ACC 340 Final Exam
ACC/340 Final Exam
ACC 340 Final Examination
1. The essential steps in performing a systems study are (in order of occurrence):
a) Analysis, design, implementation and initial operation, follow‑up
b) Design, planning, follow‑up, analysis, and implementation
c) Planning, system specification, analysis, production, implementation
d) Planning, analysis, design, implementation, and follow‑up
2. Which of the following is intended to solve the problem that financial data used in one application is not easily transferable to other applications?
a) XMP
b) ERP
c) XBRL
d) XMLP
3. Information systems auditors are:
a) Auditors who are concerned with analyzing risks associated with computerized information systems
b) Individuals who often work closely with financial auditors
c) Auditors who have a lot of technical expertise related to information technology
d) all of the above
4. Which of the following is not an ability of client/server computing?
a) Alter data stored elsewhere on the network
b) Process a transaction that may affect data stored on both client and server computers
c) Query or manipulate the warehoused data on the server
d) Increased networking capabilities between different file formats on multiple systems
5. Software that enables businesses and government agencies to transmit and manipulate financial data on an organization-wide basis best describes:
a. Communication software
b. CAD software
c. Enterprise resource planning (ERP) software
d. Programming software
6. All of the following are programming languages except:
a. Java
b. HTML
c. C++
d. COBOL
e. ERP
7. Data flow diagrams:
a) Accomplish the same purpose as system flowcharts
b) Are different from system flowcharts since they focus on a logical view of the information system
c) Are useless for planning a new system
d) Are never used in analyzing an existing system
8. All of the following are controls for end-user computing except:
a) Formally evaluate large projects
b) Formalize documentation standards
c) Limit the number of employees authorized to create end-user applications
d) all of the above are important controls
9. The textbook identified seven reasons why documentation of an AIS is important. For which of the following reasons would the user guides, procedure manuals and operating instructions be most important?
a) Depicting how the system works
b) Training users
c) Designing new systems
d) Standardizing communications with others
10. Business organizations are recognizing the value of sales data and are purchasing software solutions to gather, maintain, and use these data to provide better service and promote customer loyalty. These software solutions are called:
a) Customer relations data solutions
b) Customer relationship management solutions
c) Sales data management solutions
d) none of the above
11. Which of the following statements best describes business process outsourcing?
a) A company focuses on its core business processes and contracts with another firm to do the other processes
b) Companies frequently outsource core business processes
c) Due to networked enterprises and advanced technology, more employees may work from their homes or alternate locations
d) Initially, companies engaged in business process outsourcing to offer employees more opportunities to travel and more career choices for advancement
12. Networked enterprises and globalization have enabled a new business model called “business-without-boundaries.” Which of the following statements describes this business model?
a) Companies no longer have all of their employees in one location
b) It is called offshoring and companies contract with firms in other countries to do such business processes as human resources, payroll, and accounting
c) Companies are under a great deal of scrutiny to manage costs and generate revenue so they contract with foreign firms to do various business processes at a lower cost to the company
d) all of the above statements describe this model
13. Which of the following is not a concern of the financing process?
a) Effective cash management
b) Optimizing an organization’s cost of capital
c) Minimizing an organization’s borrowings
d) Projecting cash flows
14. Business process reengineering efforts sometimes fail because:
a. Management gets too involved in the process
b. Management is too optimistic regarding its expectations from its implementation
c. Management support can never overcome employee resistance
d. Employees will never accept change
15. Which of the following technologies are now used in conjunction with automated production process systems to increase efficiencies?
a) Radio frequency technology
b) Bar code scanners
c) RF IDs and advanced electronic tags
d) all of the above
e) none of the above
16. According to the chapter, which of these statements is most accurate?
a) Most computer abuse is performed as retaliation against employers
b) Very little computer crime is committed for personal gain
c) Some computer abuse is performed simply to meet a challenge
d) We catch most computer abusers with good accounting controls
17.Which of the following is probably the primary reason accountants should be concerned about computer crime and abuse?
a) They might lose their job if they don’t detect computer crime or abuse in their organization
b) They might lose their professional credibility and license if computer crime or abuse continues for a long time in their organization and they do not detect it
c) They are responsible for designing, implementing, and monitoring the control procedures for AISs
d) none of the above
18.One of the major crimes identified by the Computer Fraud and Abuse Act of 1986 is intent to illegally obtain information or tangible property through the use of computers. Which of the following methods might accomplish this type of crime if the perpetrator can change data before, during, or after they are entered into a computer system?
a) Salami technique
b) Data diddling
c) Shoulder surfing
d) Trojan horse program
19.Regarding a company’s audit trail, which of the following statements is true?
a) Because of the complexities involved in establishing an audit trail, a good audit trail normally makes it more difficult for an individual to follow the flow of a company’s business transactions through the company’s information system
b) In actuality, the audit trail established within a company’s information system is an unimportant element of the company’s internal control system
c) When a company’s audit trail becomes more difficult to follow, this causes an increase in the risk of errors or irregularities taking place in the processing of accounting transactions and not being detected
d) A company’s policies and procedures manual should not be part of its audit trail since confidential information is included within this manual
20.Which of the following statements is true regarding timely performance reports?
a. In many companies, these reports are the major means of providing information to management concerning the actual operations of the companies’ internal control systems
b. These reports should only include monetary data
c. Since these reports fail to provide feedback to management on the operations of previously implemented internal control procedures, other techniques are needed to provide this feedback to managers
d. The complexity that a computer introduces into a company’s information system will typically prevent the preparation of timely performance reports for the company’s management
21. _________________ describes the policies, plans, and procedures implemented by a firm to protect its assets.
a) Internal control
b) SAS No. 94
c) SOX, Section 404
d) Enterprise risk management
- General controls within IT environments that affect personnel include:
a) Use of computer accounts
b) Separation of duties
c) Informal knowledge of employees
d) all of the above affect personnel
23. Which of the following best describes a fundamental control weakness often associated with automated data processing systems?
a. Automated data processing equipment is more subject to systems error than manual processing is subject to human error
b. Automated data processing equipment processes and records similar transactions in a similar manner
c. Automated data processing procedures for detection of invalid and unusual transactions are less effective than manual control procedures
d. Functions that would normally be separated in a manual system are combined in an automated data processing system
24. The textbook identifies a number of issues that should be considered when developing a security policy. One of the issues is “identify threats”. Which of the following is not an example of this issue?
a) What assets need to be protected
b) What are the sources of potential security problems
c) External threats are viruses, worms, retaliations from former employees
d) Internal threats are misuse of assets by employees and embezzlement
25 Which of these is not a phase in the life cycle of an information system?
a) Planning
b) Analysis
c) Control
d) Implementation
26. A poorly-planned information system can result in:
a) Employee resistance and even sabotage
b) Inflexible systems that are hard to maintain or modify
c) Systems that solve the wrong problems
d) all of these
27. Which of the following is not a general objective in the design of an information system?
a) A system should provide information which is timely and relevant for decision making by management and operating personnel
b) The output of a system should be highly accurate
c) A system should have sufficient capacity to accommodate levels of normal activity; any additional capacity proves too costly in the long run
d) A system should be as simple as permitted so that its structure and operation can be easily understood and its procedures easily accomplished
e) A system should be flexible to accommodate changes of a reasonable magnitude when required
28. A computerized AIS is harder to audit than a manual system for all of the following reasons except:
a) The file information is not human readable
b) The volume of transaction records and master file records is usually much larger in computerized systems than in manual systems
c) An audit trail does not exist in a computerized AIS
d) Computerized systems often use remote real-time data processing, thus complicating the tracing of transaction records to their sources
29. Which of the following is not one of the groups of SOX compliance requirements?
a) requirements to use an IT auditor to evaluate controls
b) regulations governing executive reporting and conduct
c) rules about financial statement reporting
d) audit committee/corporate governance requirements
30. Three common techniques auditors use to test computer programs are:
a) Test data, integrated test facilities, and parallel simulation
b) Test data, edit checks, and integrated test facilities
c) Test data, program change control, and parallel simulation
d) Program change control, edit checks, and parallel simulation
31. The term data encryption refers to:
a) Storing data in safe places called “crypts”
b) Transforming data into secret codes
c) Scrambling data in random ways that cannot be unscrambled
d) none of these
32. The term key in the context of data encryption refers to:
a) A physical key similar to a house key
b) A logical key similar to the primary key of a data file
c) A mathematical function used for encryption purposes
d) A computer function key that can be found on keyboards
33. All of the following are benefits of XBRL except:
a) Companies can file financial information in one format, avoiding the errors that may come from reentering data multiple times
b) The SEC accepts XBRL-format for electronic filing of financial statement reports
c) XBRL permits the automatic and reliable exchange of financial information across all software formats and technologies, including the Internet
d) all of the above are benefits of XBRL
e) none of the above are benefits of XBRL
34. All of these are reasons why databases are important to AISs except:
a) AIS databases store valuable information
b) Many AISs are large and therefore potentially unwieldy
c) The databases of some organizations are very complex
d) The hard disk space used to store AIS databases is comparatively expensive
e) all of these are reasons why databases are important to AISs
35. A major advantage of relational databases is:
a) All records are stored together
b) No pointers are used
c) An expandable index is used
d) It closely resembles a flat file
36. In recent years many businesses have formed a common information source within their business organization called a database. One of the advantages of building databases is the simultaneous updating of files with common data elements. Another major advantage of the database concept is that:
a) Database systems can be used in microcomputers as well as on large computers
b) Database systems are simple to install and maintain
c) Database systems are generally less expensive than separate file maintenance systems
d) Less duplication of data occurs with a database system
e) Fewer skilled people are required to run a database system than any other system
37. The process of data normalization refers to:
a) Eliminating data errors and other problems from “normal data”
b) Scaling data to values between zero and one
c) Storing data in normal storage media such as hard disks
d) none of these
38. Database management systems are important to accountants because:
a) They automate file storage tasks and enable managers to generate worthwhile financial reports
b) They eliminate data redundancy
c) They are unique data structures which accountants have never used before
d) They are easy to develop and therefore save money
e) They are energy efficient
39. Which of these is true about finding data in multimedia databases?
a) It is not possible to search them because graphics have no text keys for searching
b) It is not possible to search them because audio objects have no text keys for searching
c) It is possible to search for items in them because such characteristics as “speaker” or “subject” can be used as search parameters
d) It is possible to search for items in them if the name of the embedded graphics or audio file is also known