2.99 See Answer

Question: How is a DBMS different from a


How is a DBMS different from a database?


> Explain how and where the control goals for effectiveness of operations would be shown in the control goal columns of a control matrix prepared for the OE/S process. At a minimum, include the following topics from Chapter 7 in your discussion: a. Differe

> On October 2, 2002, a clerk at Bear Stearns had erroneously entered an order to sell nearly $4 billion worth of securities. The trader had sent an order to sell $4 million worth. Only $622 million of the order was executed, and the remainder of the order

> Referring to Appendix 9A, discuss fully the following statement: “Protecting the private key is a critical element in public key cryptography

> One control that is applicable for almost any system is “enter data close to the originating source.” A customer entering a purchase into a sales system (such as at Amazon.com) is an excellent example of this control. Describe the details of why this pro

> Describe situations in your daily activities, working or not, where you have experienced or employed controls in this chapter.

> The mere fact that event data appear on a prenumbered document is no proof of the validity of the event. Someone intent on defrauding a system by introducing a fictitious event probably would be clever enough to get access to the prenumbered documents or

> In evaluating business process controls and application controls, some auditors differentiate between the point in the system at which the control is “established” and the later point at which that control is “exercised.” Speculate about the meaning of t

> Describe the similarities and differences between limit checks and reasonable checks. Give examples where each may be appropriate.

> Explain why input controls are so important. Discuss fully.

> Examine Figure 1.9. Discuss how vertical information flows may be important to the executive director of an organization that is a public charity. FIGURE 1.9 Management Problem Structure and Infomation Requirements INFORMATION REQUIREMENTS Less In

> If a business process is implemented with OLRT processing, we do not need to worry about update completeness and update accuracy.” Do you agree? Discuss fully.

> Technology Summary 9.1 seems to indicate that the business process and application control plans in this chapter cannot be relied on.” Do you agree? Discuss fully.

> Discuss why the control matrix is custom-tailored for each business process.

> Preventing the unauthorized disclosure and loss of data has become almost impossible. Employees and others can use iPods, flash drives, cameras, and PDAs, such as iPhones, to download data and remove it from an organization’s premises.” Do you agree? Des

> Contracting for a hot site is too cost-prohibitive except in the rarest of circumstances. Therefore, the vast majority of companies should think in terms of providing for a cold site at most.” Discuss fully.

> Debate the following point: “Business continuity planning is really an IT issue.”

> A key control concern described in Table 8.2 regarding the systems development manager is that “systems development can develop and implement systems without management approval.” Discuss a control described in this chapter that reduces the risk that una

> Monitoring must be performed by an independent function such as a CPA.” Do you agree? Discuss fully.

> If personnel hiring is done correctly, the other personnel control plans are not needed.” Do you agree? Discuss fully.

> No matter how sophisticated a system of internal control is, its success ultimately requires that you place your trust in certain key personnel.” Do you agree? Discuss fully.

> Examine Figure 1.9. Discuss the importance of horizontal information flows and vertical information flows to the daily operations of a manufacturing entity. FIGURE 1.9 Management Problem Structure and Infomation Requirements INFORMATION REQUIREMEN

> In small companies with few employees, it is virtually impossible to implement the segregation of duties control plan.” Do you agree? Discuss fully.

> For each of these control plans, suggest a monitoring activity: a. Credit approval b. Removal of terminated employee access to computer system c. New employee background check

> Your boss was heard to say, “If we implemented every control plan discussed in this chapter, we’d never get any work done around here.” Do you agree? Discuss fully.

> The Enterprise Risk Management (ERM) framework introduced in Chapter 7 can be used by management to make decisions on which controls in this chapter should be implemented.” Do you agree? Discuss fully.

> What, if anything, is wrong with the following control hierarchy? Discuss fully. Highest level of control Pervasive control plans The control environment Application controls Business process control plans Lowest level of control IT general contr

> How does this text’s definition of internal control differ from COSO? How does it differ from the controls that are subject to review under Section 404 of SOX?

> Section 404 of SOX has not been a good idea. It has been too costly and it has not had its intended effect.” Do you agree? Discuss fully

> If input data are entered into the system completely and accurately, then the information system control goals of ensuring update completeness and ensuring update accuracy will be automatically achieved.” Do you agree? Discuss fully.

> Discuss how the efficiency and effectiveness of a mass-transit system in a large city can be measured.

> Provide five examples of potential conflict between the control goals of ensuring effectiveness of operations and of ensuring efficient employment of resources.

> Do you think your accounting education is preparing you effectively to practice accounting? Why or why not? Discuss, from both a short-term (i.e., immediately on graduation) and a long-term (i.e., 5 to 10 years after beginning your career) standpoint.

> If it weren’t for the potential of computer crime, the emphasis on controlling computer systems would decline significantly in importance.” Do you agree? Discuss fully.

> Enterprise Risk Management is a process for organizational governance.” Discuss why this might be correct and why it might not.

> Recently, the U.S. federal government and the American Institute of Certified Public Accountants (AICPA) have taken aggressive steps aimed at ensuring the quality of organizational governance. What are these changes, how might they change organizational

> Although SQL is the de facto standard database language, there are many variations of the language. Using the Internet (or other sources), answer the following questions. What is a de facto standard? Provide examples (other than SQL) of such standards. H

> Although today’s enterprise systems incorporate many of the REA concepts, many organizations continue to use legacy systems. Why do you believe this is true? (Although the obvious answer is in the chapter, you may want to look to other sources to support

> Refer to Figure 6.12. Figure 6.12: To implement a many-to-many (M:N) relationship between two relations, the figure demonstrates creating a new relation with a composite key made up of the primary keys (Client_No and Employee_No) of the relations to

> Several steps are required when designing a database. List and describe the main steps of this process.

> How can primary keys and the linking of tables in a relational database affect controls?

> Discuss how you determine the placement of primary keys in relational tables to link the tables to each other.

> What is a model? How is modeling a database or information system useful and important from a business or accounting perspective?

> Why must you have knowledge of a system’s objectives to study that system?

> What is the relationship between business intelligence (BI) and enterprise systems, especially ERP systems?

> The centralized database approach to data management is a good alternative to using enterprise systems such as ERP and CRM.” Do you agree? Discuss fully.

> What are the different logical database models (or structures)?

> What problems are solved by transforming a set of relational tables from second normal form (2NF) to third normal form (3NF)?

> What is three-tier architecture? What are some of its advantages over two-tier architecture?

> What are the differences between a logical view and a physical view of a database? Which would be more important for accountants who are involved in the design of a database that will store business event information?

> What is data independence? Why is it important in a comparison of application and database approaches to storing data?

> How has the technological availability and implementation of DBMSs benefited decision makers in organizations?

> What are the comparative advantages of the various data coding types discussed in Technology Summary 5.2 when applied to each of the following? Discuss fully.

> Why might you have more trouble assessing the success of a not-for-profit organization or federal government entitlement program than you would have judging the success of a business organization?

> Demonstrate your understanding of some of the coding schemes discussed in Technology Summary 5.2 by indicating which type of code is represented by each of the following. You should be prepared to explain and defend your answers.

> Why have object-oriented databases not replaced relational databases in business information system applications?

> What are the basic components of a database management system (DBMS)? Discuss the relationship between the components of DBMS and the functional model of information systems discussed in Chapter 1.

> Because there are computer-based documentation products that can draw data flow diagrams and systems flowcharts, learning to draw them manually is a waste of time.” Do you agree? Discuss fully.

> PCAOB Audit Standard No. 5 (AS5) paragraph 37 and Statement on Auditing Standard Section 319 (AU 319) paragraph 75 suggest that management, business process owners, and auditors prepare and analyze systems documentation to understand the flow of transact

> If we document a system with a system flowchart and data flow diagrams, we have over documented the system.” Discuss fully.

> Why has the Internet enabled an explosion in e-business when EDI has been available for decades?

> Discuss the benefits of SOAs to the growth of e-business.

> How does Internet EDI differ from traditional EDI in process? In result?

> Why is it important to have standards, such as X12 and EDIFACT, when conducting EDI transactions and other forms of e-business? Is there a downside to using standards?

> Examine Figure 1.1. Based on your college education to date, with which elements are you comfortable? With which are you least comfortable? Discuss your answers. FIGURE 1.1 Elements in the Study of Accounting Information Systems Technology Account

> What are some of the advantages and disadvantages of conducting business on the Internet? Be prepared to explain your answer.

> How does (or could) your university bookstore use technology to improve customer interactions with students, faculty, and staff

> Consider your favorite fast food chain restaurant. How do you think this restaurant might use OLTE to improve its business event data-processing activities? Explain.

> Consider a business where you shop. Could it operate without automated information systems? Why or why not?

> Some potential e-business customers have security concerns regarding online purchases. How do Internet security certifications attempt to address these concerns?

> One of Amazon.com’s marketing strengths is the capability to collect and analyze customer purchase data. How does this add value to the company? From the customer’s perspective, is value added?

> The business environment is increasingly demanding the use of OLRT systems for more up-to-date information. Identify one business process and the environment in which it would be used as an example of why immediate mode processing is so critical. Be prep

> Describe the primary and supporting activities involved in an organization’s value chain. Explain the importance of having an effective value chain.

> In what circumstances would a company choose a best-of-breed approach over a traditional ERP system?

> Why might a firm decide to implement only certain modules in an ERP system rather than a complete implementation?

> Examine Figure 1.1. Based on any work experience you have had, with which elements are you least comfortable? With which are you most comfortable? Discuss your answers. FIGURE 1.1 Elements in the Study of Accounting Information Systems Technology

> The following is a list of six control plans from this chapter, and these are followed by a list of five definitions or descriptions of control plans. Match the five definitions or descriptions with a control plan that best matches the definition. Becaus

> Fraud is sometimes discovered when looking at one piece of information within the context of overall data. For example, sales entered into the system after a store closes. Describe how using an Enterprise System might be preferable to a nonintegrated sys

> Provide an example of a business event. Explain how an enterprise system can provide the ability to share information and make the execution of the event efficient. Also, describe the various aspects of the business event that a company might want to cap

> Consider the inventory of a retailer. Describe how the qualities of information presented in this chapter, can help enable the efficiency and effectiveness of the organization?

> Match the items in the following two lists by matching the letter (or letters) of the information quality (qualities) that best describes the information quality violation presented in the second column. Some letters may not be used at all and some may b

> There are many opportunities for fraud within the OE/S process. One of these opportunities is the use of the system to fraudulently ship goods to an employee, posing as a customer. Describe the controls that can be implemented to reduce the likelihood th

> The following is a list of six control plans from this chapter or from Chapter 9. These are followed by a list of six statements describing either a control goal or a system deficiency. Match the five control goals or system deficiencies with a control p

> Assume that a computerized credit-checking procedure operates as follows: As orders are entered into the computer by a CSR, the computer calculates the total of the customer order and adds to this the customer’s outstanding balance from the accounts rece

> Describe a situation in which information would be shared between two of the “silos” in Figure 2.2. What data would be shared? Why would the data be shared? FIGURE 2.2 Value Chain and Value System a Organisstion

> Using the following table as a guide, describe for each function from Figure 10.1: Figure 10.1: a. A risk (an event or action that will cause the organization to fail to meet its goals/objectives) b. A control/process or use of technology that will ad

> The chapter presented a brief example of how the OE/S process might or might not support the decision-making needs of marketing managers. For each of the functional positions shown in the organization chart of Figure 10.2 (pg. 361), Figure 10.2: Spec

> Among the three functional entities (marketing, finance, and logistics) shown in Figure 10.1 (pg. 359), Figure 10.1: What goal conflicts could exist, and how might this affect the results of the OE/S process? FIGURE 101 A Haraontal Perspecive of

> Figure 9.10: Lists 10 control plans from this chapter and three control goals for the information process. Fill in the table cells, as appropriate, to indicate which control plans can accomplish which control goals. Number your entries, and describe th

> Figure 9.9 (p. 346) depicts the transmission of an electronic message incorporating public key cryptography, encryption, and digital signatures. Answer the following questions related to that figure: 1. Can anyone read the message? Why? 2. Can Sally be s

> Using Figure 8.9, Figure 8.9: Select one COBIT process in each COBIT domain and find a specific control plan from the chapter that you believe would be categorized in the process. You will have five answers. For example: A requirements walkthrough wo

> Search the Internet or an organization to which you have access (e.g., university, your employer) to find a company policy related to employees (e.g., hiring policy) or IT (e.g. password policy). Summarize the policy and explain how the policy enhances p

> Research the Internet, newspapers, magazines, and journals to find a recent fraud case involving IT and pervasive controls failure. Develop a report (format and length to be determined by your instructor) briefly describing the case, what pervasive contr

> 1. Using a key of 2 and an algorithm of adding and subtracting from alternating letters starting with addition, encrypt the word “accounting.” 2. Using a key of 3 and an algorithm of adding and subtracting from alternating letters starting with subtracti

> The following is a list of six control plans from this chapter, followed by a list of five situations that have control implications. Match each of the five situations with the control plan that would best prevent the system failure from occurring. Becau

> Consider a business process that you have experienced at work, as a customer, or as a student. Examples might include any process in a work setting, such as payroll and purchasing, or any process with which you have interacted, such as ordering from a We

> The following is a list of six control plans from this chapter, followed by a list of five situations that have control implications. Match each of the five situations with a control plan that would best prevent the system failure from occurring. Because

> Match the concept in List 1 with the definition or description in List 2. There is only one correct or best answer for each match. Therefore, you should have three letters left over from List 1. List 1—Terms A. Pervasive control plan B. Preventive contro

> Match the concept in List 1 with the definition or description in List 2. There is only one correct or best answer for each match. Therefore, you should have three letters left over from List 1. List 1—Terms A. Input accuracy B. Input validity C. Pervasi

> Provide a comparison of the internal control frameworks of COSO’s ERM and SAS No. 78/COSO 2013 Internal Control – Integrated Framework. Discuss (in a manner prescribed by your professor) the implications to independent auditors of the differences.

> Examine the REA model for Hera Industrial Supply that appears in Figure 6.18. Figure 6.18: For each of the six entities in the model, list the attributes that a database designer should include in each table. Identify primary key attributes with (PK

2.99

See Answer