25
Q

Which test is used to determine that an application creates an adequate audit trail?

Verifying authority tables
Recalculating control totals
Reviewing record counts
Recording all transactions
A

Recording all transactions

The correct answer is “Recording all transactions.” Audit trail tests include obtaining evidence that the application records all transactions.

26
Q

Why does a simulated application reprocess transactions that a production application previously processed?

For reconciliation purposes
To ensure processing
To remove errors
For backup purposes
A

For reconciliation purposes

The correct answer is “For reconciliation purposes.” The results obtained from the simulation are reconciled with the results of the original production run to determine if application processes and controls are functioning correctly.

27
Q

Who reconciles simulation output with production data?

Auditor
Information technology (IT) specialist
Management
Accountant
A

Auditor

The correct answer is “Auditor.” The auditor reconciles simulation output with production data.

28
Q

What is used in a test of credit approvals?

Purchase order
Sales amount
Quantity ordered
Expected price
A

Sales amount

D217 - Accounting Systems (20 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions