AIS FINAL EXAM1. Which of the following is not a problem usually associated with the flat-file approach to data management?a. Data storageb. Restricting access to data to the primary userc. Currency of informationd. Data redundancy.
AIS: FINAL EXAM
1. Which of the following is not a problem usually associated with the flat-file approach to data management?
a. Data storage
b. Restricting access to data to the primary user
c. Currency of information
d. Data redundancy
2. Which statement about data warehousing is not correct?
a. Data cleansing is a process of transforming data into standard form
b. The data warehouse should be separate from the operational system
c. Drill-down is a data mining tool available to users of OLAP
d. Normalization is a requirement of databases included in a data warehouse
3. Auditors of ERP systems:
a. Focus on output controls such as independent verification to reconcile batch totals
b. Need not be concerned about segregation of duties because these systems possess strong computer controls
c. Are concerned that managers fail to exercise adequate care in assigning permissions
d. Need not review access levels granted to users because these are determined when the system is configured and never changes
e. Do not view the data warehouse as an audit or control issue at all because financial records are not stored there
4. Systems development is separated from data processing activities because failure to do so:
a. Results in master files being inadvertently erased
b. Weakens database access security
c. Allows programmers access to make unauthorized changes to applications during execution
d. Results in inadequate documentation
5. Which one of the following results corresponds to the query below:
6. Which of the following events would be least likely to be modeled in the resource entity agent diagram?
a. Shipping goods to customers
b. Orders from customers
c. Accounts Payable
e. All these events will be modeled
7. Which of the following is NOT a requirement in management reports on the effectiveness of internal controls over financial reporting?
a. An explicit written conclusion as to the effectiveness of internal controls over financial reporting
b. A statement that the organization’s internal auditor have issued in attestation report on management’s assessment of company internal controls
c. A statement of management responsibility for establishing and maintaining adequate internal control user satisfaction
d. A statement identifying the framework used by management to conduct their assessment of internal controls
8. During the sales order entry process a _________ is performed to verify that each transaction record contains all required data items.
a. Size check
b. Completeness test
c. Reasonableness test
d. Redundant data check
9. Data currency is preserved in a centralized database by:
a. Using a lockout procedure
b. Partitioning the database
c. Implementing concurrency controls
d. Replicating the database
10. For most companies, which of the following is the least critical application for disaster recovery purposes?
a. Month-end adjustments
b. Accounts payable
c. Accounts receivable
d. Order entry/billing
11. Which of the following transactions is represented by the diagram below?
a. Businesses that allow customers to carry a balance and make installment payments
b. Cash and carry customer retail sales
c. Consumer retail sales paid in installments to the seller
d. Business to business sales of nondurable goods
12. One way an auditor gauges how much audit work and testing needs to be performed is through evaluating materiality and seeking reasonable assurance about the information or process. Which of the following is critical for determining materiality in an audit?
a. Determine if material errors exist in the information or process
b. Test records, account balances, and procedures on a sample basis
c. Determine what is and is not important given a set of circumstances is primarily a matter of judgment
d. None of the above
13. Scuz Bootes has been doing custom choppers, piercings, and tattoos for over 30 years. His home and place of business is a garage in the harbor district of Seattle, Washington. He has meticulous records of every job he has ever done, carefully hand-written with the customer name and address, a description of the job, and an attached picture of the bike or body part before and after customization. His unique style has recently attracted the attention of national media after several celebrities sought him out and showcased his work. Business is booming. Consequently, Scuz has hired you to construct an accounting information system, beginning with the historical records. As you read through the records, you notice that some describe multiple services. For example, Sheila Yasgur (notation: won lottery) got a custom chopper, multiple tattoos, and piercings in undisclosed locations (no pictures). You realize that, in these cases, a single written record will have to be translated into multiple sales records. This is an example of what type of problem in the existing records?
a. Referential integrity
b. Insert anomaly
c. Entity integrity
d. Update anomaly
14. In a well-designed and normalized database, which of the following attributes would be a foreign key in a cash receipts table?
a. Cash receipt date
b. Remittance advice number
c. Customer check number
d. Customer number
15. Every organization should have a disaster recovery plan so that data processing capacity can be restored as smoothly and quickly as possible. Which item below would not typically be part of an adequate disaster recovery plan?
a. Uninterruptable power systems installed for key system components
b. Scheduled electronic vaulting of files
c. Backup computer and telecommunication facilities
d. System upgrade due to operating system software changes
16. Which of the following statements is true about the development of an REA model?
a. REA diagrams model individual transactions and data collections.
b. Events that pertain to the entry of data are included in the REA model
c. The objective is to model basic value-chain activities
d. Information retrieval events are modeled as events in the REA model
17. Which of the following tables would most likely have a composite key?
a. Receiving items from a supplier
b. Sending a purchase order to a supplier
c. Showing the details of items in a purchase order
d. Paying a supplier
18. The purpose of a systems audit is to:
a. Examine whether resources have been used in an economical and efficient manner in keeping with organizational goals and objectives
b. Review and evaluate the internal controls that protect the system
c. Determine the inherent risk factors found in the system
d. Examine the reliability and integrity of accounting records
19. Segregation of duties in the computer-based information system includes:
a. Separating the inventory process from the billing process
b. Performing independent verifications by the computer operator
c. Preventing management overrides
d. Separating the programmer from the computer operator
20. Which of the following transactions is represented by the diagram below?
a. A single purchase of inventory is paid for with multiple payments
b. Some inventory purchases are paid for with multiple payments and some payments may apply to multiple purchases
c. Inventory vendors send a monthly bill for merchandise delivered. The seller does not accept or allow installment payments.
d. Vendors send a bill for each inventory item purchased which is payable on receipt
21. Which of the following events would be least likely to be modeled in a REA diagram?
a. Posting accounts payable
b. Receiving cash
c. Sales to a customer
d. Customer inquiries
22. Which of the following is most likely to improve detection of a computer fraud?
a. Increase the penalty for committing fraud by prosecuting fraud perpetrators more vigorously
b. Develop a strong system of internal controls
c. Create an audit trail so that individual transactions can be traced through the system to the financial statements and financial statement data can be traced back to individual transactions
d. Store backup copies of program and data files in a secure, off-site location
23. Which of the following is considered an unintentional threat to the integrity of the operating system?
a. A hardware flaw that causes the system to crash
b. The systems programmer accessing individual user files
c. A virus that formats the hard drive
d. A hacker gaining access to the system because of a security flaw
24. All of the following tests of controls will provide evidence that adequate computer virus control techniques are in place and functioning except:
a. Reviewing system maintenance records
b. Confirming that antivirus software is in use
c. Examining the password policy including a review of the authority table
d. Verifying that only authorized software is used on company computers
25. All of the following tests of controls will provide evidence about the physical security of the computer center except:
a. Review of fire marshal records
b. Observation of procedures surrounding visitor access to the computer center
c. Verification of the second site backup location
d. Review of the test of the backup power supply
26. Including appropriate application controls such as validity and field checks promotes:
a. Accuracy of data entry
b. Evidence of authorization
c. Assurance that all transactions are recorded
d. Efficient recording of transactions
27. When planning the audit, information is gathered by all of the following methods except:
a. Completing questionnaires
b. Interviewing management
c. Observing activities
d. Confirming accounts receivable
28. Which of the following is not a risk associated with Enterprise Resource Planning (ERP) system implementation?
a. A drop in firm performance after implementation because the firm looks and works differently than it did while using a legacy system
b. The selected system does not adequately meet the adopting firm’s economic growth
c. ERP’s are too large, complex, and generic for them to be well integrated into most company cultures
d. Implementing firms fail to select systems that properly support their business activities
e. Implementing companies have found that staff members, employed by ERP consulting firms, do not have sufficient experience in implementing new systems
29. An audit should be planned so that the greatest amount of audit work focuses on the areas with the highest risk factors. Regarding risk factors, control risk is defined as:
a. The risk that a material misstatement will get through the internal control structure and into the financial statements
b. The risk that auditors will not be given the appropriate documents and records by management who wants to control audit activities and procedures
c. The risk that auditors and their audit procedures will not detect a material error or misstatement
d. The susceptibility to material risk in the absence of controls
30. A relational database system contains the following inventory data: part number, description, quantity on hand, and reorder point. These individual items are called:
31. In an electronic data interchange environment, the audit trail:
a. Is a computer resource authority table
b. Is a printout of all incoming and outgoing transactions
c. Consists of pointers and indexes within the database
d. Is an electronic log of all transactions received, translated, and processed by the system
32. A hacker intercepted and stole about 10,000 credit card numbers from a company’s customer file while it was being transmitted via the company’s website. Which of the following control procedures might best mitigate this problem?
a. Access control matrix
b. Database processing integrity controls
c. Encrypt the sensitive information prior to transmission
d. Reconciliation procedures
33. Which of the following is not an implication of section 302 of the Sarbanes Oxley Act?
a. Corporate management (including the CEO) must certify monthly and annually their organization’s internal controls over financial reporting
b. Auditors must interview management regarding significant changes in the design or operation of internal control that occurred since the last audit
c. Management must disclose any material changes in the company’s internal controls that have occurred during the most recent fiscal quarter
d. Auditors must determine, whether changes in internal control has, or is likely to, materially effect internal control over financial reporting
AIS FINAL EXAM1. Which of the following is not a problem usually associated with the flat-file approach to data management?a. Data storageb. Restricting access to data to the primary userc. Currency of informationd. Data redundancy