3.99 See Answer

Question: Spring Water Spa Company is a 15-


Spring Water Spa Company is a 15-store chain in the Midwest that sells hot tubs, supplies, and accessories. Each store has a full-time, salaried manager and an assistant manager. The sales personnel are paid an hourly wage and a commission based on sales volume.
The company uses electronic cash registers to record each transaction. The salesperson enters his or her employee number at the beginning of his/her shift. For each sale, the salesperson rings up the order by scanning the item’s bar code, which then displays the item’s description, unit price, and quantity (each item must be scanned). The cash register automatically assigns a consecutive number to each transaction. The cash register prints a sales receipt that shows the total, any discounts, the sales tax, and the grand total.
The salesperson collects payment from the customer, gives the receipt to the customer, and either directs the customer to the warehouse to obtain the items purchased or makes arrangements with the shipping department for delivery. The salesperson is responsible for using the system to determine whether credit card sales are approved and for approving both credit sales and sales paid by check. Sales returns are handled in exactly the reverse manner, with the salesperson issuing a return slip when necessary.
At the end of each day, the cash registers print a sequentially ordered list of sales receipts and provide totals for cash, credit card, and check sales, as well as cash and credit card returns. The assistant manager reconciles these totals to the cash register tapes, cash in the cash register, the total of the consecutively numbered sales invoices, and the return slips. The assistant manager prepares a daily reconciled report for the store manager’s review.
Cash sales, check sales, and credit card sales are reviewed by the manager, who prepares the daily bank deposit. The manager physically makes the deposit at the bank and files the validated deposit slip. At the end of the month, the manager performs the bank reconciliation. The cash register tapes, sales invoices, return slips, and reconciled report are mailed daily to corporate headquarters to be processed with files from all the other stores. Corporate headquarters returns a weekly Sales and Commission Activity Report to each store manager for review.
Please respond to the following questions about Spring Water Spa Company’s operations:
a. The fourth component of the COSO ERM framework is risk assessment. What risk(s) does Spring Water face?
b. How might Spring Water improve its system of controls?


> With respect to the data processing cycle, explain the phrase “garbage in, garbage out.” How can you prevent this from happening?

> What is the relationship between COSO, COBIT 5, and the AICPA’s Trust Services frameworks?

> 1. Figure 5-4 shows the employees and external parties that deal with Heirloom. Explain how Heirloom could defraud the bank and how each internal and external party except the bank could defraud Heirloom. 2. What risk factor, unusual item, or abnormality

> a. Why should USAA collect data on which auto parts are fixed most frequently? What could it do with this data? b. Even though USAA offered to waive the deductible, the repair shops still managed to convince 95% of the owners to replace rather than repai

> Environmental, institutional, or individual pressures and opportune situations, which are present to some degree in all companies, motivate individuals and companies to engage in fraudulent financial reporting. Fraud prevention and detection require that

> Explain what an event is. Using the Internet as a resource, create a list of some of the many internal and external factors that COSO indicated could influence events and affect a company’s ability to implement its strategy and achieve its objectives.

> When U.S. Leasing (USL) computers began acting sluggishly, computer operators were relieved when a software troubleshooter from IBM called. When he offered to correct the problem they were having, he was given a log-on ID and password. The next morning,

> MonsterMed Inc. (MMI) is an online pharmaceutical firm. MMI has a small systems staff that designs and writes MMI’s customized software. The data center is installed in the basement of its two-story headquarters building. The data center is equipped with

> Reliability is often included in service level agreements (SLAs) when outsourcing. The toughest thing is to decide how much reliability is enough. Consider an application like e-mail. If an organization outsources its e-mail to a cloud provider, what is

> The ABC Company is considering the following options for its backup plan: 1. Daily full backups: 2. Weekly full backups on Saturdays, plus daily incremental backups: 3. Weekly full backups plus daily differential backup: All backups, whether partial or f

> Because improved computer security measures sometimes create a new set of problems—user antagonism, sluggish response time, and hampered performance—some people believe the most effective computer security is educating users about good moral conduct. Ric

> You are the president of a multinational company where an executive confessed to kiting $100,000. What is kiting and what can your company do to prevent it? How would you respond to the confession? What issues must you consider before pressing charges?

> a. Develop a context diagram and a level 0 DFD for the cash receipts system at S&S. b. Prepare a document flowchart to document the cash receipts system at S&S. c. Prepare a business process diagram for the cash receipts system at S&S

> A client heard through its hot line that John, the purchases journal clerk, periodically enters fictitious acquisitions. After John creates a fictitious purchase, he notifies Alice, the accounts payable ledger clerk, so she can enter them in her ledger.

> Design a chart of accounts for SDC. Explain how you structured the chart of accounts to meet the company’s needs and operating characteristics. Keep total account code length to a minimum, while still satisfying all of Mace’s desires.

> a. What kind of information do you think Tesco gathers? b. How do you think Tesco has motivated over 12 million customers to sign up for its Clubcard program? c. What can Tesco accomplish with the Clubcard data it collects? Think in term of strategy and

> Which control(s) would best mitigate the following threats? a. The hours worked field in a payroll transaction record contained the value 400 instead of 40. As a result, the employee received a paycheck for $6,257.24 instead of $654.32. b. The accounts r

> The management at Covington, Inc., recognizes that a well-designed internal control system provides many benefits. Among the benefits are reliable financial records that facilitate decision making and a greater probability of preventing or detecting erro

> Explain how the following items individually and collectively affect the overall level of security provided by using a password as an authentication credential. a. Length. b. Complexity requirements (Which types of characters are required to be used: nu

> The principle of confidentiality focuses on protecting an organization’s intellectual property. The flip side of the issue is ensuring that employees respect the intellectual property of other organizations. Research the topic of software piracy and writ

> Obtain a copy of Generally Accepted Privacy Principles from the AICPA’s web site (www.aicpa.org). (You will find it by following this path: Under Interest Areas choose Information Management and Technology Assurance then in the upper left portion of tha

> Some individuals argue that accountants should focus on producing financial statements and leave the design and production of managerial reports to information systems specialists. What are the advantages and disadvantages of following this advice? To wh

> Identify the computer fraud and abuse technique used in each the following actual examples of computer wrongdoing. Identify the computer fraud and abuse technique used in each the following actual examples of computer wrongdoing. a. A teenage gang known

> The Journal of Accountancy (available at www.aicpa.org) has published a series of articles that address different aspects of disaster recovery and business continuity planning: 1. Gerber, J. A., and Feldman, E. R. 2002. “Is Your Busines

> During a recent review, ABC Corporation discovered that it has a serious internal control problem. It is estimated that the impact associated with this problem is $1 million and that the likelihood is currently 5%. Two internal control procedures have be

> a. Prepare and file a tax return with the tax owed to the Internal Revenue Service. b. A customer pays an invoice with a check. Accounts receivable is updated to reflect the payment. The check is recorded and deposited into the bank. c. A customer places

> Nino Moscardi, president of Greater Providence Deposit & Trust (GPD&T), received an anonymous note in his mail stating that a bank employee was making bogus loans. Moscardi asked the bank’s internal auditors to investigate the transactions detailed in th

> What is the difference between using check digit verification and a validity check to test the accuracy of an account number entered on a transaction record?

> The following description represents the policies and procedures for agent expense reimbursements at Excel Insurance Company. Agents submit a completed expense reimbursement form to their branch manager at the end of each week. The branch manager reviews

> For each of the three basic options for replacing IT infrastructure (cold sites, hot sites, and real-time mirroring) give an example of an organization that could use that approach as part of its DRP. Be prepared to defend your answer.

> Explain how the principle of separation of duties is violated in each of the following situations. Also, suggest one or more procedures to reduce the risk and exposure highlighted in each example. a. A payroll clerk recorded a 40-hour workweek for an emp

> Create data validation rules in a spreadsheet to perform each of the following controls: a. Limit check – that values in the cell are < 70 b. Range check – that values in the cell are between 15 and 65 c. Sign check – that values in the cell are positive

> Apply the value chain concept to S&S. Explain how it would perform the various primary and support activities.

> The department of taxation in your state is developing a new computer system for processing individual and corporate income-tax returns. The new system features direct data input and inquiry capabilities. Identification of taxpayers is provided by using

> An accountant with the Atlanta Olympic Games was charged with embezzling over $60,000 to purchase a Mercedes-Benz and to invest in a certificate of deposit. Police alleged that he created fictitious invoices from two companies that had contracts with the

> PriceRight Electronics (PEI) is a small wholesale discount supplier of electronic instruments and parts. PEI’s competitive advantage is its deep-discount, three-day delivery guarantee, which allows retailers to order materials often to minimize in-store

> The Langston Recreational Company (LRC) manufactures ice skates for racing, figure skating, and hockey. The company is located in Kearns, Utah, so it can be close to the Olympic Ice Shield, where many Olympic speed skaters train. Given the precision requ

> Compare the guidelines for preparing flowcharts, BPDs, and DFDs. What general design principles and limitations are common to all 3 documentation techniques?

> A bank auditor met with the senior operations manager to discuss a customer’s complaint that an auto loan payment was not credited on time. The customer said the payment was made on May 5, its due date, at a teller’s window using a check drawn on an acco

> Your classmate asks you to explain flowcharting conventions using real-world examples. Draw each of the major flowchart symbols from memory, placing them into one of four categories: input/output, processing, storage, and flow and miscellaneous. For ea

> Practice encryption using both any encryption capabilities provided by your computer’s operating system and by using third-party encryption software. Required: a. Use your computer operating system’s built-in encryption capability to encrypt a file. b. D

> The data processing cycle in Figure 2-1 is an example of a basic process found throughout nature. Relate the basic input/process/store/output model to the functions of the human body. Data Storage Data Information Data Input Processing Output

> In recent years, Supersmurf’s external auditors have given clean opinions on its financial statements and favorable evaluations of its internal control systems. Discuss whether it is necessary for this corporation to take any further action to comply wit

> Download a hash calculator that can create hashes for both files and text input. Use it to create SHA-256 (or any other hash algorithm your instructor assigns) hashes for the following: a. A document that contains this text: “Congratulations! You earned

> The chart of accounts must be tailored to an organization’s specific needs. Discuss how the chart of accounts for the following organizations would differ from the one presented for S&S in Table 2-4.

> Match the following terms with their definitions: Тегр Definition 1. Vulnerability a. Code that corrects a flaw in a program. 2. Exploit b. Verification of claimed identity. 3. Authentication c. The firewall technique that filters traffic by examini

> The ABC Company runs two shifts, from 8:00 AM to Midnight. Backups and system maintenance are performed between midnight and 8:00 AM. For each of the following scenarios, determine whether the company’s current backup procedures enable it to meet its rec

> Lancaster Company makes electrical parts for contractors and home improvement retail stores. After their annual audit, Lancaster’s auditors commented on the following items regarding internal controls over equipment: 1. The operations department that ne

> Figure 1-4 shows that developments in IT affect both an organization’s strategy and the design of its AIS. How can a company determine whether it is spending too much, too little, or just enough on IT?

> Discuss the following statement by Roswell Steffen, a convicted embezzler: “For every foolproof system, there is a method for beating it.” Do you believe a completely secure computer system is possible? Explain. If internal controls are less than 100% ef

> You are an audit supervisor assigned to a new client, Go-Go Corporation, which is listed on the New York Stock Exchange. You visited Go-Go’s corporate headquarters to become acquainted with key personnel and to conduct a preliminary review of the company

> Tralor Corporation manufactures and sells several different lines of small electric components. Its internal audit department completed an audit of its expenditure processes. Part of the audit involved a review of the internal accounting controls for pay

> Two ways to create processing integrity controls in Excel spreadsheets are to use the built-in Data Validation tool or to write custom code with IF statements. What are the relative advantages and disadvantages of these two approaches?

> The Howard Leasing Company is a privately held, medium-sized business that purchases school busses and leases them to school districts, churches, charitable organizations, and other businesses. To better serve its customers and, more important, to protec

> One function of the AIS is to provide adequate controls to ensure the safety of organizational assets, including data. However, many people view control procedures as “red tape.” They also believe that, instead of producing tangible benefits, business

> The value of information is the difference between the benefits realized from using that information and the costs of producing it. Would you, or any organization, ever produce information if its expected costs exceeded its benefits? If so, provide some

> What are some business processes for which an organization might use batch processing?

> Use the numbers 10–19 to show why transposition errors are always divisible by 9.

> a. Prepare a context diagram and at least two levels of DFDs for this process. b. Prepare a flowchart to document this process. 

> What do you think an organization’s duty or responsibility should be to protect the privacy of its customers’ personal information? Why?

> Cost-effective controls to provide confidentiality require valuing the information that is to be protected. This involves classifying information into discrete categories. Propose a minimal classification scheme that could be used by any business, and pr

> Match the terms with their definitions: 15. Asymmetric encryption O. An encryption process that uses a pair of matched keys, one public and the other private. Either key can encrypt something, but only the other key in that pair can decrypt it. 16.

> 1. How does Miller fit the profile of the average fraud perpetrator? 2. Explain the three elements of the opportunity triangle (commit, conceal, convert) and discuss how Miller accomplished each when embezzling funds from Associated Communications. What

> Match the internet related computer fraud and abuse technique in the left column with the scenario in the right column. Terms may be used once, more than once, or not at all.

> What motives do people have for hacking? Why has hacking become so popular in recent years? Do you regard it as a crime? Explain your position.

> You were hired to assist Ashton Fleming in designing an accounting system for S&S. Ashton has developed a list of the journals, ledgers, reports, and documents that he thinks S&S needs (see Table 2-6). He asks you to complete the following tasks: a. Spec

> Assume you have interviewed for a job online and now receive an offer of employment. The job requires you to move across the country. The company sends you a digital signature along with the contract. How does this provide you with enough assurance to tr

> Can the characteristics of useful information listed in Table 1-1 be met simultaneously? Or does achieving one mean sacrificing another?

> For each of the following scenarios identify which data processing method (batch or online, real-time) would be the most appropriate. a. Make an airline reservation b. Register for a university course c. Prepare biweekly payroll checks d. Process an orde

> You were asked to investigate extremely high, unexplained merchandise shortages at a department store chain. Classify each of the five situations as a fraudulent act, an indicator of fraud, or an event unrelated to the investigation. Justify your answers

> Draw a context diagram and at least two levels of DFDs for the preceding operations. 

> Figure 1-4 shows that organizational culture and the design of an AIS influence one another. What does this imply about the degree to which an innovative system developed by one company can be transferred to another company?

> Enter the tables in Table 4-15 into a relational DBMS package. Write queries to answer the following questions. Note: For some questions, you may have to create two queries—one to calculate a total and the second to answer the question asked. a. Which c

> Compare and contrast the following three frameworks: COBIT, COSO Integrated Control, and ERM.

> Retrieve the S&S In-Chapter Database (in Microsoft Access format) from the text’s website (or create the tables in Table 4-5 in a relational DBMS product). Write queries to answer the following questions. Note: For some questions, you may have to create

> Create a spreadsheet to compare current monthly mortgage payments versus the new monthly payments if the loan were refinanced, as shown (you will need to enter formulas into the two cells with solid borders like a box: D9 and D14) a. Restrict access to t

> From the database created in the comprehensive problem, perform queries based on the tables and query grid shown in Table 4-19. a. Which borrowers use Advent Appraisers? b. What is the average amount borrowed from National Mortgage? c. List all of the pr

> Create relational tables that solve the update, insert, and delete anomalies in Table 4-18.

> Create relational tables that solve the update, insert, and delete anomalies in Table 4-17.

> You want to extend the schema shown in Table 4-16 to include information about customer payments. Some customers make installment payments on each invoice. Others write a check to pay for several different invoices. You want to store the following inform

> As in all areas of IT, DBMSs are constantly changing and improving. Research how businesses are using DBMSs, and write a report of your findings. Address the following issues: 1. Which popular DBMS products are based on the relational data model? 2. Whic

> The relational data model represents data as being stored in tables. Spreadsheets are another tool that accountants use to employ a tabular representation of data. What are some similarities and differences in the way these tools use tables? How might an

> Contrast the logical and the physical views of data and discuss why separate views are necessary in database applications. Describe which perspective is most useful for each of the following employees: a programmer, a manager, and an internal auditor. Ho

> Compare and contrast the file-oriented approach and the database approach. Explain the main advantages of database systems.

> Some restaurants use customer checks with prenumbered sequence codes. Each food server uses these checks to write up customer orders. Food servers are told not to destroy any customer checks; if a mistake is made, they are to void that check and write

> An audit trail enables a person to trace a source document to its ultimate effect on the financial statements or work back from amounts in the financial statements to source documents. Describe in detail the audit trail for the following: a. The audit tr

> What is a data dictionary, what does it contain, and how is it used?

> Accountants often need to print financial statements with the words “CONFIDENTIAL” or “DRAFT” appearing in light type in the background. a. Create a watermark with the word “CONFIDENTIAL” in a Word document. Print out a document that displays that water

> Why is it so important to have good data?

> Relational DBMS query languages provide easy access to information about the organization’s activities. Does this mean that online, real-time processing should be used for all transactions? Does an organization need real-time financial reports? Why or wh

> Some people believe database technology may eliminate the need for double-entry accounting. This creates three possibilities: (1) the double-entry model will be abandoned; (2) the double-entry model will not be used directly, but an external-level sche

> a. Prepare a context diagram and level 0 DFD to document the payroll processing system at No-Wear Products. b. Prepare a document flowchart to document the payroll processing system at No-Wear Products.

> Prepare a BPD that documents Beccan’s business processes.

> At Angic Insurance Company begins processing casualty claims when the claims department receives a notice of loss from a claimant. The claims department prepares and sends the claimant four copies of a proof-of-loss form on which the claimant must detail

> a. Prepare a system flowchart of the process described. b. Prepare a business process diagram for the process described.

> When you go to a movie theater, you buy a prenumbered ticket from the cashier. This ticket is handed to another person at the entrance to the movie. What kinds of irregularities is the theater trying to prevent? What controls is it using to prevent th

> The CISO of the ABC Company is considering how to increase the strength of employee passwords. Currently, passwords must be eight characters, they must be case-sensitive, and they must contain at least two numbers. a. Calculate the size of the search sp

> The following discussion took place between Tony Cork, the office manager of Hallmark Data Company, and a new accountant, Cassie Miles: Cassie: I’ve been thinking about our method of recording entries. It seems inefficient. Tony: In what way? Cassie: Wel

> Outdoor Leadership School is a newly organized business that teaches people how to inspire and influence others. The list of accounts to be opened in the general ledger is as follows: Accounts Payable Accounts Receivable Cash Equipment Fees Earned Lorri

> Bozeman College requires students to pay tuition each term before classes begin. Students who have not paid their tuition are not allowed to enroll or to attend classes. What journal entry do you think Bozeman College would use to record the receipt of t

3.99

See Answer