Why is data considered a valuable resource worthy of extensive protection?
> Keller Company is a small company with four people working in the revenue processes. One of the four employees supervises the other three. Some tasks that must be accomplished within the revenue processes are the following: a. Accounts receivable record
> Look at Exhibit 2‑4 and pick one accounting software product from the midmarket segment and one software product from the tier 1 ERP segment. Using those brand names of software, search the Internet for information about those products. Based on your inv
> What are the five most common reasons for increased spending on ERP systems in the early 2000s? Which of these reasons was the impetus for Viper’s ERP implementation in 2003?
> What are the advantages of purchased software when compared with software developed in house?
> During the systems analysis phase, which two data collection methods help determine user requirements?
> What is the advantage of studying the current system during the systems analysis phase?
> How does the analysis of feasibilities in the systems planning phase help to prioritize system changes?
> What is the difference between technical feasibility and operational feasibility?
> Why would IT governance include measuring the performance of IT systems?
> Near the beginning of Chapter 5, the real‐world example of Allstate’s IT expenditure is mentioned. Prior to the implementation of its IT governance committee, “whoever spoke the loudest or whoever had the biggest checkbook” got to select IT projects. Wha
> What dangers exist related to computer output such as reports?
> Why is a private cloud less risky than a public cloud?
> How can a redundant array of independent disks (RAID) help protect the data of an organization?
> Why was there so much growth in the sales of ERP systems in the late 1990s?
> Describe how sales data is captured and recorded at a restaurant such as Applebee’s.
> Describe some recent news stories you have seen or heard regarding computer viruses.
> What is two factor authentication with regard to smart cards or security tokens?
> What are the factors that limit the effectiveness of internal controls?
> Provide examples of continuous monitoring and periodic monitoring.
> Many companies have mandatory vacation and periodic job rotation policies. Discuss how these practices can be useful in strengthening internal controls.
> Due to cost/benefit considerations, many business organizations are unable to achieve complete segregation of duties. What else could they do to minimize risks?
> Name the COSO report’s five internal control activities.
> Identify the COSO report’s five interrelated components of internal controls.
> How does documenting a system through a pictorial representation offer benefits?
> What are the objectives of a system of internal control?
> What is the underlying purpose of the restrictions on CPA firms in Section 201 of the Sarbanes–Oxley Act?
> Is there a difference between ethical obligations and legal obligations with regard to online privacy?
> What are some of the ethical obligations of companies related to e-commerce?
> In what ways are XBRL financial statements advantageous compared with traditional paper financial statements?
> Why is the use of XML advantageous in Internet EDI?
> What types of controls should be used to properly limit access in intranets and extranets?
> Which type of users should have access to an extranet?
> Which type of users should have access to an intranet?
> What are the three levels of network platforms that are utilized in e-business, and which groups use each level?
> How are activities in the supply chain interdependent?
> Which functions within the supply chain can be enhanced through the use of e-business?
> There are four methods of system conversion: parallel, direct cutover, pilot, and phase‐in. Describe these four methods and how they differ.
> Why is it important to ensure an efficient flow of goods throughout the supply chain?
> Describe the concept of a supply chain.
> What is meant by “monitoring and enforcement” regarding online privacy practices?
> If you could condense the ten areas of Online Privacy in the AICPA Trust Services Principles, into a shorter list (three-, four-, or five-point list), how would you word that list?
> According to the Online Privacy section of the AICPA Trust Services Principles, what types of personal information should be protected?
> What are the differences between bricks-and mortar retailers and clicks-and-mortar retailers?
> Which types of costs can be reduced when a company decides to engage in B2C e-commerce on the Internet?
> How quickly did Internet usage by the public grow after the Internet was opened to business transactions in 1994?
> Why is a standard protocol necessary in computer networks?
> Why was ARPANET designed with many different alternative routes for network traffic?
> Describe the purpose of business process reengineering during the system analysis phase.
> What was the original purpose of the network of computers that eventually became the Internet?
> What are the first three rules of normalization? What is meant by the statement that the rules of normalization are additive?
> Which type of database model has the most flexibility for querying? How does this flexibility assist management?
> What language is used to access data from a relational database? Why is the language advantageous when accessing data?
> How is the primary key used in a relational database?
> Within a hierarchical database, what is the name for the built‐in linkages in data tables? Which data relationships can be contained in a hierarchical database?
> What four conditions are required for all types of databases?
> What is the term for the software program(s) that monitors and organizes the database and controls access and use of data? Describe how this software controls shared access.
> Differentiate between data redundancy and concurrency.
> Briefly explain a situation at your home, university, or job in which you think somebody used computers unethically. Be sure to include an explanation of why you think it was unethical.
> Which type of data storage medium is most appropriate when a single record of data must be accessed frequently and quickly?
> How does data differ from information?
> Explain the importance of full disclosure in source of capital processes.
> How do processes with large volumes of transactions make fraudulent behavior easier?
> How does time horizon affect the type of information in internal reports?
> In an IT accounting system, which IT controls ensure the security of the general ledger?
> How is a special journal different from a general journal?
> Why are internal controls less effective in capital and investment processes?
> How are IT systems potentially useful in monitoring funds flow?
> How does the specific authorization and management oversight of source of capital processes affect internal controls?
> Application controls include input, processing, and output controls. One type of input control is source document controls. Briefly explain the importance of each of the following source document controls: a. Form design b. Form authorization and contr
> How would you describe capital?
> When IT systems are used in conversion processes, what are some of the resulting advantages to the organization?
> Which three activities in the conversion process should require specific authorization before they are begun?
> Why would perpetual inventory records be preferable to periodic inventory records in a manufacturing company?
> What should be done when unfavorable variances are discovered?
> What is the purpose of determining standard costs?
> What is the purpose of the quality control department?
> What is the overall goal of the inventory control department?
> What is the purpose of an inventory status report?
> What are the conversion responsibilities of the maintenance and control, inventory control, inventory stores, and human resources departments?
> Explain the risk categories for cloud computing and how these risks may differ from a company that maintains its own IT hardware, software, and data.
> Differentiate between a routing slip and an inventory status report.
> What types of information must be taken into consideration when scheduling production?
> What are the two types of documents or reports that are likely to trigger the conversion process?
> Differentiate between the roles of the engineering and the research and development departments.
> Differentiate between a bill of materials and an operations list.
> Why are conversion activities typically considered routine data processes?
> Do conversion processes occur in manufacturing companies only? Why, or why not?
> What are the three resources that an organization must have to conduct a conversion (or transformation) process?
> How does the misclassification of fixed asset expenditures result in misstatement of financial statements?
> Why might a supervisor collude with an employee to falsify time cards?
> For each of the following parts of an IT system of a company, write a one‐sentence description of how unauthorized users could use this as an entry point: a. A local area network (LAN) b. A wireless network c. A telecommuting worker d. A company webs
> What negative things might occur if fixed asset software systems lacked appropriate access controls?
> Why is the beginning of a fiscal year the best time to implement a fixed asset software system?
> Explain why a real‐time update of fixed asset records might be preferable to batch processing of fixed asset changes.
> Why are some fixed assets susceptible to theft?
> Why is it important to conduct an investment analysis prior to the purchase of fixed assets?
> Fixed assets are purchased and retired frequently. Given this frequent change, why are clear accounting records of fixed assets necessary?
> What are the advantages of outsourcing payroll?
> What are the advantages of automated time keeping such as bar code readers, or ID badges that are swiped through a reader?
> Why do payroll processes result in sensitive information, and what is the sensitive information?
