Procurement cards are designed to improve the efficiency of small noninventory purchases. What controls should be placed on their use? Why?
> You are a systems consultant for Ernst, Price, and Deloitte, CPAs. At your country club’s annual golf tournament, Frank Fender, an automobile dealer, describes a proposal from Turnkey Systems and asks for your opinion. The system will handle inventories,
> In a Midwest city of 45,000, a computer was purchased and in-house programmers began developing programs. Four years later, only one incomplete and poorly functioning application had been developed, none of software met users’ minimum requirements, and t
> What is the accountant’s role in the computer acquisition process? Should the accountant play an active role, or should all the work be left to computer experts? In what aspects of computer acquisition might an accountant provide a useful contribution?
> Ajax Manufacturing installed a new bar code based inventory tracking system in its warehouse. To close the books each month on a timely basis, the six people who work in the warehouse must scan each item in a 36-hour period while still performing their n
> A manufacturing firm needed a specialized software program to identify and monitor cost overruns. After an extensive analysis, the company purchased prepackaged software and assigned three programmers to modify it to meet its individual circumstances and
> For years, Jerry Jingle’s dairy production facilities led the state in sales volume but recent declines worry him. Customers are satisfied with his products but are troubled by the dairy’s late deliveries and incomplete orders. Production employees (not
> Give some examples of systems analysis decisions that involve a trade-off between each of the following pairs of objectives: a. economy and usefulness b. economy and reliability c. economy and customer service d. simplicity and usefulness e. simplicity
> The chapter briefly discussed the following three common attacks against applications a. Buffer overflows b. SQL injection c. Cross-site scripting Required Research each of these three attacks and write a report that explains in detail how each atta
> The following problem situations occurred in a manufacturing firm. What questions should you ask to understand the problem? Customer complaints about product quality have increased. Accounting sees an increase in the number and dollar value of bad debt
> For each of the following, discuss which data-gathering method(s) are most appropriate and why: a. Examining the adequacy of internal controls in the purchase requisition procedure b. Identifying the controller’s information needs c. Determining how c
> While reviewing a list of benefits from a computer vendor‟s proposal, you note an item that reads, “Improvements in management decision making—$50,000 per year.” How would you interpret this item? What influence should it have on the economic feasibility
> You are a consultant advising a firm on the design and implementation of a new system. Management has decided to let several employees go after the system is implemented. Some have many years of company service. How would you advise management to communi
> The approach to long-range AIS planning described in this chapter is important for large organizations with extensive investments in computer facilities. Should small organizations with far fewer information systems employees attempt to implement plann
> How would you modify the expenditure cycle REA diagram in Figure 19-4 to include the return of defective products to suppliers for credit?
> How are the similarities and differences between the purchase of services, such as telephone service, and the purchase of raw materials reflected in an REA data model?
> How would you model the acquisition of a digital asset, such as the purchase of software online (the software is downloaded and then installed on the purchaser’s computer)?
> Why is depreciation not represented as an event in the REA data model?
> How could an automobile dealer model the use of loaner cars, which it gives to customers for free whenever they drop off a vehicle for maintenance that will take longer than one day to complete?
> Apply the following data to evaluate the time-based model of security for the XYZ Company. Does the XYZ Company satisfy the requirements of the time-based model of security? Why? Estimated time for attacker to successfully penetrate system = 25 minute
> Often it takes several sales calls to obtain the first order from a new customer. Why then does Figure 19-1 depict the relationship between the Call on Customer and Take Customer Order events as being 1:1?
> Why do the Inventory, Customers, and Suppliers tables all have an attribute that contains data about the balance at the beginning of the current fiscal period?
> Why does Figure 18-4 show only one cash disbursement entity if Fred’s Train Shop uses a general operating checking account for purchases of inventory, supplies, and operating expenses such as rent but also uses a separate checking account for payroll?
> How would you determine the amount of cash that Fred’s Train Shop has at any point in time?
> Assume that there exists a 1:1 relationship between the Receive Inventory and Disburse Cash events. How does the manner in which the relationship between the two events is implemented (i.e., in which table a foreign key is placed) affect the process used
> Building separate tables for every relationship (1:1, 1:N, and M:N) does not violate any of the rules for building a well-structured database. Why then do you think that REA data modelers recommend building separate tables only for M:N relationships and
> Why take the time to develop separate REA diagrams for each business cycle if the ultimate objective is to combine them into one integrated enterprise-wide data model? Why not just focus on the integrated model from the start?
> How would the process of generating a cash disbursements journal from the REA data model presented differ from the process for creating a sales journal?
> What is the difference between an Entity-Relationship (E-R) diagram and an REA diagram?
> What are the five stages of the database design process? In which stages should accountants participate? Why?
> Install and run the latest version of the Microsoft Baseline Security Analyzer on your home computer or laptop. Write a report explaining the weaknesses identified by the tool and how to best correct them. Attach a copy of the MBSA output to your report.
> How would accounts payable be reflected in an REA diagram? Why?
> What is the relationship between the things that would be represented as resources in an REA diagram and the different categories of assets found on an organization’s balance sheet? (Hint: Are there any assets that would not be modeled as resources? Are
> Which parts of Figure 17-6 would accurately depict almost every organization’s revenue cycle? Which parts would change?
> How can REA diagrams help an auditor understand a client’s business processes?
> The basic REA template includes links between two events and links between events and resources and between events and agents. Why do you think the basic REA template does not include direct links between (a) two resources, (b) two agents, or (c) betw
> Why is it not necessary to model activities such as entering information about customers or suppliers, mailing invoices to customers, and recording invoices received from suppliers as events in an REA diagram?
> This chapter discussed how the HR department should have responsibility for updating the HRM/payroll database for hiring, firing, and promotions. What other kinds of changes may need to be made? What controls should be implemented to ensure the accuracy
> One of the threats associated with having employees telecommute is that they may use company-provided resources (e.g., laptop, printer, etc.) for a side business. What are some other threats? What controls can mitigate the risk of these threats?
> You are responsible for implementing a new employee performance measurement system that will provide factory supervisors with detailed information about each of their employees on a weekly basis. In conversation with some of these supervisors, you are su
> Some accountants have advocated that a company’s human assets be measured and included directly in the financial statements. For example, the costs of hiring and training an employee would be recorded as an asset that is amortized over the employee’s exp
> Consider the following two situations: For the situations presented, describe the recommendations the internal auditors should make to prevent the following problems. Situation 1: Many employees of a firm that manufactures small tools pocket some of th
> This chapter noted many of the benefits that can arise by integrating the HRM and payroll databases. Nevertheless, many companies maintain separate payroll and HRM information systems. Why do you think this is so? (Hint: Think about the differences in e
> Some companies have switched from a “management by exception” philosophy to a “continuous improvement” viewpoint. The change is subtle, but significant. Continuous improvement focuses on comparing actual performance to the ideal (i.e., perfection). Conse
> Typically, McDonald’s produces menu items in advance of customer orders based on anticipated demand. In contrast, Burger King produces menu items only in response to customer orders. Which system (MRP-II or lean manufacturing) does each company use? What
> Why should accountants participate in product design? What insights about costs can accountants contribute that differ from the perspectives of purchasing managers and engineers?
> When activity-based cost reports indicate that excess capacity exists, management should either find alternative revenue-enhancing uses for that capacity or eliminate it through downsizing. What factors influence management’s decision? What are the lik
> Should companies allow purchasing agents to start their own businesses that produce goods the company frequently purchases? Why? Would you change your answer if the purchasing agent’s company was rated by an independent service, like Consumer Reports, as
> Should every company switch from the traditional 3-way matching process (purchase orders, receiving reports, and supplier invoices) to the 2-way match (purchase orders and receiving reports) used in Evaluate Receipt Settlement (ERS)? Why (not)?
> In what ways can you apply the control procedures discussed in this chapter to paying personal debts (e.g., credit card bills)?
> Companies such as Wal-Mart have moved beyond JIT to VMI systems. Discuss the potential advantages and disadvantages of this arrangement. What special controls, if any, should be developed to monitor VMI systems?
> Lexsteel, a manufacturer of steel furniture, has facilities throughout the United States. Problems with the accounts payable system have prompted Lexsteel’s external auditor to recommend a detailed study to determine the company’s exposure to fraud and t
> In this chapter and in Chapter 12 the controller of AOE played a major role in evaluating and recommending ways to use IT to improve efficiency and effectiveness. Should the company’s chief information officer make these decisions instead? Should the co
> The use of some form of electronic “cash” that would provide the same kind of anonymity for e-commerce that cash provides for traditional physical business transactions has been discussed for a long time. What are the advantages and disadvantages of elec
> Invoiceless pricing has been adopted by some large businesses for B2B transactions. What are the barriers, if any, to its use in B2C commerce?
> Table 12-1 suggests that restricting physical access to inventory is one way to reduce the threat of theft. How can information technology help accomplish that objective?
> Many companies use accounts receivable aging schedules to project future cash inflows and bad-debt expense. Review the information typically presented in such a report (see Figure 12-8). Which specific metrics can be calculated from those data that might
> Some products, like music and software, can be digitized. How does this affect each of the four main activities in the revenue cycle?
> Customer relationship management systems hold great promise, but their usefulness is determined by the amount of personal data customers are willing to divulge. To what extent do you think concerns about privacy-related issues affect the use of CRM syste
> Compare and contrast the frameworks for auditing program development/acquisition and for auditing program modification.
> Explain the four steps of the risk-based audit approach, and discuss how they apply to the overall security of a company.
> Lou Goble, an internal auditor for a large manufacturing enterprise, received an anonymous note from an assembly-line operator who has worked at the company’s West Coast factory for the past 15 years. The note indicated that there are some fictitious emp
> AICPA adapted a. Prepare a schedule showing how much the cashier embezzled. b. Describe how the cashier attempted to hide the theft.
> The assistant finance director for the city of Tustin, California, was fired after city officials discovered that she had used her access to city computers to cancel her daughter’s $300 water bill. An investigation revealed that she had embezzled a large
> At present, no Berwick employees have auditing experience. To staff its new internal audit function, Berwick could (a) train some of its computer specialists in auditing, (b) hire experienced auditors and train them to understand Berwick’s information
> Should internal auditors be members of systems development teams that design and implement an AIS? Why or why not?
> Auditing an AIS effectively requires that an auditor have some knowledge of computers and their accounting applications. However, it may not be feasible for every auditor to be a computer expert. Discuss the extent to which auditors should possess comput
> Should organizations permit personal use of e-mail systems by employees during working hours?
> What risks, if any, does offshore outsourcing of various information systems functions pose to satisfying the principles of confidentiality and privacy?
> What is the relationship between COSO, COBIT, and the AICPA’s Trust Services frameworks?
> Explain what an event is. Using the Internet as a resource, create a list of some of the many internal and external factors that COSO indicated could influence events and affect a company’s ability to implement its strategy and achieve its objectives.
> Some restaurants use customer checks with prenumbered sequence codes. Each food server uses these checks to write up customer orders. Food servers are told not to destroy any customer checks; if a mistake is made, they are to void that check and write a
> When you go to a movie theater, you buy a prenumbered ticket from the cashier. This ticket is handed to another person at the entrance to the movie. What kinds of irregularities is the theater trying to prevent? What controls is it using to prevent these
> For each of the following independent cases of employee fraud, recommend how to prevent similar problems in the future. a. Due to abnormal inventory shrinkage in the audiovisual department at a retail chain store, internal auditors conducted an in-depth
> Answer the following questions about the audit of Springer’s Lumber & Supply a. What deficiencies existed in the internal environment at Springer’s? b. Do you agree with the decision to settle with the Springers rather than to prosecute them for fraud
> Contrast the logical and the physical view of data and discuss why separate views are necessary in database applications. Describe which perspective is most useful for each of the following employees: a programmer, a manager, and an internal auditor. Ho
> Your classmate asks you to explain flowcharting conventions using real-world examples. Draw each of the major flowchart symbols from memory, placing them into one of four categories: input/output, processing, storage, and flow and miscellaneous. For each
> Information technology enables organizations to easily collect large amounts of information about employees. Discuss the following issues: a. To what extent should management monitor employees’ e-mail? b. To what extent should management monitor which
> Compare the guidelines for preparing flowcharts and DFDs. What general design principles and limitations are common to both documentation techniques?
> You were asked to investigate extremely high, unexplained merchandise shortages at a department store chain. Classify each of the five situations as a fraudulent act, an indicator of fraud, or an event unrelated to the investigation. Justify your answers
> a. List the procedures or the internal documents that are labeled letters c to r in the flowchart of Bottom Manufacturing Corporation’s charge sales system. Organize your answer as follows (Note that the explanations of the letters a and b in the flowcha
> You recognize weaknesses in the existing system and believe a document flowchart would be beneficial in evaluating this client’s internal control in preparing for your examination of the financial statements. a. Complete the flowchart given in Figure 3-
> Retrieve the S&S In-Chapter Database (in Microsoft Access format) from the text’s Web site (or create the tables in Table 4-5 in a relational DBMS product). Write queries to answer the following questions. Note: For some questions, you may have to create
> Ashton wants to store the following data about S&S’s purchases of inventory: item number …………………………………. date of purchase vendor number ……………………………… vendor address vendor name …………………………………
> Citizen’s Gas Company (CGC) provides natural gas service to 200,000 customers. The customer base is divided into the following three revenue classes: Residential customer gas usage is highly correlated with the weather. Commercial customer usage is parti
> Most DBMS packages contain data definition, data manipulation, and data query languages. For each of the following, indicate which language would be used and why. a. database administrator defines the logical structure of the database b. The controller
> Match the following terms with their definitions TERM DEFINITION a. data processing 1. Contains summary-level data for every asset, liability, equity, revenue, and expense account b. source documents 2. Items are numbered consecutively to
> Which of the following actions update a master file and which would be stored as a record in a transaction file? a. Update customer address change b. Update unit pricing information c. Record daily sales d. Record payroll checks e. Change employee p
> Your nursery sells various types and sizes of trees, bedding plants, vegetable plants, and shrubs. It also sells fertilizer and potting soil. Design a coding scheme for your nursery.
> Classify each of the following items as belonging in the revenue, expenditure, human resources/payroll, production, or financing cycle. a. Purchase raw materials b. Pay off mortgage on factory c. Hire a new assistant controller d. Establish a $10,000
> Have you ever imagined having one electronic device that does everything you would ever need? Mobile phone makers in Japan have gone beyond the imagining phase. Cell phones in Japan are becoming more versatile than ever. Newer models of cell phones conta
> The chart of accounts must be tailored to an organization’s specific needs. Discuss how the chart of accounts for the following organizations would differ from the one presented for S&S in Table 2-2.
> A new program at Jones and Carter Corporation (JCC) was supposed to track customer calls. Unfortunately, the program took 20 minutes to load on a PC, and it crashed frequently. The project did not have a traditional reporting structure, and it appeared t
> MetLife, an insurance company, spent $11 billion to acquire Travelers Life and Annuity from Citicorp in one of the largest insurance company acquisitions of all time. The Metlife CIO estimated it would take three years to integrate the two systems. Becau
> Audio Visual Corporation (AVC) manufactures and sells visual display equipment. Headquartered in Boston, it has seven sales offices with nearby warehouses that carry its inventory of new equipment and replacement parts. AVC has a departmentalized manufac
> A credit union is developing a new AIS. The internal auditors suggest planning the systems development process in accordance with the SDLC concept. The following nine items are identified as major systems development activities that will have to be compl
> Ryon Pulsipher, manager of Columbia’s property accounting division, has had difficulty responding to the following departmental requests for information about fixed assets. 1. The controller has requested individual fixed assets schedules to support the
> Mickie Louderman is the new assistant controller of Pickens Publishers. She was the controller of a company in a similar industry, where she was in charge of accounting and had considerable influence over computer center operations. Pickens wants to reva
> Wang Lab’s tremendous growth left the company with a serious problem. Customers would often wait months for Wang to fill orders and process invoices. Repeated attempts by Wang’s understaffed IS department to solve these problems met with failure. Finally
> You were hired to manage the accounting and control functions at the Glass Jewelry Company. During your introductory meeting, the president asked you to design and implement a new AIS within six months. Company sales for the past year were $10 million, a
> Norcom, a division of a large manufacturer, needed a new distribution and customer service system. The project was estimated to take 18 months and cost $5 million. The project team consisted of 20 business and IT staff members. After two years, the CIO