Acctg 20 Quizzes Prelims To Finals

QUIZ1: Accounting Information System (An Overview)
1. What is the major difference between the revenue and the expenditure cycle?
Group of answer choices
The revenue cycle includes the activity of obtaining funds from investors
In the revenue cycle, cash is received; in the expenditure cycle cash is paid out
The revenue cycle includes marketing activities; the expenditure cycle does not
The expenditure cycle includes paying employees
2. The basic "give and take" functions of a business have been grouped into transaction cycles.
The cycle that includes the events of hiring employees and paying them is known as the
financing cycle
revenue cycle
expenditure cycle
human resources cycle
3. In a manual system, records of current activity are posted from a journal to a ledger. In a
computer system, current records from a(n)
Transaction file are updated to a master file
Master file are updated to a year-to-date file
Index file are updated to a master file
Table file are updated to a transaction file
4. Which of the following is least likely a key decision to be made when acquiring capital?
Cash flow projections
How much will be needed
Find investors or borrow from creditors
What is the best interest rate to accept
5. Information that reduces uncertainty, improves decision makers' ability to make

predictions, or confirms or corrects their prior expectations, is said to be
Timely
Reliable
Relevant
Complete
6. An accounting information system must be able to perform which of the following tasks?
detect all types of fraud
provide adequate controls
collect master data
all of the answers
7. Subsidiary ledgers are used in manual accounting environments. What file is comparable
to a subsidiary ledger in a computerized environment?
archive file
transaction file
master file
reference file
8. Which account is least likely to have a subsidiary ledger?

accounts receivable
fixed assets
sales
inventory
9. The benefit produced by the information minus the cost of producing it.
Goal congruence
Information
Information overload
Value of information
10. Goal conflict may result when

A decision or action of a subsystem is inconsistent with the system as a whole.
Duplicate recording, storage and processes are eliminated.
A subsystem achieves its goals while contributing to the organization's overall goal.
The data exceeds the amount the human mind can absorb and process.
11. The order of the entries made in the ledger is by

transaction number
Date
User
account number
12. An AIS is a system of six interrelated components that interact to achieve a goal. One of
these components, which includes both manual and automated activities that involve
collecting, processing, and storing data, is known as
Procedures and instructions
Software
Information technology infrastructure
Information or data
13. Which of the following statements below shows the contrast between data and
information?
Data and information are the same.
Information is the primary output of an AIS.
Data is the output of an AIS.
Data is more useful in decision-making than information.
14. Information is
raw facts about transactions.
potentially useful facts when processed in a timely manner.
data that has been organized and processed so that it's meaningful.
basically the same as data.
15. In general, a special journal would not be used to record

depreciation
cash disbursements
purchases
sales
16. An example of a nonfinancial transaction is

purchase of inventory
log of customer calls
sale of products
cash disbursement
17. Updating the accounts payable primarily belongs to what business cycle?
expenditure cycle
revenue cycle
financing cycle
human resource cycle
18. An example of a financial transaction is

a supplier’s price list
the purchase of computer
a delivery schedule
an employee benefit brochure
19. The order of the entries made in the general journal is by
customer number
account number
User
Date
20. Groups of related business activities such as the acquisition of merchandise and payment
of vendors are called
transactions
business events
economic cycles
transaction cycles
21. Which of the following is not an example of a common activity in an AIS?

recording of sales calls for marketing purposes
summarize and report results to interested parties
sell goods and services and collect cash
buy and pay for goods and services
22. A specialized journal

is used to record infrequent or non-routine transactions.
records all detailed data for any general ledger account that has individual sub-accounts.
contains summary-level data for every account of the organization.
simplifies the process of recording large numbers of repetitive transactions.
23. The primary consideration when producing this type of information is that its benefits
exceeds its costs.
Mandatory information
Essential information
Discretionary information
24. The general ledger

simplifies the process of recoding large numbers of repetitive transactions.
25. The value of information can best be defined as

the benefits produced by possessing and using the information minus the cost of producing it.
how relevant it is.
the extent to which it maximizes the value chain.
how useful it is to decision makers.
26. Which subsystem is not part of the Accounting Information System?

Management Reporting System
General Ledger/Financial Reporting System
Transaction Processing System
Expert System
27. Information is
Data that have been organized and processed to provide meaning to a user.
Facts that are collected, recorded, stored, and processed by an information system.
What happens when the data exceeds the amount the human mind can absorb.
The benefit produced by the information minus the cost of producing it.
28. A general journal

29. The ability to achieve the goals of a system depends upon the effective functioning and
harmonious interaction between its subsystems. This is called
system redundancy
system decomposition
subsystem interdependency
backup system
30. When two knowledgeable people acting independently each produce the same
information, this information is said to be
Complete
Relevant
Verifiable
Reliable
31. The major difference between the Financial Reporting System (FRS) and the Management
Reporting System (MRS) is the
FRS reports are prepared using information provided by the General Ledger System; the MRS
provides information to the General Ledger System
FRS reports are prepared in flexible, nonstandardized formats; the MRS reports are prepared
in standardized, formal formats
FRS provides information to internal and external users; the MRS provides information to
internal users
FRS provides discretionary information; the MRS provides nondiscretionary information
32. The transaction cycles approach leads to efficient processing of large number of
transactions because
transaction cycles are easier to computerize
transaction cycles are easy to understand
a large number of transactions within a given cycle can be categorized into a relatively small
number of distinct types
the transaction cycle approach represents the natural order of business
33. An accounting information system in part consists of

People, procedures, data, software and information technology infrastructure.
Information, programs and computers.
People, hardware and programs.
Internal controls and accounting records.
34. Data are

quantitative facts that are not qualitative by nature.
processed output that is useful to decision makers.
facts entered, stored, and processed by an information system.
another word for information.
35. A subsidiary ledger

simplifies the process of recoding large numbers of repetitive transactions.
36. Facts that are collected, recorded, stored and processed by an information system
Information
Systems
Data
37. Information that does not omit important aspects of the underlying events or activities that
it measures is
Timely
Relevant
Accessible
Complete
38. This results when a subsystem achieves its goals while contributing to the organization's
overall goal.
Goal congruence
Systems congruence
Goal conflict
39. Data must be converted into information to be considered useful and meaningful for
decision-making. There are six characteristics that make information both useful and
meaningful. If information is free from error or bias and accurately represents the events
or activities of the organization, it is representative of the characteristic of
Understandability
Timeliness
Reliability
Relevance
40. Which activity belongs to the production cycle?

Receive and answer customer inquiries
Design products
Pay dividends to investors and interest to lenders
Prepare, approve, and send purchase orders to vendors
41. An accounting information system (AIS) processes __________ to provide users with
__________.
data; transactions
data; benefits
data; information
information; data
42. The Transaction Processing System includes all of the following cycles except
the expenditure cycle
the administrative cycle
the conversion cycle
the revenue cycle
43. Information that is free from error or bias and accurately represents the events or activities
of the organization is
Relevant
Reliable
Verifiable
Timely
44. Humans can absorb and process only so much information. Information __________ occurs
when those limits are passed.
excess
overload
anxiety
discretion
45. An agreement between two entities to exchange goods or services or any other event that
can be measured in economic terms by an organization is
processing cycle
give-get exchange
revenue
transaction
46. Characteristics of interest that need to be stored are

entity
record
attribute
database
47. The purpose of the Transaction Processing System includes all of the following except
distributing essential information to operations personnel to support their daily operations
recording financial transactions in the accounting records
measuring and reporting the status of financial resources and the changes in those resources
converting economic events into financial transactions
48. Which of the following is a turn-around document?

remittance advice
sales order
purchase order
payroll check
49. The usefulness of information for users is determined by all of the following but
relevance
convenience
reliability
completeness
50. A set of two or more interrelated components that interact to achieve a goal is:
Data
An accounting information system
A system
ACCOUNTING 20: QUIZ 2 (CHAPTER 1-3)
1. A graphical representation of the relationship among the input, processing and output in an
information system is called
a program flowchart
a document flowchart
a data flow diagram
a system flowchart
2. In a DFD, a circle represents

data sources and destinations
the direction of data flows
transformation processes
data stores
3. The graphic description of the flow of data within an organization is called a

document flowchart
context diagram
data flow diagram
systems flowchart
4. In preparing a DFD, when data are transformed through a process, the symbol used
should be
a circle
two horizontal lines
an arrow
a square
5. An analytical technique that uses standard symbols to graphically represent an information

system in a clear, concise, and logical manner is called a
flowchart
narrative
data flow diagram
schema
6. In the data flow diagram of the customer payment process, "update receivables" will appear
in
none of the choices
a square
a circle
7. In the data flow diagram of the customer payment process, "Customer" will appear in
a circle
a square
none of the choices
8. In a DFD, an arrow represents

data stores
the direction of data flows
9. In a program flowchart comparison of one or more variables, the transfer of flow to

alternative logic paths is represented by
a terminal
computer operation
decision diamond
data/information flow
10. Flowcharts are created using a standard set of symbols. These symbols can be divided into
four basic categories. A square denotes an auxiliary operation and is found in which
flowchart symbol category?
processing
storage
input/output
flow and maintenance
11. Most processes on a DFD can be identified by

data in-flows only
data flows both into or out of a process
data out-flows only
data flows both into or out of a process
12. The passage of the Sarbanes Oxley Act

Means that auditors must be able to prepare, evaluate and read documentation tools such as
flowcharts
Made documentation skills even more important
All of the choices
Made documentation skills even more important
13. Which is a true statement regarding the document flowchart?

It is not normally used in the systems design process
It should ignore control processes and actions
It illustrates the sequence of logical operations performed by a computer
It is particularly useful in analyzing the adequacy of internal control procedures
14. Which type of flowchart is an excellent vehicle for describing information flows and
procedures within an AIS?
a program flowchart
an internal control flowchart
a system flowchart
15. When designing either a DFD or a flowchart, a good rule to follow is

to proceed from left to right
to identify exception procedures by using a rectangle
to proceed from top to bottom
to proceed from left to right and top to bottom
16. The storage of data on a DFD is shown by

arrows
circles
squares
17. The narratives, diagrams, charts, and other written materials that explain how a system works
are collectively called
schema
flowcharts
documentation
data flows
18. In creating DFDs, a context diagram

Includes major transformation processes
Depicts systems boundaries
Is very detailed
Is not necessary
19. A graphical representation of the flow of documents and information between departments or
areas of responsibility within an organization is called
a program flowchart
a data flow diagram
a system flowchart
20. The term used to refine a high-level or summary view data flow diagram into successively
lower levels to provide greater amounts of detail is
explode
enlarge
expand
implode
21. In a payroll processing DFD, the "prepare reports" activity will be represented by
__________, the "employee payroll file" will be represented by __________, and the "bank"
will be represented by __________.
a square; two horizontal lines; a circle
a circle; two horizontal lines; two horizontal lines
a circle; two horizontal lines; a square
a rectangle; a square; a circle
22. Data flows between two symbols on a DFD have more than one data item. More than one
arrow is needed if
data elements flow at different times
there is no guideline on use of single or multiple arrows
data elements flow to different locations
data elements always flow together
23. One popular means of documenting a system is to develop diagrams, flowcharts, tables, and
other graphical representations of information. These are often supplemented by
oral descriptions from management
product specifications
logic charts
narrative descriptions
24. In general, a data destination will be shown by

no arrows, only two horizontal lines
an arrow pointing in
arrows pointing both ways
an arrow pointing away
25. In the data flow diagram of the customer payment process, "Customer payment" will appear
above or in
a square
a circle
an arrow
26. What should be the first thing the creator of a flowchart does before beginning a flowchart?
use standard flowcharting symbols
identify the entries to be flowcharted
design the flowchart so that it proceeds from left to right and top to bottom
understand the system to be flowcharted
27. A data flow diagram (or DFD) has four basic elements. The people and organizations that
send data to and receive data from the system are known as
data stores
A data flow diagram (or DFD) has four basic elements. The people and organizations that send
data to and receive data from the system are known as
data flows
28. A graphical description of the sequence of logical operations that a computer performs is
called
a program flowchart
a system flowchart
a data flow diagram
29. A data flow diagram (or DFD) has four basic elements. The altering of data from inputs to
outputs is known as
data stores
data flows
30. In a DFD, a square box represents

data flows
data stores
31. How should control processes and control actions be represented in a data flow diagram?
using a circle to represent a transformation process
control processes and actions should be ignored in a DFD
using two horizontal lines to represent a data store
using a square to represent a data source and destination
32. A data flow diagram

is a graphical description of the sequence of logical operations that a computer performs as it
executes a program
is a graphical description of the source and destination of data that shows how data flow within
an organization
is a graphical description of the flow of documents and information between departments or
areas of responsibility
is a graphical description of the relationship among the input, processing, and output in an
information system
33. Creating a DFD is an iterative process. Each DFD iteration helps the designer to refine the
diagram and identify the fine points. A DFD created at a high-level or summary view is
referred to as a
data process diagram
data dictionary diagram
context diagram
content diagram
34. In a DFD, a "data sink" is also known as

data flows
data destinations
data stores
35. Program documentation is a control designed primarily to ensure that

Data have been entered and processed
Programmers have access to the tape library or information on disk files
Programs are kept up to date and perform as intended
Programs do not make mathematical errors
36. The transformation of data in a DFD is represented as a

data source and destination
process
data stores
data dictionary
37. An entity that sends or receives data used or produced by the system is called a
data source or destination
data transformation
data store
data flow
38. Which is a true statement regarding the use of the manual processing symbol in a flowchart?
Each manual processing symbol should have an input and an output
Each manual processing symbol should have an off-page connector
Do not connect two documents when moving from one column to another
If a document is moved from one column to another, show the document only in the last column
39. A data flow diagram (or DFD) has four basic elements. The flow of data between processes,
data stores, and data sources and destinations is known as
data stores
data flows
40. In a document flowchart of a manual payroll processing system, "update employee file" will
be shown by a(n) __________ symbol, and "prepare payroll check" will be shown by a(n)
__________ symbol.
input; manual operation
input; output
manual operation; output
manual operation; manual operation
41. A flowchart is an analytical tool used to describe some aspect of an information system. A
flowchart that depicts the relationships among the input, processing, and output of an AIS is
a program flowchart
a system flowchart
an internal control flowchart
42. In a DFD, a "bubble" is also known as

data flows
data destinations
data stores
43. In a DFD, lines that are horizontal and parallel to each other represent

data flows
data stores
44. Which of the following is not a true statement?

Documentation tools save an organization both time and money
Data flow diagrams and flowcharts are difficult to prepare and revise using software packages
Data flow diagrams and flowcharts are the two most frequently used systems development
documentation tools
Documentation tools are used extensively in the systems development process
45. The usefulness of information for users is determined by all of the following but
reliability
convenience
relevance
completeness
46. The ability to achieve the goals of a system depends upon the effective functioning and
harmonious interaction between its subsystems. This is called
backup system
subsystem interdependency
system decomposition
system redundancy
47. Which of the following is least likely a key decision to be made when acquiring capital?
What is the best interest rate to accept
Find investors or borrow from creditors
Cash flow projections
How much will be needed
48. Updating the accounts payable primarily belongs to what business cycle?
revenue cycle
human resource cycle
expenditure cycle
financing cycle
49. Which activity belongs to the production cycle?

Receive and answer customer inquiries
Prepare, approve, and send purchase orders to vendors
Pay dividends to investors and interest to lenders
Design products
ACCOUNTING 20 AIS: QUIZ 3 – UP TO COMPUTER FRAUD
1. Which of the following best describes lapping?

expensing an asset that has been stolen
creating a false transaction
inflating bank balances by transferring money among different bank accounts
applying cash receipts to a different customer’s account in an attempt to conceal previous thefts
of funds
2. Using a file-oriented approach to data and information, data is maintained in

many interconnected files
many separate files
a central database
a decentralized database
3. A specialized journal
4. For an action to be called fraudulent, all of the following conditions are required except
injury or loss
intent to deceive
false representation
poor judgment
5. The financial accounting database has several critical relationships that must be properly
maintained if the system is to function in an orderly manner. Which one of the following
statements about the financial accounting database is incorrect?
Subsidiary ledgers are master files containing accounting records by specific account categories
The general ledger is a master file in which a record is maintained for each and every account in
the organization's accounting system
Cash disbursements journals are complete records of each transaction that reduces cash
Transaction records include cross-reference between general ledger files, subsidiary account
numbers, and source document numbers
6. An Internet-based attack using password sniffing can:
result in major problems with billing systems and transaction processing agreements.
be used to gain access to systems containing proprietary information.
cause modification to the contents of certain transactions.
enable one party to act as if they are another party.
7. An overall description of a database, including the names of data elements, their

characteristics, and their relationship to each other would be defined by using a:
DML
DDL
DCIL
DCL
8. A hacker could obtain passwords without the use of computer tools or programs through the
technique of:
social engineering
sniffers
Trojan horses
back doors
Next
9. One characteristic of employee fraud is that the fraud

involves misstating financial statements
is perpetrated at a level to which internal controls do not apply
involves misappropriating assets in a series of complex transactions involving third parties
involves the direct conversion of cash or other assets to the employee’s personal benefit
10. In an inventory system on a database management system (DBMS), one stored record
contains a part number, part name, part color, and part weight. These individual items are
called
Stored files
Fields
Occurrences
Bytes
11. Forces which may permit fraud to occur do not include

centralized decision making environment
questionable integrity of employees
a gambling addiction
lack of segregation of duties
12. What is the most popular type of database?

relational
object-oriented
hierarchical
network
13. One popular means of documenting a system is to develop diagrams, flowcharts, tables, and
other graphical representations of information. These are often supplemented by
narrative descriptions
oral descriptions from management
logic charts
product specifications
14. The logical structure of a database is described by the

dictionary
internal level
subschema
schema
15. Supervision in a computerized environment is more complex than in a manual environment

for all of the following reasons except
many systems professionals have direct and unrestricted access to the organization's programs
and data
systems professionals and their supervisors work at the same physical location
rapid turnover of systems professionals complicates management's task of assessing the
competence and honesty of prospective employees
rapid changes in technology make staffing the systems environment challenging
16. Which of the following attacks targets the Secure Sockets Layer (SSL)?
Password sniffing
Man-in-the middle
Phishing
Dictionary
17. At a hospital, medical personal carry handheld computers which contain patient health data.
These handheld computers are synchronized with PCs which transfer data from a hospital
database. Which of the following would be of the most importance?
The employee who deletes temporary files from the local PC, after usage, is authorized to
maintain PCs.
The handheld computers are properly protected to prevent loss of data confidentiality, in case of
theft or loss.
The usage of the handheld computers is allowed by the hospital policy.
maintain PCs.
18. Which of the following is not an access control in a database system?

database authorization table
voice prints
passwords
antivirus software
19. The identification of users who have permission to access data elements in a database is
found in the
Database file definition
Database schema
Operating system
Systems manual
20. Audit trails cannot be used to

facilitate reconstruction of events
promote personal accountability
detect unauthorized access to systems
reduce the need for other forms of security
21. All of the following will reduce the exposure to computer viruses except
install factory-sealed application software
install public-domain software from reputable bulletin boards
assign and control user passwords
install antivirus software
22. Which of the following is the PRIMARY safeguard for securing software and data within an
information processing facility?
Security awareness
Logical access controls
Reading the security policy
Security committee
23. Which is not a biometric device?

signature characteristics
retina prints
voice prints
password
24. A data warehouse can be described as a

Database that is available on the Internet or provided by commercial information services
Collection of databases that are dispersed to corporate intranets, extranets and the Internet
Database that supports a particular functional area in an organization.
Centralized and integrated database of current and historical data about an organization
25. A company does business in seven states. Its offices maintain regional databases on their
own servers, which are
linked to the mainframe at headquarters. These servers periodically relay summarized data to
the home-office
mainframe computer, where they are used to update a corporate database. This company uses
a system known as
Distributed data processing
Strategic-planning system
A local area network
Parallel-systems method
26. Passwords are secret codes that users enter to gain access to systems. Security can be
compromised by all of the following except
recording passwords in obvious places
selecting passwords that can be easily detected by computer criminals
using obscure passwords unknown to others
failure to change passwords on a regular basis
27. A software program that allows access to a system without going through the normal logon
procedures is called a
worm
back door
logic bomb
Trojan horse
28. One advantage of a database management system (DBMS) is
That each organizational unit takes responsibility and control for its own data.
The independence of the data from the application programs, which allows the programs to be
developed for the user's specific needs without concern for data capture problems.
A decreased vulnerability as the database management system has numerous security controls to
prevent disasters.
The cost of the data processing department decreases as users are now responsible for
establishing their own data handling techniques.
29. Program documentation is a control designed primarily to ensure that
Programmers have access to the tape library or information on disk files
Programs are kept up to date and perform as intended
Programs do not make mathematical errors
Data have been entered and processed
30. Structured Query Language (SQL) is the de facto standard query tool to retrieve information
from
Intranet systems
Legacy systems
Client/server systems
Relational database systems
31. Which statement is true regarding file systems?
The proliferation of master files creates problems in the consistency of specific data stored in
different files
Transaction files are permanent
Individual records are never deleted in a master file
Transaction files are similar to ledgers in a manual AIS
32. Separating the logical and physical views in a database allows the programmers to
concentrate on coding the application logic
since they do not have to focus on the physical location and layouts of various data items
by identifying physical location and layouts of various data items
by providing pointers to data items regardless of physical location
by consolidating all data in one database
33. What language interface would a database administrator use to establish the structure of
database tables?
DML
DQL
DDL
DCL
34. A database system separates the logical and physical view of data. Such separation facilitates
the development of new applications since programmers can concentrate their efforts on
coding application logic. The term physical view refers to
how master files maintain facts used by certain application programs
how and where the data are physically arranged and stored
how the DBMS accesses data for an certain application program
how a user or programmer conceptually organizes and understands the data
35. The software program that creates, manipulates, and accesses the database goes by
the acronym
DBMS
DBP
OS
DBA
36. All of the following are issues of computer security except
program operations from program maintenance
program maintenance from program coding
all of the above duties should be separated
program coding from program operations
37. Which of the following is considered an unintentional threat to the integrity of the operating
system?
a hacker gaining access to the system because of a security flaw
a hardware flaw that causes the system to crash
a virus that formats the hard drive
the systems programmer accessing individual user files
38. The ____________ handles the link between the way data are physically stored and each
user's logical view of that data.
Database administrator
Database management system software
Schema
Data warehouse
39. A software program that replicates itself in areas of idle memory until the system fails is
called a
Trojan horse
logic bomb
none of the choices
worm
40. Which of the following is a false statement about a database management system application
environment?
Data is used concurrently by multiple users
Data is shared by passing files between programs or systems
The physical structure of the data is independent of user needs
Data definition is independent of any one program
42. Which control will not reduce the likelihood of data loss due to a line error?
vertical parity bit
horizontal parity bit
encryption
echo check
43. Which method is most likely to detect unauthorized access to the system?
vertical parity check
request-response technique
message transaction log
data encryption standard
44. In an online banking application, which of the following would BEST protect against identity
theft?
Restricting the user to a specific terminal
Encryption of personal password
Periodic review of access logs
Two-factor authentication
45. The graphic description of the flow of data within an organization is called a
systems flowchart
data flow diagram
context diagram
document flowchart
46. Hackers can disguise their message packets to look as if they came from an authorized user
and gain access to the host’s network using a technique called
spoofing
dual-homed
spooling
screening
47. The narratives, diagrams, charts, and other written materials that explain how a system works
are collectively called
data flows
flowcharts
documentation
schema
48. Which one of the following is the most frequently used standard language for interacting
with relational databases?
Visual Basic
Groupware
Structured Query Language (SQL)
COBOL
49. Disabling which of the following would make wireless local area networks MORE secure
against unauthorized access?
WPA (Wi-Fi Protected Access Protocol)
MAC (Media Access Control) address filtering
LEAP (Lightweight Extensible Authentication Protocol)
SSID (service set identifier) broadcasting
50. Five brand managers in a consumer food products company met regularly to figure out what
price points were being lowered by their competitors and how well coupon promotions did.
The data they needed to analyze consisted of about 50 gigabytes of daily point of sale (POS)
data from major grocery chains for each month. The brand managers are competent users of
spreadsheet and database software on microcomputers. They considered several alternative
software options to access and manipulate data to answer their questions.
The limiting factor in the brand managers' use of a relational database system to answer their ad
hoc questions would be:Distinguishing primary and foreign keys in the data
Lack of management interest in using the results
Distinguishing primary and foreign keys in the data
Understanding what individual data records represent
Obtaining computer resources for complicated queries
QUIZ 4
1. According to the ERM, these deal with the effectiveness and efficiency of company
operations, such as performance and profitability goals.
Reporting objectives
Strategic objectives
Compliance objectives
Operations objectives
2. According to the ERM, these help the company address all applicable laws and regulations.
3. It considers all IT-related governance and management enablers to be enterprise-wide and

end-to-end, i.e., inclusive of everything and everyone—internal and external—that is relevant
to governance and management of enterprise information and related IT.
This statement is related to what principle of COBIT 5.
meeting stakeholder needs
applying a single, integrated framework
covering the enterprise end-to-end
none of the choices is correct
4. The risk that remains after management implements internal controls is

Risk appetite
Inherent risk
Risk assessment
Residual risk
5. Enterprises exist to create value for their stakeholders by maintaining a balance of various
processes. Which of the following is not among the processes mentioned by COBIT 5?
benefits realization
risk optimization
resource optimization
strategy formulation
6. When undertaking risk assessment, the expected loss is calculated like this.
Impact times likelihood
Impact times expected loss
Inherent risk times likelihood
Residual risk times likelihood
7. The COSO control model has five crucial components. Which of the following is not one of
them?
control environment
risk assessment
compliance with national or local laws
monitoring
8. The definition of the lines of authority and responsibility and the overall framework for
planning, directing, and controlling is laid out by the
control activities
organizational structure
budget framework
internal environment
9. The risk that exists before management takes any steps to control the likelihood or impact of
a risk is
Residual risk
Inherent risk
Risk appetite
Risk assessment
10. In a situation where the cost of implementation of internal control exceeds its benefit, which
of the following is the least likely risk response?
Avoid
Accept
Share
Reduce
11. This COBIT 5 enabler is the vehicle to translate the desired behavior into practical guidance
for day-to-day management.
Principles, policies and frameworks
Principles, policies and frameworks
Organizational structures
Culture, ethics and behavior
12. Generally, in a corporation, who is in charge of governance?

CEO
President
Board
Officers
13. According to the ERM, high level goals that are aligned with and support the company's
mission are
14. Which of the following is not one of the eight interrelated risk and control components of
COSO?
Internal environment
Risk response
Monitoring
Event assessment
15. According to the ERM, these objectives help ensure the accuracy, completeness, and
reliability of internal and external company reports.
16. Which of the following is not a principle of the COBIT 5 framework?

enabling a holistic approach
covering the enterprise end-to-end
all of the choices are the principles of the COBIT 5 framework
meeting stockholder needs
separating governance from management
applying a single integrated framework
17. Which of the following is not a primary objective of internal control?

all of the answers are primary objectives of internal controls
protect assets from theft or other types of fraud
compliance with relevant laws and regulations
provide accurate and reliable information
promote and improve employee efficiency
18. Personnel policies such as background checks, mandatory vacations, and rotation of duties
tend to deter
payroll irregularities
employee fraud or embezzlement
unintentional errors
fraud by outsiders
19. Generally in a risk assessment process, the first step is to

identify the threats that the company currently faces.
estimate the exposure from negative events.
estimate the risk probability of negative events occurring.
identify controls to reduce all risk to zero.
20. Which of the following is the least likely classification of a video surveillance control?
detective
deterrent
compensating
manual
all of the choices are valid classifications of this control
21. This type of control is used to restore the state of a system or asset to its pre-incident state.
An example recovery control is the use of a tool to remove a virus from a computer
compensating
corrective
deterrent
recovery
22. The COBIT 5 uses various resources for its knowledge base in creating its different
frameworks. Which of the following is not among these resources?
existing ISACA guidance (e.g. existing COBIT frameworks)
COSO framework
all of the choices are valid resources
other standards and frameworks
new ISACA guidance materials
23. This is a COBIT 5 enabler that includes the infrastructure, technology and applications that
provide the enterprise with information technology processing and services.
People, skills and competencies
Culture, ethics and behavior
Information
Services, infrastructure and applications
24. The highest senior executive responsible for the management of a corporation.
president
CEO
chairperson
board
25. The amount of risk a company is willing to accept in order to achieve its goals and objectives
is
Inherent risk
Residual risk
Risk assessment
Risk appetite
26. Which of the following would be considered a "red flag" for problems with management
operating style if the question were answered "yes"?
All of the above statements would raise "red flags" if answered "yes."
Does management attempt to manipulate performance measures such as net income?
Does management pressure employees to achieve results regardless of the methods?
Does management take undue business risks to achieve its objectives?
Password sniffing
Phishing
Man-in-the middle
Dictionary
28. Which of the following best describes lapping?

of funds
29. Forces which may permit fraud to occur do not include

30. One characteristic of employee fraud is that the fraud
involves the direct conversion of cash or other assets to the employee’s personal benefit
involves misappropriating assets in a series of complex transactions involving third parties
involves misstating financial statements
is perpetrated at a level to which internal controls do not apply
31. In an online banking application, which of the following would BEST protect against identity
theft?
32. Which of the following is a preventive control?

comparing the accounts receivable subsidiary ledger to the control account
physical inventory count
bank reconciliation
credit check before approving a sale on account
33. A physical inventory count is an example of a

preventive control
detective control
feedforward control
corrective control
35. For an action to be called fraudulent, all of the following conditions are required except
injury or loss
poor judgment
intent to deceive
36. Who is responsible for establishing and maintaining the internal control system?
the accountant
management
the internal auditor
the external auditor
37. The most cost-effective type of internal control is

detective control
accounting control
preventive control
corrective control

39. Adequate backups will protect against all of the following except
natural disasters such as fires
system crashes
data corruption caused by program errors
unauthorized access
40. Which of the following is the PRIMARY safeguard for securing software and data within an
information processing facility?
Security awareness
Security committee
41. Supervision in a computerized environment is more complex than in a manual environment

for all of the following reasons except
many systems professionals have direct and unrestricted access to the organization's programs
and data
42. A hacker could obtain passwords without the use of computer tools or programs through the
technique of:
sniffers
Trojan horses
social engineering
back doors
43. At a hospital, medical personal carry handheld computers which contain patient health data.
These handheld computers are synchronized with PCs which transfer data from a hospital
database. Which of the following would be of the most importance?
maintain PCs.
maintain PCs.
theft or loss.
The usage of the handheld computers is allowed by the hospital policy
44. Which of the following is not an element of the internal control environment of the COSO
framework?
management philosophy and operating style
organizational structure of the firm
the functioning of the board of directors and the audit committee
well-designed documents and record
45. The concept of reasonable assurance suggests that

the cost of an internal control should be less than the benefit it provides
the objectives achieved by an internal control system vary depending on the data processing
method
the effectiveness of internal controls is a function of the industry environment
a well-designed system of internal controls will detect all fraudulent activity

47. Which of the following is most likely to be considered an indication of possible fraud?
Rapid expansion into new markets
Rapid turnover of the organization’s financial executives
A government audit of the organization’s tax returns
The replacement of the management team after a hostile takeover
48. A proper segregation of duties requires

That an individual authorizing a transaction maintain custody of the asset that resulted from the
transaction
That an individual recording a transaction not compare the accounting record of the asset with
the asset itself
That an individual authorizing a transaction records it.
That an individual maintaining custody of an asset be entitled to access the accounting records
for the asset
49. When comparing perpetrators who have embezzled an organization's funds with perpetrators
of financial statement fraud (falsified financial statements), those who have falsified financial
statements are less likely to
Have experienced an autocratic management style
Use organizational expectations as justification for the act
Be living beyond their obvious means of support
Rationalize the fraudulent behavior
50. Corporate directors, management, external auditors, and internal auditors all play important
roles in creating a proper control environment. Top management is primarily responsible for
Ensuring that external and internal auditors adequately monitor the control environment
Establishing a proper environment and specifying an overall internal control structure
Reviewing the reliability and integrity of financial information and the means used to collect and
report such information
Implementing and monitoring controls designed by the board of directors
CHAPTER 8: SECURITY
1. Giving users regular, periodic reminders about security policies and training in complying
with them is an example of which of the following trust services criteria?
Effective communication of policies
Policy development
Design/use of control procedures
Monitoring and remedial action
2. Which of the following preventive controls are necessary to provide adequate security that
deals with social engineering?
Host and application hardening
Encryption
Controlling remote access
Training
3. Restricting access of users to specific portions of the system as well as specific tasks, is
Threat monitoring
Authentication
Authorization
Identification
4. If the time an attacker takes to break through the organization's preventive controls is greater
than the sum of the time required to detect the attack and the time required to respond to the
attack, then security is
undermanaged
ineffective
effective
overdone
5. Which of the following is not one of the three fundamental information security concepts?
The idea of defense-in-depth employs multiple layers of controls
Information security is a technology issue that hinges on prevention
The time-based model of security focuses on the relationship between preventive, detective and
corrective controls
Security is a management issue, not a technology issue
6. Which of the following is an example of a detective control?

Log analysis
Emergency response teams
Physical access controls
Encryption
7. According to SysTrust, the reliability principle of integrity is achieved when
the system can be maintained as required without affecting system availability, security, and
integrity
the system is available for operation and use at times set forth by agreement
the system is protected against unauthorized physical and logical access
system processing is complete, accurate, timely, and authorized
8. Passwords are secret codes that users enter to gain access to systems. Security can be
compromised by all of the following except
recording passwords in obvious places
selecting passwords that can be easily detected by computer criminals
failure to change passwords on a regular basis
using obscure passwords unknown to others
9. The most common input-related vulnerability is

Hardening
Buffer overflow attack
War dialing
Encryption
10. This maintains a table that lists all established connections between the organization's
computers and the Internet to determine whether an incoming packet is part of an ongoing
communication initiated by an internal computer.
Stateful packet filtering
Static packet filtering
Deep packet inspection
Access control list
11. Which of the following is the foundation of systems reliability?

Privacy
Processing
Security
Confidentiality
12. This is an authorized attempt by an internal audit team or an external security consultant to
break into the organization's information system.
Vulnerability scan
Log analysis
Penetration test
Intrusion detection system
13. This is used to identify rogue modems (or by hackers to identify targets).
War driving
None of the choices
War dialing
War chalking
14. Which of the following is an example of a preventive control?

Log analysis
Intrusion detection
Encryption
15. Which of the following is considered an unintentional threat to the integrity of the operating
system?
the systems programmer accessing individual user files
a hacker gaining access to the system because of a security flaw
a virus that formats the hard drive
a hardware flaw that causes the system to crash
16. Multi-factor authentication

Involves the use of two or more basic authentication methods
Is a table specifying which portions of the systems users are permitted to access
Requires the use of more than one effective password
Provides weaker authentication than the use of effective passwords
17. Hackers can disguise their message packets to look as if they came from an authorized user
and gain access to the host’s network using a technique called
spooling
dual-homed
spoofing
screening
18. This protocol specifies the structure of packets sent over the internet and the route to get
them to the proper destination.
Internet protocol
Access control list
Packet switching protocol
Transmission control protocol
19. Which of the following is an example of a corrective control?

Intrusion detection
Physical access controls
Encryption
20. Audit trails cannot be used to

promote personal accountability
facilitate reconstruction of events
detect unauthorized access to systems
reduce the need for other forms of security
21. All of the following will reduce the exposure to computer viruses except
install factory-sealed application software
assign and control user passwords
install antivirus software
install public-domain software from reputable bulletin boards
22. The device that connects an organization's information system to the Internet is a
Gateway
Firewall
Demilitarized zone
Router
23. This is designed to identify and drop packets that are part of an attack.
24. A software program that allows access to a system without going through the normal logon
procedures is called a
Trojan horse
logic bomb
back door
worm
25. This creates logs of network traffic that was permitted to pass the firewall
Log analysis
Vulnerability scan
Penetration test
26. Compatibility tests utilize a(n) __________, which is a list of authorized users, programs,
and data files the users are authorized to access or manipulate
validity test
biometric matrix
logical control matrix
access control matrix
27. The AICPA and the CICA have created an evaluation service known as SysTrust. SysTrust
follows four principles to determine if a system is reliable. The reliability principle that states
that users must be able to enter, update, and retrieve data during agreed-upon times is known
as
integrity
availability
security
maintainability
28. A special purpose hardware device or software running on a general purpose computer which
filters information allowed to enter and leave the organization's information system,
Firewall
Demilitarized zone
Intrusion prevention system
29. The trust services framework identifies four essential criteria for successfully implementing
each of the principles that contribute to systems reliability. Which of the following is not one
of those four essential criteria?
Monitoring the system and taking corrective action to maintain compliance with policies
Effectively communicating policies to all outsiders
Developing and documenting policies
Designing and employing appropriate control procedures to implement policies
30. Which control will not reduce the likelihood of data loss due to a line error?
encryption
vertical parity bit
horizontal parity bit
echo check
31. The process of turning off unnecessary features in the system is known as
Hardening
Intrusion detection
War dialing
32. An access control matrix
Does not have to be updated
Is a table specifying which portions of the system users are permitted to access
Matches the user's authentication credentials to his authorization
Is used to implement authentication controls
33. A software program that replicates itself in areas of idle memory until the system fails is
called a
Trojan horse
none of the choices
worm
logic bomb
34. Which of the following is not a requirement of effective passwords?

Passwords should be changed at regular intervals
Passwords should contain a mixture of upper and lowercase letters, numbers and characters
Passwords should be no more than 8 characters in length
Passwords should not be words found in dictionaries
35. This screens individual IP packets based solely on the contents of the source or destination
fields in the packet header.
Access control list
36. Which of the following is not an access control in a database system?

antivirus software
database authorization table
passwords
voice prints
37. Which is not a biometric device?

password
voice prints
signature characteristics
retina prints
38. Verifying the identity of the person or device attempting to access the system is
Threat monitoring
Authorization
Authentication
Identification
39. This determines which packets are allowed entry and which are dropped.
Access control list
40. Because planning is more effective than reacting, this is an important criteria for
successfully implementing systems reliability:
Monitoring and remedial action
Policy development
Design/use of control procedures
Effective communication of policies
41. This uses automated tools to identify whether a given system possesses any well-known
security problems.
Vulnerability scan
Penetration test
Log analysis
42. This protocol specifies the procedures for dividing files and documents into packets to be
sent over the Internet.
Transmission control protocol
Access control list
Internet protocol
Packet switching protocol
43. The ___________ disseminates information about fraud, errors, breaches and other improper
system uses and their consequences.
Chief information officer
Computer emergency response team
Chief security officer
Chief operations officer
44. Which of the following is not one of the five basic principles that contribute to
systems reliability according to the Trust Services framework?
System availability
Security
Confidentiality
Processing speed
45. Perimeter defense is an example of which of the following preventive controls that
are necessary to provide adequate security.
Host and application hardening
Controlling remote access
Training
Controlling physical access
46. Preventive controls require two related functions, which are:

Access and control
Authentication and authorization
Detection and correction
Physical access and logical access
47. The final layer of preventive controls

Authentication
Authorization
Encryption
Intrusion detection
48. This process involves the firewall examining the data in the body of an IP packet.
Access control list
49. A more rigorous test of the effectiveness of an organization's computer security

Log analysis
Vulnerability scan
Penetration test
50. Which method is most likely to detect unauthorized access to the system?
vertical parity check
message transaction log
request-response technique
data encryption standard
CHAPTER 9
1. Which of the following would be the BEST defense against the introduction of Trojan
horse software into an organization?
A virus scanning software application
A keystroke logger application
A debugger application
A stateful inspection firewall
2. Which of the following is not associated with asymmetric encryption?

Private keys
No need for key exchange
Speed
Public keys
3. These are used to create digital signatures.

Packet filtering and encryption
Hashing and packet filtering
Asymmetric encryption and hashing
Symmetric encryption and hashing
4. An IS auditor performing a telecommunication access control review should be concerned

PRIMARILY with the:
maintenance of access logs of usage of various system resources.
adequate protection of stored data on servers by encryption or other means.
authorization and authentication of the user prior to granting access to system resources.
accountability system and the ability to identify any terminal accessing system resources.
5. A development team has developed and is currently maintaining a customer facing web
application which is hosted at their regional office versus at the central data center. The
GREATEST risk in this scenario is that the:
regional office may not have the same level of fire detection and suppression that exists at the main
data center.
additional traffic of the web site would slow down Internet access for the regional office.
regional office may not have a firewall or network that is sufficiently secure for a web server.
development team may lack the expertise and staffing to manage and maintain a hosted application
environment.
6. During an audit of an enterprise that is dedicated to e-commerce, the IS manager states

that digital signatures are used when receiving communications from customers. To
substantiate this, an IS auditor must prove that which of the following is used?
A biometric, digitalized and encrypted parameter with the customer's public key
The customer's scanned signature encrypted with the customer's public key
A hash of the data that is transmitted and encrypted with the customer's private key
A hash of the data that is transmitted and encrypted with the customer's public key
7. A hard disk containing confidential data was damaged beyond repair. What should be
done to the hard disk to prevent access to the data residing on it?
Low-level format the hard disk.
Demagnetize the hard disk.
Rewrite the hard disk with random 0s and 1s.
Physically destroy the hard disk.
8. When using public key encryption to secure data being transmitted across a network:
the key used to encrypt is private, but the key used to decrypt the data is public
the key used to encrypt is public, but the key used to decrypt the data is private.
both the key used to encrypt and decrypt the data are private.
both the key used to encrypt and decrypt the data are public.
9. When reviewing an intrusion detection system (IDS), an IS auditor should be MOST

concerned about which of the following?
Number of nonthreatening events identified as threatening
Legitimate traffic being blocked by the system
Attacks not being identified by the system
Reports/logs being produced by an automated tool
10. The role of the certificate authority (CA) as a third party is to:
act as a trusted intermediary between two communication partners.
confirm the identity of the entity owning a certificate issued by that CA.
host a repository of certificates with the corresponding public and secret keys issued by that CA.
provide secured communication and networking services based on certificates.
11. An IS auditor notes that failed login attempts to a core financial system are automatically
logged and the logs are retained for a year by the organization. The IS auditor should
conclude that this is:
a valid detective control.
a corrective control.
an effective preventive control.
not an adequate control.
12. Which of the following methods BEST mitigates the risk of disclosing confidential
information through the use of social networking sites?
Requiring a signed acceptable use policy
Prohibiting the use of social media through network controls
Monitoring the use of social media
Providing security awareness training
13. The goal of information systems controls is

To ensure that systems are reliable.
To ensure that systems function
To ensure that data are confidential.
To ensure that systems objectives are met.
14. These systems use the same key to encrypt and to decrypt.
Symmetric encryption
Asymmetric encryption
Public key encryption
Hashing encryption
15. Information encrypted with the creator's private key that is used to authenticate the
sender is
Digital certificate
Digital signature
Public key
16. When reviewing the procedures for the disposal of computers, which of the following
should be the GREATEST concern for the IS auditor?
Hard disks are overwritten several times at the sector level, but are not reformatted before leaving
the organization.
All files and folders on hard disks are separately deleted, and the hard disks are formatted before
leaving the organization.
Hard disks are rendered unreadable by hole-punching through the platters at specific positions
before leaving the organization.
The transport of hard disks is escorted by internal security staff to a nearby metal recycling
company, where the hard disks are registered and then shredded.
17. A perpetrator looking to gain access to and gather information about encrypted data
being transmitted over the network would use:
traffic analysis
masquerading
eavesdropping
spoofing
18. A process that takes plaintext of any length and transforms it into a short code.
Symmetric encryption
Hashing
Encryption
19. Which of the following exposures associated with the spooling of sensitive reports for
offline printing should an IS auditor consider to be the MOST serious?
Output can be lost in the event of system failure.
Data can be amended without authorization.
Unauthorized report copies can be printed.
Sensitive data can be read by operators.
20. Which of the following is not one of the three important factors determining the strength
of any encryption system?
Encryption algorithm
Key length
Privacy
Key management policies
21. Which significant risk is introduced by running the file transfer protocol (FTP) service
on a server in a demilitarized zone (DMZ)?
A user from within could send a file to an unauthorized person.
FTP could significantly reduce the performance of a DMZ server.
A hacker may be able to use the FTP service to bypass the firewall.
FTP services could allow a user to download files from unauthorized sources.
22. Which of the following would be an indicator of the effectiveness of a computer security
incident response team?
Financial impact per security incident
Number of successful penetration tests
Percentage of business applications that are being protected
Number of security vulnerabilities that were patched
23. The PRIMARY objective of Secure Sockets Layer (SSL) is to ensure:

only the sender and receiver are able to encrypt/decrypt the data.
the alteration of transmitted data can be detected.
the sender and receiver can authenticate their respective identities.
the ability to identify the sender by generating a one time session key.
24. Which of the following provides the GREATEST assurance of message authenticity?
The prehash code and the message are encrypted using the secret key.
The prehash code is encrypted using the sender's private key.
The sender attains the recipient's public key and verifies the authenticity of its digital certificate
with a certificate authority.
The prehash code is derived mathematically from the message being sent.
25. When using a digital signature, the message digest is computed:

by both the sender and the receiver
only by the sender
only by the receiver
by the certificate authority (CA)
26. The technique used to ensure security in virtual private networks (VPNs) is:
transform
encapsulation
wrapping
encryption
27. Which of the following is not one of the 10 internationally recognized best practices for
protecting the privacy of customers' personal information?
Choice and consent.
Use and retention.
Disclosure to third parties.
Reimbursement.
28. The IS auditor has been informed by the security administrator that the virus scanner is
updated in real time. The IS auditor confirms that the virus scanner has been configured to
update automatically. What is the NEXT step for the IS auditor to confirm that the control
is effective?
Review the log files, and confirm that the virus signature file was updated.
Request a confirmation from the security administrator about the most recent update to the virus
signature file.
The IS auditor's work is adequate, and no further work is required.
Confirm the current version of the virus signature file with the vendor.
29. A text file created by a website and stored on a visitor's hard disk.
Error log
Validity check
Cookie
Spam
30. An IS auditor conducting a physical security audit of an organization's back office

processing facility would find which of the following techniques MOST effective to determine
that the company's sensitive information is secure?
Social engineering
Vulnerability assessment
Penetration testing
War walking
31. Which of the following biometrics has the HIGHEST reliability and lowest false
acceptance rate (FAR)?
Retina scan
Hand geometry
Palm scan
Face recognition
32. Which of the following manages the digital certificate life cycle to ensure adequate
security and controls exist in digital signature applications related to e-commerce?
Certificate authority (CA)
Registration authority
Certification relocation list (CRL)
Certification practice statement
33. When using a universal storage bus (USB) flash drive to transport confidential corporate
data to an offsite location, an effective control would be to:
carry the flash drive in a portable safe.
encrypt the folder containing the data with a strong key.
request that management deliver the flash drive by courier.
assure management that you will not lose the flash drive.
34. Which of the following aspects of symmetric key encryption influenced the development
of asymmetric encryption?
Complexity of the algorithm
Volume of data
Processing power
Key distribution
35. Which of the following is not one of the 10 internationally recognized best practices for
protecting the privacy of customers' personal information?
Monitoring and enforcement
Access
Security
Registration
36. Which of the following controls would BEST detect intrusion?

Automatic logoff of the system occurs after a specified number of unsuccessful attempts.
Unsuccessful logon attempts are monitored by the security administrator.
Automatic logoff is used when a workstation is inactive for a particular period of time.
User IDs and user privileges are granted through authorized procedures.
37. Which of the following descriptions is not associated with symmetric encryption?
Lack of authentication
Separate keys for each communication party
Faster encryption
A shared secret key
38. When creating a password, a system generates the initial password and then forces the user to
change the password when the user logs on for the first time. The system allows the user to enter
the same password generated by the system as the user's own/new password. Which of the
following would be the MOST effective control?
Instituting a security awareness and an education program
Rewriting the company's password policy
Establishing a system that ensures that users change passwords more frequently
Establishing a system that does not accept an old password as a new password
39. The PRIMARY reason for using digital signatures is to ensure data:
confidentiality
timeliness
integrity
availability
40. Concerning virtual private networks (VPN), which of the following is not true?
The cost of the VPN software is much less than the cost of leasing or buying the infrastructure
(telephone lines, satellite links, communications equipment, etc.) needed to create a privately
owned secure communications network.
VPNs provide the functionality of a privately owned network using the Internet.
Using VPN software to encrypt information while it is in transit over the Internet in effect creates
private communication. channels, often referred to as tunnels, which are accessible only to those
parties possessing the appropriate encryption and decryption keys.
It is more expensive to reconfigure VPNs to include new sites than it is to add or remove the
corresponding physical connections in a privately owned network.
41. Which of the following is the PRIMARY safeguard for securing software and data within
an information processing facility?
Security committee
Security awareness
42. At a hospital, medical personal carry handheld computers which contain patient health
data. These handheld computers are synchronized with PCs which transfer data from a
hospital database. Which of the following would be of the most importance?
The employee who deletes temporary files from the local PC, after usage, is authorized to maintain
PCs.
theft or loss.
The usage of the handheld computers is allowed by the hospital policy.
The employee who deletes temporary files from the local PC, after usage, is
43. In an online banking application, which of the following would BEST protect against
identity theft?

45. A hacker could obtain passwords without the use of computer tools or programs through
the technique of:
Trojan horses
social engineering
back doors
sniffers

Password sniffing
Dictionary
Man-in-the middle
Phishing
48. Supervision in a computerized environment is more complex than in a manual

environment for all of the following reasons except
many systems professionals have direct and unrestricted access to the organization's programs and
data
49. Adequate backups will protect against all of the following except
system crashes
natural disasters such as fires
unauthorized access
data corruption caused by program errors
ACCTG 20 AIS Chapter 12: Integrity & Availability Controls and Revenue Cycle
1. The shipping notice

is mailed to the customer
is a formal contract between the seller and the shipping company
is always prepared by the shipping clerk
informs the billing department of the quantities shipped
2. Good internal controls in the revenue cycle should ensure all of the following except
all sales are profitable
all sales are recorded
credit is authorized
inventory to be shipped is not stolen
3. The customer open order file is used to

respond to customer queries
fill the customer order
ship the customer order
authorize customer credit
4. Which department is least likely to be involved in the revenue cycle?

credit
accounts payable
billing
shipping
5. An advantage of real-time processing of sales is

the cash cycle is lengthened
current inventory information is available
hard copy documents provide a permanent record of the transaction
data entry errors are corrected at the end of each batch
6. The data processing method that can shorten the cash cycle is
batch, sequential file processing
batch, direct access file processing
real-time file processing
none of the above
7. Usually specific authorization is required for all of the following except

sales on account which exceed the credit limit
sales of goods at the list price
a cash refund for goods returned without a receipt
write off of an uncollectible account receivable
8. The billing department is not responsible for

updating the inventory subsidiary records
recording the sale in the sales journal
notifying accounts receivable of the sale
sending the invoice to the customer
9. The most effective internal control procedure to prevent or detect the creation of fictitious credit
memoranda for sales returns is to
supervise the accounts receivable department
limit access to credit memoranda
prenumber and sequence check all credit memoranda
require management approval for all credit memoranda
10. The purpose of the sales invoice is to

record reduction of inventory
transfer goods from seller to shipper
bill the customer
select items from inventory for shipment
11. At which point is supervision most critical in the cash receipts system?
accounts receivable
accounts receivable
mail room
cash receipts
12. Which control does not help to ensure that accurate records are kept of customer accounts and
inventory?
reconcile accounts receivable control to accounts receivable subsidiary
authorize credit
segregate custody of inventory from record keeping
segregate record keeping duties of general ledger from accounts receivable
13. EDI trading partner agreements specify all of the following except
selling price
quantities to be sold
payment terms
person to authorize transactions
14. Customers should be billed for backorders when

the customer purchase order is received
the backordered goods are shipped
the original goods are shipped
customers are not billed for backorders because a backorder is a lost sale
15. Which document triggers the revenue cycle?

the sales order
the customer purchase order
the sales invoice
the journal voucher
16. Copies of the sales order can be used for all of the following except
purchase order
credit authorization
shipping notice
packing slip
17. Adjustments to accounts receivable for payments received from customers is based upon
the customer's check
the cash prelist
the remittance advice that accompanies payment
a memo prepared in the mailroom
18. Commercial accounting systems have fully integrated modules. The word "integrated" means
that
segregation of duties is not possible
transfer of information among modules occurs automatically
batch processing is not an option
d. separate entries are made in the general ledger accounts and the subsidiary ledgers
19. The accounts receivable clerk destroys all invoices for sales made to members of her family
and does not record the sale in the accounts receivable subsidiary ledger. Which procedure will
not detect this fraud?
prenumber and sequence check all invoices
reconcile the accounts receivable control to the accounts receivable subsidiary ledger
prepare monthly customer statements
d. reconcile total sales on account to the debits in the accounts receivable subsidiary ledger
20. A cash prelist is

a document that records sales returns and allowances
a document returned by customers with their payments
the source of information used to prepare monthly statements
none of the above
21.The stock release copy of the sales order is not used to:
locate and pick the items from the warehouse shelves
record any out-of-stock items
authorize the warehouse clerk to release custody of the inventory to shipping
record the reduction of inventory
22.All of the following are advantages of real-time processing of sales except

The cash cycle is shortened
Paper work is reduced
Incorrect data entry is difficult to detect
Up-to-date information can provide a competitive advantage in the marketplace
23. A weekly reconciliation of cash receipts would include comparing
the cash prelist with bank deposit slips
the cash prelist with remittance advices
bank deposit slips with remittance advices
journal vouchers from accounts receivable and general ledger
24. The revenue cycle consists of

one subsystem-order entry
two subsystems-sales order processing and cash receipts
two subsystems-order entry and inventory control
three subsystems-sales order processing, credit authorization, and cash receipts
25. The printer ran out of preprinted sales invoice forms and several sales invoices were not
printed. The best internal control to detect this error is
a batch total of sales invoices to be prepared compared to the actual number of sales invoices
prepared
sequentially numbered sales invoices
visual verification that all sales invoices were prepared
none of the above will detect this error
26. The credit department

prepares credit memos when goods are returned
approves credits to accounts receivable when payments are received
authorizes the granting of credit to customers
none of the above
27. Which journal is not used in the revenue cycle?

cash receipts journal
sales journal
purchases journal
general journal
28. Which document is included with a shipment sent to a customer?

sales invoice
stock release form
packing slip.
shipping notice
29. Internal controls for handling sales returns and allowances do not include
computing bad debt expense using the percentage of credit sales.
verifying that the goods have been returned
authorizing the credit memo by management
using the original sales. invoice to prepare the sales returns slip
30. A remittance advice is

used to increase (debit) an account receivable by the cash received
is a turn-around document
is retained by the customer to show proof of payment
none of the above
31. The reconciliation that occurs in the shipping department is intended to ensure that
credit has been approved
the customer is billed for the exact quantity shipped.
the goods shipped match the goods ordered
inventory records are reduced for the goods shipped
32. Which situation indicates a weak internal control structure?

the mailroom clerk authorizes credit memos
the record keeping clerk maintains both accounts receivable and accounts payable subsidiary
ledgers
the warehouse clerk obtains a signature before releasing goods for shipment the accounts
receivable
clerk prepares customer statements every month
33. Which of the following is not a risk exposure in a microcomputer accounting system?
reliance on paper documentation is increased
functions that are segregated in a manual environment may be combined in a microcomputer
accounting system
backup procedures require human intervention
data are easily accessible
34. Periodically, the general ledger department receives all of the following except
total increases to accounts receivable
total of all sales backorders
total of all sales
total decreases in inventory
35. Which of following functions should be segregated?

opening the mail and making the journal entry to record cash receipts
authorizing credit and determining reorder quantities
maintaining the subsidiary ledgers and handling customer queries
d. providing information on inventory levels and reconciling the bank statement
36. Which department prepares the bill of lading?

sales
warehouse
shipping
credit
37. The adjustment to accounting records to reflect the decrease in inventory due to a sale occurs
in the
warehouse
shipping department
billing department
inventory control department
38. The revenue cycle utilizes all of the following files except
credit memo file
sales history file
shipping report file
cost data reference file
39. Which control ensures that production files cannot be accessed without specific permission?
Database Management System
Recovery Operations Function
Source Program Library Management System
Computer Services Function
40. Which statement is not correct? The audit trail in a computerized environment
consists of records that are stored sequentially in an audit file
traces transactions from their source to their final disposition
is a function of the quality and integrity of the application programs
may take the form of pointers, indexes, and embedded keys
41. Routine maintenance activities require all of the following controls except
documentation updates
testing
formal authorization
internal audit approval
42. Which statement is correct?

compiled programs are very susceptible to unauthorized modification
the source program library stores application programs in source code form
modifications are made to programs in machine code language
the source program library management system increases operating efficiency.
43. Program testing

involves individual modules only, not the full system
involves individual modules only, not the full system walang sagot dito.
need not be repeated once the system is implemented
is primarily concerned with usability
44. Which of the following is correct?

check digits should be used for all data codes
check digits are always placed at the end of a data code
check digits do not affect processing efficiency
check digits are designed to detect transcription and transposition errors
45. An example of a hash total is
total payroll checks $12,315
total number of employees-10
sum of the social security numbers-12,555,437,251
none of the choices
46. A computer operator was in a hurry and accidentally used the wrong master file to process a
transaction file. As a result, the accounts receivable master file was erased. Which control would
prevent this from happening?
header label check
expiration date check
version check
validity check
47. The correct purchase order number, 123456, was incorrectly recorded as shown in the
solutions. All of the following are transcription errors except
1234567
12345
124356
123454
48. Which of the following is an example of input control test?

sequence check
zero value check
spooling check
range check
49. Which control is not associated with new systems development activities?
reconciling program version numbers
program testing
user involvement
internal audit participation
50. Which control is not a part of the source program library management system?
using passwords to limit access to application programs
assigning a test name to all programs undergoing maintenance
combining access to the development and maintenance test libraries
assigning version numbers to programs to record program modifications
51. Which statement is not true? A batch control record

contains a transaction code
records the record count
contains a hash total
control figures in the record may be adjusted during processing
All of the choices are true
52. Which input control check would detect a payment made to a nonexistent vendor?
missing data check
numeric/alphabetic check
range check
validity check
53. Which of the following is not an example of a processing control?

hash total
record count
batch total
check digit
54. An inventory record indicates that 12 items of a specific product are on hand. A customer
purchased two of the items, but when recording the order, the data entry clerk mistakenly entered
20 items sold. Which check could detect this error?
numeric/alphabetic data checks
limit check
range check
reasonableness check
55. Which statement is not correct? The goal of batch controls is to ensure that during processing
transactions are not omitted
transactions are not added
transactions are free from clerical errors
an audit trail is created
56. The employee entered "40" in the "hours worked per day" field. Which check would detect
this unintentional error?
numeric/alphabetic data.
check
sign check
limit check
missing data check
57. Which check is not an input control?

reasonableness check
validity check.
spooling check
missing data check
ACCOUNTING 20 MIDTERM EXAMINATION
PART 1
Question 1
For an action to be called fraudulent, all of the following conditions are required except
injury or loss
intent to deceive
poor judgement
Question 2
Encryption is least likely to be used in which of the following situations:
When wire transfers are made between banks.
When confidential data are sent by satellite transmission.
When financial data are sent over dedicated, leased lines
When transactions are transmitted over local area networks.
Question 3
Advantages of distributed data processing include each of the following except
improved operational efficiency
increased user satisfaction
better management of organization resources
cost reductions
Question 4
Which of the following flowcharts illustrates the flow of data among areas of responsibility in an
organization?
program flowchart
document flowchart
computer configuration chart
system flowchart
Question 5
The reconciliation that occurs in the shipping department is intended to ensure that
the goods shipped match the goods ordered
credit has been approved
the customer is billed for the exact quantity shipped
inventory records are reduced for the goods shipped
Question 6
Which of the following is not an identity theft scenario?
In public places, criminals may engage in "shoulder surfing"– watching you from a nearby
location as you punch in your telephone calling card number or credit card number – or listen in
on your conversation if you give your credit-card number over the telephone.
If you receive applications for "pre-approved" credit cards in the mail, but discard them without
tearing up the enclosed materials, criminals may retrieve them and try to activate the cards for
their use without your knowledge. Also, if your mail is delivered to a place where others have
ready access to it, criminals may simply intercept and redirect your mail to another location.
All of the choices are examples of identity theft
Many people respond to "spam"– unsolicited E-mail – that promises them some benefit but
requests identifying data, without realizing that in many cases, the requester has no intention of
keeping his promise. In some cases, criminals reportedly have used computer technology to steal
large amounts of personal data.
Question 7
Authentication is the process of verifying the identity of the person or device attempting to
access a system. Which of the following is not a common type of credential used to verify a
person’s identity?
Something they know, such as passwords or personal identification numbers (PINs)
All of the choices are common credentials for authentication
Something physical or behavioral characteristic, such as fingerprints or typing patterns.
Something they have, such as smart cards or ID badges
Question 8
The Data Manipulation Language
defines the database to the Database Management System
enables application programs to interact with and manipulate the database
describes every data element in the database
transfers data to the buffer area for manipulation
Question 9
Which statement is false?
User programs send requests for data to the DBMS.
The DBMS is special software that is programmed to know which data elements each user is
authorized to access.
The DBMS does not control access to the database.
During processing, the DBMS periodically makes backup copies of the physical database.
Question 10
In a relational database
users perceive that they are manipulating a single table
the user’s view of the physical database is the same as the physical databas
a virtual table exists in the form of rows and columns of a table stored on the disk
a programming language (COBOL) is used to create a user’s view of the database
Question 11
Forces which may permit fraud to occur do not include
Question 12
A remittance advice is
is a turn-around document
none of the above
is retained by the customer to show proof of payment
used to increase (debit) an account receivable by the cash received
Question 13
Which of the following is not a preventive control?
Physical security access
Patch management
Creation of a “security-aware” culture
Change control and change management
Question 14
The following are the characteristics of a well-designed change control and change management
process. Which is the exception?
Testing of all changes in a staging environment
Updating all documentation to reflect newly implemented changes
Conversion controls to ensure that feature changes are accurately and completely transition to
operating conditions.
Development and documentation “backout” plans
Question 15
The implementation of an onsite firewall is necessary in which of the following cases?
Organizations using only SaaS in storing and processing their data
Organizations with e-commerce sales.
Organizations not using any computerized devices
Organizations with multiple brick-and-mortar operations facilities
Question 16
This is a table used to implement authorization controls
Authorization control table
Access control matrix
Access control credentials
Access control table
Question 17
The accounts receivable clerk destroys all invoices for sales made to members of her family and
does not record the sale in the accounts receivable subsidiary ledger. Which procedure will not
detect this fraud?
oncile the accounts receivable control to the accounts receivable subsidiary ledger
reconcile total sales on account to the debits in the accounts receivable subsidiary ledge
prenumber and sequence check all invoices
prepare monthly customer statements
Question 18
At most banks, the tellers can inform a customer of the current balance on his or her savings
account. For this to be possible, the bank’s accounting system must utilize all of the following
except
A responsibility accounting system.
A subsidiary ledger detailing the controlling account for savings account balances.
On-line input devices.
A computer based accounting system.
Question 19
The stock release copy of the sales order is not used to
record the reduction of inventory
record any out-of-stock items
locate and pick the items from the warehouse shelves
authorize the warehouse clerk to release custody of the inventory to shipping
Question 20
The concept of reasonable assurance suggests that
a well-designed system of internal controls will detect all fraudulent activity
the cost of an internal control should be less than the benefit it provides
the effectiveness of internal controls is a function of the industry environment
the objectives achieved by an internal control system vary depending on the data processing
method
Question 21
How are data sources and destinations represented in a data flow diagram?
as a square
none of the above
as two parallel lines
as a circle
as a curved arrow
Question 22
How can a business minimize the impact of a Zero-day attack?
Install antivirus software
Timely update of system
None of the choices
Install a powerful firewall
Question 23
Which of the following is correct?
check digits should be used for all data codes
check digits are always placed at the end of a data code
check digits do not affect processing efficiency
check digits are designed to detect transcription and transposition errors
Question 24
Which of the following is never vulnerable to Cross-site scripting (XSS)?
Websites using Blogger platform by Google
Websites like Facebook
All of the choices are vulnerable to XSS.
Websites coded strictly using HTML and CSS only
Question 25
Which of the following abuse techniques is not effective anymore?
SQL injection
dictionary attack
Phising
splogs
Question 26
The documentation skills that accountants require vary with their job function. However, they
should at least be able to do which of the following?
Critique and correct documentation that others prepare.
Prepare documentation for a newly developed information system
Read documentation to determine how the system works.
Teach others how to prepare documentation
Question 27
All of the following are guidelines that should be followed in naming DFD data elements
EXCEPT
Process names should include action verbs such as update, edit, prepare, and record
Name only the most important DFD elements.
Make sure the names describe all the data or the entire process.
Choose active and descriptive names.
Question 28
Which of the following is not a characteristic of special journals?
The recording of transactions often is combined with other essential business functions.
They are designed to record specific types of transactions as quickly and efficiently as possible.
They are used primarily for recording unusual types of transactions.
Transactions often are recorded by machine, or by persons other than the company’s accounting
staff.
Question 29
Which input control check would detect a payment made to a nonexistent vendor?
range check
missing data check
validity check
numerical check
Question 30
A user view
specifies the relationship of data elements in the database
is the logical abstract structure of the database
presents the physical arrangement of records in a database for a particular use
defines how a particular user sees the database
Question 31
Robinsons Department Store uses on-line point of sale terminals in recording sales transactions.
Which of the following types of information cannot be made available to the store manager as of
2:00 PM on a particular day?
The number of units of a specific product on hand at 2:00 PM
Total sales for the day through 2:00 PM.
Total cash sales for the day made in a particular sales department as of 2:00 PM.
None of the above answers is correct. All this information can be made available.
Question 32
The objectives of all information systems include all of the following except
support for management decision making
support for the day-to-day operations of the firm
evaluating transaction data
support for the stewardship function of management
Question 33
Which of the following best describes lapping?
of funds
Question 34
A DFD is a representation of which of the following?
decision rules in a computer program
flow of data in an organization
the logical operations performed by a computer program
computer hardware configuration
Question 35
Which of the following statements is false?
All accounting system include some form of journal(s).
The types and amounts of accounting information developed expressly for use by management
is likely to vary from one business organization to another.
The types and number of special journals in use is likely to vary from one business organization
to another.
If an accounting system is to be efficient, business transactions should be recorded only by
accounting personnel.
It is easier to achieve strong internal control in a large business than in a small one.
Question 36
A report telling how well all approved vendors have performed in the prior 12 months is
information that is MOST needed in which business process?
paying vendors
acquiring inventory
selling merchandise
paying employees
Question 37
Risk exposures associated with creating an output file as an intermediate step in the printing
process (spooling) include all of the following actions by a computer criminal except
making a copy of the output file and using the copy to produce illegal output reports
printing an extra hardcopy of the output file
gaining access to the output file and changing critical data values
using a remote printer and incurring operating inefficiencies
Question 38
A national retailer required more detailed data to help stock its stores with the right products and
to increase its turnover. Such data amounted to several gigabytes per day from each store. A new
high-speed company-wide network was needed to transmit and analyze the data.
Private wide area network
Value-added network.
Virtual private network.
Integrated services digital network.
Question 39
In which cycle does a company ship goods to customers?
automating all decision making
reducing the need to identify a strategy and strategic position
transforming data into useful information
allocating organizational resources
Question 40
A set of instructions to increase a programmer’s pay rate by 10% is hidden inside an authorized
program. It changes and updates the payroll file. What is this computer fraud technique called?
trap door
trojan horse
virus
worm
Question 41
Which duty is not the responsibility of the Database Administrator?
to design application programs
to implement security controls
to design the subschema
to develop and maintain the Data Dictionary
Question 42
The major difference between the Financial Reporting System (FRS) and the Management
Reporting System (MRS) is the
FRS reports are prepared in flexible, nonstandardized formats; the MRS reports are prepared in
standardized, formal formats
FRS provides information to internal and external users; the MRS provides information to
internal users
FRS provides discretionary information; the MRS provides nondiscretionary information
FRS reports are prepared using information provided by the General Ledger System; the MRS
provides information to the General Ledger System
Question 43
Which of the following is not a limitation of the internal control system?
fraud occurs because of collusion between two employees
management instructs the bookkeeper to make fraudulent journal entries
the industry is inherently risky
errors are made due to employee fatigue
Question 44
Assuming a ten-word message was converted to a message digest using SHA-256, and yields an
output of 903b5a1c2eca28ba0e844cb57763d32e65cd1479cb28f5b1863418a3f920c251. How
will you determine the ten-word message in clear text form?
There is no way to determine its original clear text form. Regardless of the length of the input
data, it will yield a fix 256-bit output data depending on the algorithm used.
Using decryption software.
Using the same SHA-256 algorithm by reverse engineering.
Brute forcing every possible ten-word message to be converted to a digest using SHA-256 and
once it resulted to the same hash, it is the message.
Question 45
The correct purchase order number, 123456, was incorrectly recorded as shown in the solutions.
All of the following are transcription errors except
12345
1234567
124356
123454
Question 46
Internal controls for handling sales returns and allowances do not include
using the original sale
authorizing the credit memo by management
verifying that the goods have been returned
computing bad debt expense using the percentage of credit sales
Question 47
Techniques used to obtain confidential information, often by tricking people, are referred to as
what?
identity theft
pretexting
posing
social engineering
Question 48
A computer operator was in a hurry and accidentally used the wrong master file to process a
transaction file. As a result, the accounts receivable master file was erased. Which control would
prevent this from happening?
validity check
header label check
expiration date check
version check
Question 49
Which of the following is least likely to be kept continuously up-to-date in an on-line, real time
accounting system?
Income taxes expense.
The account receivable subsidiary ledger.
Departmental sales revenue.
The inventory subsidiary ledger.
Question 50
Symmetric cryptography is also known as __________.
Shared key cryptography
Hashing
Steganography
Public key cryptography
PART 2
Question 1
1. Receive order
2. Check Credit
3. Credit Records
4. Open Order File
5. Pick Goods
6. Ship Goods
7. Shipping Log
8. Back Order File
9. Stock Records
10. Bill Customer
11. S.O. Pending File
12. Sales Journal
13. Update AR
14. Post to General Ledger
15. Update Inventory
16. Inventory Subsidiary
17. AR Subsidiary
18. Journal Voucher File (general
19. General Ledger Records
20. Customer
Question 2
First of all, all systems have its own weaknesses and these weaknesses greatly affect the
overall performance of a certain company. For this scenario, the MetaVerse's access to the cash
drawers by sales clerk has needed more accountability. The internal cash register must be used as
a control to distinguish how much cash must be in the drawer. The supervisor did not sign for the
specific value of cash that has been received or has been returned. In counting of cash, the treasury
clerk did not evaluate it and has asset custody as well as responsibility for recording sales and cash
in the journal and in the ledger.
In order for the MetaVerse eradicate its disadvantages, controls must be further applied.
First and foremost, the value of every item must be the same as the price list in the cashier drawer.
Secondly, the supplies must always be updated with the sales account. Lastly, registration number
checks, nominal and specimen for the control. I believe that if MetaVerse will see their own
weaknesses and apply these necessary controls, then the morale of the company will stay strong
and high. Afterall, the MetaVerse should learn the proper segregation of duties and by this control,
it will help it succeeds and may avoid future problems. "By our own weaknesses, we learn, we
adapt, and make it as our strengths".
ACCTG 20 QUIZ ON CHAPTER 13 AND 14
1. What is the key difference between the MRP and JIT inventory management approaches?
JIT is more effectively used with products that have predictable patterns of demand.
Only JIT reduces costs and improves efficiency.
MRP schedules production to meet estimated sales needs: JIT schedules production to meet
customer demands.
MRP is especially useful for products such as fashion apparel.
2. From a legal standpoint, when does the obligation to pay a vendor arise?
when the goods are billed
when the goods are received by the purchaser
when the goods are ordered
when the goods are requisitioned
3. What aspect below best characterizes a JIT inventory system?

frequent deliveries of smaller quantities of items to the work centers
frequent deliveries of large quantities to be held at the work centers
less frequent deliveries of large quantities of goods to central receiving
infrequent bulk deliveries of items directly to work centers
4. EOQ includes several variables that must be taken into consideration when calculating the
optimal order. size. One variable, the costs. inventory, is referred to as
the reorder point.
stockout costs.
ordering costs.
carrying costs.
5. A disbursement voucher contains

All of the above are correct.
the general ledger accounts to be debited.
a list of outstanding invoices.
the net payment amount after deducting applicable discounts and allowances.
6. A key decision in ordering is selecting a suitable vendor. Which of the following criterion in
vendor would not be a major selection?
prices of goods
ability to deliver on time
quality of goods
credit rating of the vendor
7. Identify which of the following scenarios the buyer could adjust by using a debit memo
document.
quantity different from that ordered
All of the above are possible scenarios.
goods that fail inspection for quality
damage to the goods
8. Once a vendor is selected for a product, the company's identity is recorded in the
purchase requisition file.
product inventory master record.
general ledger.
product inventory transaction file.
9. The receiving department responsibilities in connection with the expenditure cycle. Identify one
of these responsibilities.
deciding if the delivery should be accepted
verifying any purchase discounts for the deliver
shipping products most efficiently and at the lowest cost
deciding on the location where the delivery will be stored until used
10. The inventory management approach that attempts to minimize, if not eliminate, carrying and
stockout costs. is
the economic order quantity
a just-in-time inventory system.
There is no such inventory. management approach.
the materials requirements planning.
11. The major advantage of an MRP inventory system is. that it reduces inventory levels. This is
because
the system is able to compute exactly the cost of purchasing by taking into account all costs
associated with inventory carrying.
the uncertainty about when materials are needed is reduced, thus reducing the need to carry large
levels of inventory.
None of the above are correct.
inventory is brought to the production site exactly when needed and in the correct quantities by
the vendor.
12. A major cost in the purchasing function is the number of purchase orders processed. One
technique that may reduce purchasing related expenses is to have suppliers compete with each
other to meet demand at the lowest price. This name of this technique is
a trading exchange.
a supplier consortium.
an EDI auction..
a reverse auction.
13. A legal obligation arises at the time goods are received from a supplier. The objective of
accounts payable is to authorize payment only for goods or services actually ordered and received.
The best way to process supplier invoices is to use
a disbursement voucher system.
EDI for all small, occasional purchases from suppliers.
a nonvoucher system.
electronic funds transfer for small, occasional purchases from suppliers.
14. MRP will be a preferred method over JIT

when the demand for inventory is mostly unpredictable.
None of the above are correct.
demand for inventory is fairly predictable.
product has a short life cycle.
15. A _________ system is a system in which an approved invoice is posted to the vendor account
and is stored in an open invoice file until payment is made by check.
nonvoucher
cycle
blanket invoice
voucher
16. A standing order to purchase specified items at a designated price, from a particular supplier
for a set period of time, is called a
purchase order.
set order.
blanket purchase order.
commodity order.
17. The first major business activity in the expenditure cycle is ordering inventory and supplies.
The traditional approach to management of inventory to ensure sufficient inventory to maintain
production is known as
optimal inventory quantity,
just-in-time production.
safety stock.
economic order quantity.
18. Vendor invoices are approved by the _____ which reports to the _______.
purchasing department: treasurer
accounts payable department; treasurer
purchasing department; controller
accounts payable department; controller
19. In the expenditure cycle, the primary external exchange of information occurs with
suppliers.
customers.
management.
the audit committee.
20. One alternative approach to managing inventory is materials requirements planning (MRP).
What is a key feature of this approach?
to determine the optimal order size
to determine the optimal reorder point
to minimize or entirely eliminate carrying and stockout costs.
to reduce required inventory levels by scheduling production rather than estimating needs
21. A receiving clerk notes that a delivery of 10 units has been received, but the purchase order
specified 12 units. A debit memo will be prepared to adjust for the difference in the quantity
ordered and received. Who should prepare this document?
the receiving clerk
management
the sales department
the purchasing department
22. Which of the following is not an advantage of a voucher system?

the time of voucher approval and payment can be kept separate
several invoices may be included on one voucher, reducing the number of checks
disbursement vouchers may be pre-numbered and tracked through the system
it is a less expensive and easier system to administer than other systems
23. There are three basic activities in the expenditure cycle. One of the basic activities is the
receiving and storage of goods, supplies, and services. What is the counterpart of this activity in
the revenue cycle?
the shipping function
the cash payments activity
the cash collection activity
the sales order entry process
24. All of the following technologies could be useful aids in the receiving process except
radio frequency identification tags.
EFT.
satellite technology.
bar coding.
25. When goods are being ordered from a vendor, which electronic files are either read or updated?
inventory, vendors, and accounts payable
inventory, vendors, and open purchase orders
vendors and accounts payable
open purchase orders and accounts payable
26. What is not an advantage to using disbursement vouchers?

There are no disadvantages to using disbursement vouchers.
Disbursement vouchers can be prenumbered which simplifies the tracking of all payables.
Disbursement vouchers facilitate separating the time of invoice approval from the time of invoice
payment.
Disbursement vouchers reduce the number of checks written.
27. What is one of the best ways to improve the overall efficiency and effectiveness of the receipt
and storage of ordered items?
requiring all suppliers to use EDI to expedite the receiving department function
requiring all delivery trucks to have satellite data terminals to expedite the receiving department
function
requiring all suppliers to have bar-codes on their items to allow electronic scanning upon delivery
by the receiving department
requiring all suppliers to have a second party verify quantities purchased before shipment
28. Within the expenditure cycle, internal information flows

to the general ledger from the expenditure cycle.
from the revenue cycle to the expenditure cycle.
from the production cycle to the expenditure cycle.
29. The receiving and storage of goods is the responsibility of the receiving department, which
usually reports to the function in the company.
purchasing
stores
production
inventory control
30. To accomplish the objectives set forth in the expenditure cycle, a number of key management
decisions must be addressed. Which of the decisions below is not ordinarily found as part of the
expenditure cycle?
How can cash payments to vendors be managed to maximize cash flow?
What are the optimal prices for each product or service?
Where should inventories and supplies be held?
What is the optimal level of inventory and supplies to carry on hand?
31. The disbursement voucher and supporting documents are sent to the for payment prior to the
due date.
accounts payable department
treasurer
cashier
controller
32. Which of the following is generally not shown on a receiving report?

quantity of the items
counted and inspected by
purchase order number
price of the items
33. The decision of when to place an order in a traditional inventory system is specified by the
stockout point.
company inventory policies.
economic order quantity.
reorder point.
34. A purchase order is
a request for delivery of certain items and quantities.
All of the above are true.
a document formally requesting a vendor to sell a certain product at a certain price.
a contract between the buyer and vendor once accepted by the vendor.
35. The paper document or electronic form that formally requests a supplier to sell and deliver
specified products at designated prices is called
a receiving report.
a materials requisition.
a sales invoice
a purchase order.
36. The list which specifies the labor and machine requirements needed to manufacture a product
is called the
master production schedule.
operations list.
bill of materials.
bill of lading.
37. The form in the production cycle that specifies how much of each product is to be produced
during the planning period and when product should begin is the
bill of materials.
bill of lading.
operations list.
38. Whether a company uses an AIS, ERP, or incorporates some degree of CIM into its production
process, it still needs to collect data about four basic facets of its production operations. The facet
that impacts the company's human resource cycle the most is
the tracking of manufacturing overhead costs incurred for a production order.
the amount of raw material used in a production order.
the labor hours expended to complete a production order.
the machine operations performed during a production order.
39. Manufacturing overhead consists of all manufacturing costs that are not economically feasible
to trace directly to specific jobs or processes. Which of the costs below would not be considered
an overhead cost?
salaries of factory production supervisors
utilities
rent
earnings of factory production employees
40. An integral part of the production process is the use of raw materials. One way to enable an
AIS to efficiently track and process information about raw materials used in production is to
implement.
bar coding
job-order costing
a materials resources planning inventory system
a just-in-time inventory system
41. For replacement of inventories and assets. destroyed by fire or other disasters, an organization
needs
stand-by facilities.
All of the above are correct
adequate insurance coverage.
source data automation.
42. There are four basic activities in the production cycle. The step that may incorporate robots
and computer-controlled machinery to achieve its goals is
planning and scheduling.
product design.
cost accounting.
production operations.
43. Factory supervisory costs would be assigned to departments for

performance evaluation purposes
product-mix decisions.
pricing decisions.
44. The second step in the production cycle is planning and scheduling. One of the methods of
production planning is referred to as push manufacturing. This method is also known as
ahead-of-time production
implementation (ATPI).
just-in-time manufacturing system (JIT).
manufacturing resource planning (MRP).
the economic order quantity (EOQ) system.
45. The operations list shows

the steps and operations in the production cycle.
the labor and machine requirements.
the time expected to complete each step or operation.
all of the above
46.What document authorizes the manufacturing of a product?

master production schedule
production order
materials requisition
move ticket
47. A company's production process may incorporate various forms of information technology
such as robots and computer-controlled machinery. One effect of using such a process is at shift
from mass production to custom order manufacturing. This process is called
CRM.
AIS.
CIM.
ERP
48. A _________ is used to document the subsequent relocation of materials through the factory
for manufacturing in process.
move ticket
master production schedule
production order
49. An AIS should be designed to provide timely and accurate information about production cycle
activities that impact the other business cycles. One type of information deals with planning and
controlling manufacturing costs and evaluating performance. This type of information is called
product mix.
cost management.
product pricing.
resource allocation.
50. The document that authorizes the removal of the necessary quantity of raw materials from
storeroom to factory is referred to as
a materials requisition
a production order.
a move ticket.
a bill of materials.
51.The AIS compiles and feeds information among the business cycles. What is the relationship
between the revenue and production cycles regarding the exchange of information?
The revenue cycle receives information from the production cycle about raw materials needs.
The revenue cycle provides sales forecast and customer order information to the production cycle,
but the production cycle sends. information back to revenue about finished goods production.
The production cycle does not exchange information with the revenue cycle.
The production cycle sends cost of goods manufactured information back to the revenue cycle
52. Which type of information below should not be maintained by the AIS in accounting for fixed
assets?
improvements
market value
identification/serial number
cost
53. The basic activities in the production cycle are
product design and production operations.
planning, scheduling, and cost accounting.
Both A and B are correct.
raw materials requisitioning, planning, and scheduling
54. Overproduction or underproduction can be a threat to an organization. To which process or

activity does this threat relate?
production operations
product design.
planning and scheduling
cost accounting
55. A ________ authorizes the transfer of raw goods. the storeroom to the needed for production
from production facilities.
production order
move ticket
56. The type of cost accounting system that primarily assigns costs to specific batches, or jobs, and
is used where production items can be discretely identified is known as cost ______ accounting.
job-order
manufacturing resources
just-in-time
process
57. The first step in the production cycle is product design. There are several objectives connected
with this step. Which objective below is not a product design objective
to design a quality product
to minimize production costs
to design a product that meets customer requirements
to make the design easy to track for cost accounting purposes.
58. Information found on the materials requisition form is based in part on information obtained
from which other form?
a move ticket.
a picking list.
a bill of materials.
59. The bill of materials shows the ______ of each product component.
quantity used
part number and description
part number and description and quantity used.
quantity ordered
60. A master production schedule is used to
develop detailed inventory charts.
develop daily direct labor needs
develop detailed timetables of daily production and determine raw material purchasing.
develop detailed reports on daily production and material usage.
61. The final step in the production cycle is the cost. accounting function. There are several
principal objectives of the cost accounting system. Which objective listed below is not a principal
cost accounting objective?
to provide tests of audit control functions as part of the AIS
to provide information for planning, controlling, and evaluating the performance of production
operations
to collect and process the information used to calculate inventory and cost of goods sold amounts
that appear in the financial statements.
to provide information for planning, controlling, and evaluating the performance of production
operations
62. Job-time tickets are used to

allocate machine costs.
specify each production task.
collect the time spent by a worker on a specific task.
63. Which of the following is. not a type of cost accounting system?
process costing
job order costing
activity-based costing
Just-in-time costing
64. Detailed data about warranty and repair costs is considered an applicable control used to
mitigate the threat of
overproduction
suboptimal investment of fixed assets.
underproduction.
poor product design.
65. Direct labor must be tracked and accounted for as part of the production process. Traditionally,
direct labor was tracked using _________ but an AIS enhancement is to use ______ to record and
track direct labor costs.
employee earnings records: job-time tickets
job-time tickets; coded identification cards
time cards; electronic time entry terminals
move tickets; coded identification cards
66. The second step in the production cycle is planning and scheduling. One of the methods of
production planning is referred to as pull manufacturing. This method is also known as
ahead-of-time production. implementation (ATPI).
just-in-time manufacturing system (JIT).
manufacturing resource planning (MRP).
the economic order quantity (EOQ) system.
67. MRP-II and JIT manufacturing systems both plan production in advance. What is the main
difference between these two systems?
There are no differences between the two systems.
JIT uses long-term customer demand for planning purposes
MRP-II relies on EDI
the length of the planning horizon.
68. The production planning department develops the master production schedule based on
information from several sources. What information is necessary to create this schedule?
engineering department specifications and inventory levels
engineering department specifications and sales forecasts
sales forecasts, special orders information, and inventory levels
special orders information and engineering department specifications.
69. The accountant's role in the ________ step of production cycle activities is to understand how
CIM affects the AIS.
production operations
product design
planning and scheduling
cost accounting methods.
70. The use of various forms of information technology in the production process is referred to as
computer intense manufacturing
computer-integrated manufacturing
computerized integration of machines.
computerized investments: and machines.
CHAPTER 15 AND 16
Question 1
Which of the following controls is inappropriate for payroll check writing?
sequential numbering of paychecks and accounting for the numbers
restrict access to blank payroll checks and documents
someone independent of the payroll process should reconcile the payroll bank account
use of a payroll clearing account
Question 2
Why is a separate payroll account used to clear payroll checks?
banks don't like to commingle payroll and expense checks
to make bank reconciliation easier
for internal control purposes to help limit any exposure to loss by the company
Question 3
Corrections are entries made to correct errors found in __________.
the general ledger.
all journals.
the financial statements.
special journals.
Question 4
When using electronic documents, __________ increase the accuracy of data entry.
access controls
separation of duties
general controls
application controls
Question 5
This organization maintains the payroll master file for each of its clients and performs the payroll
process.
Payroll service bureau
Professional employer organization
Virtual private network
Cashier
Question 6
The general ledger system of an organization should be designed to serve the information
requirements of both financial and nonfinancial users. This means that the system should
support producing regular periodic reports and respond to real-time inquiry needs.
support the real-time inquiry needs of all users.
support access by investors and creditors of the organization to general ledger balances.
support producing regular periodic reports.
Question 7
Which HR report is useful in planning future workforce needs and training programs?
payroll register
skills inventory report
deduction register
workforce inventory
Question 8
What is the payroll system's principal output?
hiring information
checks to employees
internal and external use reports
checks to government agencies
Question 9
Who provides the adjusting entries for a well-designed general ledger and reporting system?
the treasurer's area
various user departments
the other major AIS subsystems
the controller's area
Question 10
Given the four activities below, which of the HRM/payroll cycle activities occurs infrequently
relative to the others?
updating of the payroll master file
updating information about tax rates and withholdings
validating each employee's time and attendance data
preparing payroll
Question 11
Depreciation and bad debts expense are examples of which type of adjusting entries?
deferrals
revaluations
estimates
accruals
Question 12
Which of the following is not a potential effect of inaccurate time data?
inaccurate calculation of overhead costs
damaged employee morale
increased labor expenses
erroneous labor expense reports
Question 13
Which category of employee below is least likely to use a time card or electronic time clock to
track their hours?
managers and professional staff
accountants
employees who manufacture a product
attorneys
Question 14
Adjusting entries that are made to reflect differences between the actual and recorded value of an
asset or a change in accounting principle are called
reconciliations.
accruals.
estimates.
revaluations.
Question 15
One step in the payroll cycle is the preparation of paychecks. In the next step the payroll register
is sent to accounts payable for review. What is the following step in the process?
The payroll taxes are computed.
A disbursement voucher is prepared to authorize the transfer of funds from the company’s
general account.
The paychecks are distributed to the employees
The earnings statements are printed.
Question 16
The general ledger and reporting system is designed to provide information for which of the
following user groups?
internal users
inquiry processing by internal or external users
external users
all of the above
Question 17
Adjusting entries that reflect events that have already occurred but for which no cash flow has
taken place and not previously entered into the accounts are called
corrections.
deferrals.
accruals.
revaluations.
Question 18
The fourth step in the payroll cycle is preparing payroll. Pay rate information is needed in order
to complete this task. The pay rate information is accessed by the system from __________.
the payroll master file
the employee subsidiary ledger
the employees' personnel files
electronic time cards
Question 19
The recording of interest earned on an account balance or wages payable is an example of which
type of adjusting journal entry?
deferral entry
revaluation entry
correcting entry
accrual entry
Question 20
Payroll is one AIS application that is processed in __________ mode.
real time
safe
batch
sequential
Question 21
Which item below is not considered a major input to the general ledger and reporting system?
financing and investing activities
reports from managers
adjusting entries
summary entries from the major subsystems
Question 22
Some companies have created a position called "director of intellectual assets." What is the
objective of this position?
measurement and development of intellectual assets and human resources
improvement of the hiring and firing procedures in the company
implementation of a more integrated HRM/payroll system
Question 23
The general ledger and reporting system consists of the __________ involved in __________ the
general ledger and __________ reports.
business transactions; updating; processing
business transactions; data processing; preparing
information processing; updating; creating
data processing; business transactions for; printing
Question 24
For recording time spent on specific work projects, manufacturing companies usually use a
time clock
labor time card
time card.
job time ticket.
Question 25
In accounting terminology, the form that documents journal entry updates to the general ledger is
called
a journal voucher.
a trial balance.
an adjusted trial balance.
an accounting update memo.
Question 26
The document that lists each employee's gross pay, payroll deductions, and net pay in a
multicolumn format is called
an employee time sheet summary.
an employee earnings statement.
a deduction register.
the payroll register.
Question 27
The posting of adjusting journal entries is the second activity found in the general ledger system.
Adjusting entries fall into several categories. An adjusting entry made at the end of an
accounting period that reflects the exchange of cash prior to performance of a related event is
called a(n)
revaluation entry.
deferral entry
accrual entry.
correcting entry.
Question 28
The key to preventing unauthorized changes to the payroll master file is
segregating duties between the preparation of paychecks and their distribution
having the controller closely review and then approve any changes to the master file.
hiring totally honest people to access and make changes to this file
segregation of duties between the authorization of changes and the physical handling of
paychecks.
Question 29
The first activity in the general ledger system is to update the general ledger. Updates come from
the various accounting subsystems as well as from the treasurer. How is general ledger updating
accomplished by the various accounting subsystems?
The controller or treasurer must approve accounting subsystem journal entries before any
updating may occur.
Individual journal entries for each accounting subsystem transaction update the general ledger
every 24 hours.
Nonroutine transactions are entered into the system by the treasurer's office.
Summary journal entries that represent the results of all transactions for a certain time period
are used to update the general ledger.
Question 30
The preparation of financial statements is the third activity in the general ledger system. To
properly complete the accounting cycle, financial statements are prepared in a certain sequence.
Which statement is prepared last in the sequence?
the balance sheet
the statement of cash flows
the income statement
the adjusted trial balance
Question 31
These are used to transmit time and attendance data directly to the payroll processing system.
Electronic time clocks
None of the above
Badge readers
Magnetic cards
Question 32
Which activity below is not performed by the HRM?
recruitment and hiring
training
discharge
compensation
Question 33
Which area provides information to the system about hiring, terminations, and pay rate changes?
timekeeping
HRM
purchasing
payroll
Question 34
The first step in the payroll process is to
update the payroll master file.
input time card data.
print paychecks.
calculate gross pay.
Question 35
What step can be taken to reduce the distribution of fraudulent paychecks?
allow department managers to investigate unclaimed paychecks
have internal audit investigate unclaimed paychecks
immediately mark "void" across all unclaimed paychecks
match up all paychecks with time cards
Question 36
When updating the general ledger, sales, purchases, and production are examples of __________
entries, and issuance or retirement of debt and the purchase or sale of investment securities are
examples of __________ entries.
accounting subsystem; treasurer originated
adjusting; controller originated
adjusting; special journal
controller generated; special journal
Question 37
Immediately after the adjusting entries are completed, the next step in the general ledger and
reporting system is to prepare
the statement of cash flows.
a closing entry.
an adjusted trial balance.
a worksheet.
Question 38
Many companies offer their employees a "cafeteria" approach to voluntary benefits in which
employees can pick and choose the benefits they want. This approach is normally called a(n)
menu options benefit plan.
flexible benefit plan.
pay-as-you-go plan.
elective plan.
Question 39
Employee turnover will always occur and some experts believe it may even be desirable in an
organization. Experts estimate that on average the costs associated with replacing an employee
are about __________ that of the employee's annual salary.
one-quarter
one and one-half
twice
one-half
Question 40
One good way to eliminate paper paychecks is to
use the direct deposit method to transfer funds into employee bank accounts.
pay in cash only.
use EFT.
pay with money orders.
Question 41
Direct deposit of employee paychecks is one way an organization can improve efficiency and
reduce payroll-processing costs. Which statement regarding direct deposit is incorrect?
Employees who are part of a direct deposit program receive an employee earnings statement.
Employees who are part of a direct deposit program receive a copy of their paycheck indicating
the amount deposited.
The cashier does not have to sign employee paychecks.
The cashier does not have to authorize the transfer of funds from the organization's checking
account to a payroll checking account.
Question 42
A listing of journal vouchers by numerical sequence, account number, or date is an example of
a batch to be processed.
a budget report.
a general ledger control report.
responsibility accounting.
Question 43
Which of the following is not one of the major sources of input to the payroll system?
checks for insurance and benefits
time and attendance data
payroll changes
withholdings and deduction requests from employees
Question 44
Adjusting entries that are made to counteract the effects of errors found in the general ledger are
called
accruals.
deferrals.
corrections.
estimates.
Question 45
Which of the following is most likely to be a daily activity in the HRM/Payroll system?
Approve payroll disbursement
Sign payroll checks
Update HRM/Payroll database
Prepare paychecks
Question 46
What is the purpose of a general ledger payroll clearing account?
to make sure that all employees are paid correctly each week
to prevent the cashier from having complete control of the payroll cycle
to make the bank reconciliation easier
to check the accuracy and completeness of payroll recording and its allocation to cost centers
Question 47
Payroll deductions fall into the broad categories of __________ and __________.
unemployment taxes; income taxes
voluntary deductions; income taxes
unemployment; social security taxes
payroll tax withholdings; voluntary deductions
Question 48
Entries to update the general ledger are often documented by which of the following?
subsidiary journal
subsidiary ledgers
general journal
journal vouchers
Question 49
There are four basic activities performed in the general ledger and reporting system. Several of
these activities represent the basic steps in the accounting cycle. In what step is the adjusted trial
balance prepared?
prepare financial statements
update the general ledger
produce managerial reports
post adjusting entries
Question 50
Which of the following deductions is not classified as a voluntary deduction?
insurance premiums
pension plan contributions
social security withholdings
deductions for a charity organization

Acctg 20 Quizzes Prelims To Finals

Uploaded by

Copyright:

Available Formats

Acctg 20 Quizzes Prelims To Finals

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Acctg 20 Quizzes Prelims To Finals

Uploaded by

Copyright:

Available Formats

What are the basic transaction cycles in accounting?

What are the basic transaction cycles in accounting?

What is the difference between data and information?

What is the difference between data and information?

QUIZ1: Accounting Information System (An Overview)

5. Information that reduces uncertainty, improves decision makers' ability to make

8. Which account is least likely to have a subsidiary ledger?

10. Goal conflict may result when

11. The order of the entries made in the ledger is by

15. In general, a special journal would not be used to record

16. An example of a nonfinancial transaction is

18. An example of a financial transaction is

21. Which of the following is not an example of a common activity in an AIS?

22. A specialized journal

24. The general ledger

25. The value of information can best be defined as

26. Which subsystem is not part of the Accounting Information System?

28. A general journal

33. An accounting information system in part consists of

34. Data are

35. A subsidiary ledger

40. Which activity belongs to the production cycle?

46. Characteristics of interest that need to be stored are

48. Which of the following is a turn-around document?

2. In a DFD, a circle represents

3. The graphic description of the flow of data within an organization is called a

5. An analytical technique that uses standard symbols to graphically represent an information

8. In a DFD, an arrow represents

9. In a program flowchart comparison of one or more variables, the transfer of flow to

11. Most processes on a DFD can be identified by

12. The passage of the Sarbanes Oxley Act

13. Which is a true statement regarding the document flowchart?

15. When designing either a DFD or a flowchart, a good rule to follow is

16. The storage of data on a DFD is shown by

18. In creating DFDs, a context diagram

24. In general, a data destination will be shown by

30. In a DFD, a square box represents

32. A data flow diagram

34. In a DFD, a "data sink" is also known as

35. Program documentation is a control designed primarily to ensure that

36. The transformation of data in a DFD is represented as a

42. In a DFD, a "bubble" is also known as

Group of answer choices

44. Which of the following is not a true statement?

49. Which activity belongs to the production cycle?

1. Which of the following best describes lapping?

2. Using a file-oriented approach to data and information, data is maintained in

7. An overall description of a database, including the names of data elements, their

9. One characteristic of employee fraud is that the fraud

11. Forces which may permit fraud to occur do not include

12. What is the most popular type of database?

14. The logical structure of a database is described by the

15. Supervision in a computerized environment is more complex than in a manual environment

18. Which of the following is not an access control in a database system?

20. Audit trails cannot be used to

23. Which is not a biometric device?

24. A data warehouse can be described as a

3. It considers all IT-related governance and management enablers to be enterprise-wide and

4. The risk that remains after management implements internal controls is