2.99 See Answer

Question: What can a company do to protect


What can a company do to protect itself from business interruptions due to power outages?


> How does time horizon affect the type of information in internal reports?

> In an IT accounting system, which IT controls ensure the security of the general ledger?

> How is a special journal different from a general journal?

> Why are internal controls less effective in capital and investment processes?

> How are IT systems potentially useful in monitoring funds flow?

> How does the specific authorization and management oversight of source of capital processes affect internal controls?

> Application controls include input, processing, and output controls. One type of input control is source document controls. Briefly explain the importance of each of the following source document controls: a. Form design b. Form authorization and contr

> How would you describe capital?

> When IT systems are used in conversion processes, what are some of the resulting advantages to the organization?

> Which three activities in the conversion process should require specific authorization before they are begun?

> Why would perpetual inventory records be preferable to periodic inventory records in a manufacturing company?

> What should be done when unfavorable variances are discovered?

> What is the purpose of determining standard costs?

> What is the purpose of the quality control department?

> What is the overall goal of the inventory control department?

> What is the purpose of an inventory status report?

> What are the conversion responsibilities of the maintenance and control, inventory control, inventory stores, and human resources departments?

> Explain the risk categories for cloud computing and how these risks may differ from a company that maintains its own IT hardware, software, and data.

> Differentiate between a routing slip and an inventory status report.

> What types of information must be taken into consideration when scheduling production?

> What are the two types of documents or reports that are likely to trigger the conversion process?

> Differentiate between the roles of the engineering and the research and development departments.

> Differentiate between a bill of materials and an operations list.

> Why are conversion activities typically considered routine data processes?

> Do conversion processes occur in manufacturing companies only? Why, or why not?

> What are the three resources that an organization must have to conduct a conversion (or transformation) process?

> How does the misclassification of fixed asset expenditures result in misstatement of financial statements?

> Why might a supervisor collude with an employee to falsify time cards?

> For each of the following parts of an IT system of a company, write a one‐sentence description of how unauthorized users could use this as an entry point: a. A local area network (LAN) b. A wireless network c. A telecommuting worker d. A company webs

> What negative things might occur if fixed asset software systems lacked appropriate access controls?

> Why is the beginning of a fiscal year the best time to implement a fixed asset software system?

> Explain why a real‐time update of fixed asset records might be preferable to batch processing of fixed asset changes.

> Why are some fixed assets susceptible to theft?

> Why is it important to conduct an investment analysis prior to the purchase of fixed assets?

> Fixed assets are purchased and retired frequently. Given this frequent change, why are clear accounting records of fixed assets necessary?

> What are the advantages of outsourcing payroll?

> What are the advantages of automated time keeping such as bar code readers, or ID badges that are swiped through a reader?

> Why do payroll processes result in sensitive information, and what is the sensitive information?

> Why is it important to use an independent paymaster to distribute paychecks?

> For each AICPA Trust Services Principles category shown, list a potential risk and a corresponding control that would lessen the risk. An example is provided. EXAMPLE Security: Risk: A hacker could alter data. Control: Use a firewall to limit unauthori

> What is the purpose of supervisory review of employee time cards?

> Explain the reasons for an organization having a separate bank account established for payroll.

> Why is it important that the human resources department maintain records authorizing the various deductions from an employee’s paycheck?

> Even though payroll and fixed asset processes may not be as routine as revenue processes, why are they just as important?

> What techniques can a company use to reveal problems concerning potential exposure to unauthorized access to its systems?

> Identify three ways that buyers and sellers may be linked electronically.

> Identify each category of risk that can be reduced by using authority tables, computer logs, passwords, and firewalls.

> What is typically the most time‐consuming aspect of the expenditures process?

> What paper document is eliminated when ERS is used?

> Each of the given situations is independent of the other. For each, list the programmed input validation check that would prevent or detect the error. a. The ZIP code field was left blank on an input screen requesting a mailing address. b. A state abbr

> How is an audit trail maintained in an IT system where no paper documents are generated?

> Explain how system availability problems could cause cash management problems.

> List three examples of BPR used in the expenditures processes.

> What are the advantages of BPR?

> What accounting records are used by accounts payable personnel to keep track of amounts owed to each vendor?

> Why should accountants periodically review the sequence of checks issued?

> During the process of reconciling the bank account, why is it necessary to review the dates, payees, and signatures on the canceled checks?

> Why would some checks need to include two signatures?

> Which department is responsible for making sure that payments are made in time to take advantage of vendor discounts?

> Under what circumstances would it be necessary to manually update accounts payable prior to the receipt of a vendor’s invoice?

> Discuss the accuracy of the following statements regarding internal control: • The more computerized applications exist within a company’s accounting system, the lower the risk will be that fraud or errors will occur. • The more involved top management

> Briefly describe the five components of an accounting information system.

> How does the maintenance of a receiving log enhance internal controls?

> Name the first document that should be prepared when a production employee recognizes that the quantity of goods on hand is insufficient to meet customer demand.

> Describe a popular fraud scheme where company employees misuse the sales revenues cutoff.

> List some advantages of a POS system.

> What is the purpose of maintaining transaction logs? Why are they especially important in IT systems?

> List the advantages of an EDI system.

> How could it be possible for two companies to conduct EDI if they are not directly connected with each other?

> What are the three important characteristics of the EDI definition?

> Why is a redundant server system needed in an e‐commerce environment?

> List the advantages of e‐commerce systems.

> Identify the steps involved in risk assessment. Do you think it would be effective for an organization to hire external consultants to develop its risk assessment plan? Why, or why not?

> Distinguish between B2B sales and B2C sales. Other than those presented in this chapter, name a company from your personal experience that uses B2C sales.

> How are sales invoices used (in a manual system) in the preparation of credit memos?

> What is the purpose of a credit memorandum?

> How can auditors evaluate internal controls when their clients use IT outsourcing?

> Think about a place you have worked where computers were present. What are some physical and environmental controls that you have observed in the workplace? Provide at least two examples of each from your personal experience.

> Identify four important aspects of administrative control in an IT environment.

> During which phase of an audit would an auditor consider risk assessment and materiality?

> List the techniques used for gathering evidence.

> Which professional standard‐setting organization provides guidance on the conduct of an IT audit?

> Explain how the presence of IT processes can improve the quality of information that management uses for decision making.

> Think of a job you have held, and consider whether the control environment was risky or conservative. Describe which you chose and why.

> Describe the three causes of information risk.

> Identify the three areas of an auditor’s work that are significantly impacted by the presence of IT accounting systems.

> Which type of audit is most likely to be performed by government auditors? Which type of audit is most likely to be performed by internal auditors?

> What are assurance services? What value do assurance services provide?

> Which tier one company introduced the first ERP system that was “pure Internet,” requiring no programming code to reside on the client computer?

> Differentiate between Oracle’s back office and front office modules.

> Which company is today’s top seller of ERP systems in the United States?

> How did the tragic events of September 11, 2001, affect the market for ERP systems?

> How do ERP II systems allow businesses to improve efficiencies with respect to sharing information with trading partners?

> Why is real‐time processing essential in an ERP system?

> Describe why the control environment is regarded as the foundation of a business’s system of internal control.

> Describe how ERP systems enhance efficiency in a business organization.

> What ethical obligations do employees have as IT systems are revised?

> How does the SDLC serve as an internal control?

> Why is post implementation review undertaken?

> Why is user acceptance important?

2.99

See Answer