Accounting Information Systems

Which of the following would not be part of a system according to general system theory?

An onbjective

Interacting parts

Things that work together

A general ledger

A general ledger

Systems problems always occur when

A part is missing

the objective is clear

parts interact

the objective is not being met

the objective is not being met

joes Ristorante case - system problems

lack of interim financial statements

lacking infor for what and when to order

surplos of checks

lacks info on depreciation

need to key in days receipts

inability to summarize expenses

leonardos friends stealing food

What makes information useful and what does it reduce? (5)

Relevant reduces uncertainty, reliabile reduces error and bias, timely in time to make decisions, complete reduces irelevant data, understandable.

EDI

A standard electronic format for exchanging business documents

Quantitative data

numerical

controls

reduces the liklihood that something will go wrong

system problem

when the system objective is not met

which of the following would be the best way to improve your critical thinking skills

questioning your own thinking

engaging in activities that challenege you to express your opinion based on sound reasoning

listening to lectures

none

1 + 2

Fill in the blan

Measuring customer satisfaction using a survey question with a drop-down asking rate your experience 1-10 would be an example of

quantitative data

Data

raw, unorganized facts

information

data that has been organizedv

value of information

benefits-cost

people

human beings who perform tasks involved in collecting, porcessing, tracking, and reporting accounting information

fill in the blanks

an example of a simple system is a bicycle where the blank is to go from point a to point b. the blank would include the wheels, chain, seat, and handlebars

objective

parts

one aspect of usefulness of information is blank, which reduced uncertainty

relevance

which of the following is not a major component of an AIS

Controls

Technologies

Education

People

Education

Internal users vs external

Accounts receivable clerk, accounts payable clerk, auditor, banker, CFO, controller, investor, manager, tax collector

Internal - CFO, Controller, Accounts/rec, Accounts/pay, Manager

which of the following characteristics of the general systems theory would not apply when comparing a simple system to a comple system

an objective

interactive parts

things that work together

all

all

which of these statements is not true

AIS course may include understanding the risks and controlling the risks

AIS cours is only focused on journal entries

AIS course may included strategic management and critical thinking

AIS course is focused on where the information comes from and how is it produced

AIS course is only focused on journal entries

What types of documentation can be created

narratives, questionnaires, flowcharts

a system flowchart is a diagram depicting the

procedures of a system

document flows of a system

procedures and document flows of a system

procedures, deisions, and document flows of a system

precedures and document flows of a system

6 guidlines to prepare a system flowchart

determine the nature of the process, Sandwhich rule to find inputs and outputs, be sure the flowchart flows logically, connect your symbols completely with flow lines, use the correct symbols, fill in the symbols with explanations, to add meaning, not redundancy

5 components to the coso framework

control environment

risk assessment

existing control activities

information and communication

monitoring activities

Control environment

tone at the top

management and the boards words, actions, and beliefs

Role of management

integrity and ethics

attitude

hiring competent and ethical employees

org structure

holding employees accountable

Expected loss calculation

exposure * likelihood of occurrence

ways an organization can respond to risk

sharing the risk

accept the risk

mitigate the risk

avoid the risk

not one of the components of coso

• The organization selects and develops general control activities over technology to provide the information it needs to support the functioning of other components of internal control.

• The organization demonstrates a commitment to integrity and ethical values.

• The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective actions, including senior management and the board of directors.

• The organization considers the potential for fraud in assessing risks to the achievement of objectives.

first one

Cycle tasks - Maintaining inventory records, receiving goods, vendor payments

approval - vendore

record keeping - maintain

custody - receiving

residual risk

risk that remains after management takes action to respond to the risks threats and implements coutneractions

inherent risk

risk that is faced prior to taking action

all of the following are steps in an action plan to adequately document internal controls except:

Assess if adequate document exists

evaluate activity-level control documentation

evaluate entity-level control documentation

coordinate with internal accountants

coordinate with internal accountants

revenue taks under proper functions. maintaining detailed a/rec records, receiving sales order, shipping goods

approval - receiving

recordkeeping - maintaining

custody - shipping

A supervisor in a manufacturing department who is responsible for approving employee time cards in that department and distributing the payroll checks decides to fire an employee and neglects to report the termination to the payroll department. The following week a payroll check comes for the terminated employee, and so the supervisor decides to endorse it in the employee’s name and deposits it in his account. What two functional responsibilities should be segregated?

Approval and recordkeeping

approval and custody

no sgregation of dutuies needed

custody and recordkeeping

Approval and custody

An accounts receivable clerk cashed a check from customer A that was a payment toward accounts receivable. The clerk was able to endorse and deposit the check made out to the company in his own account by opening an anonymous savings account in the Bahamas. The clerk later covered customer A’s remittance by posting a check received from customer B to customer A’s account. Which accounting functions should be segregated?

Approval and recordkeeping

Approval and custody

Custody and recordkeeping

no segregation

Custody and recordkeeping

following revenue taks under proper functions (approval, recordkeeping, and custody)

billing customers, granting credit, processing cash receipts

approval - granting

recordkeeping - billing

custody - processing

organizations can respond to a specific risk by doing all of the following except

avoid the risk

manage the risk

accept the risk

share the risk

manage the risk

which of the following is not a factor within the control environment

managements style and philosophy

personnel policies, which reflect a commitment to competence

methods of assigning authority and responsibility

none

none

What is a system

A framework of interacting parts that work together to achieve an objective

AIS - definition and 4 components

involved a framework of people, processes, technologies, and controls that work together to provide information to operate.

Humans perform tasks, Processes are tasks that people do to get things done, Technologies are the things used to produce accounting information, Controls reduce the likelihood of failure.

Simple vs complex system

simple - small and few parts - bicycle

complex - opposite like immune system, fed reserve, rel world accounting systems

What makes Data informational

organized to provided meaning

3 main ways of documenting AIS and why

Narratives -not expensive

Questionnaires

Flowcharts - least cost and most effective

Safe guarding assets

against unauthorized acquisition, use, or disposition

Collusion and management override

Collusion - company assigns one person to oversee another or to maintain records on someone else’s activities

Management override - a good system can be ignored by someone in authority by simply telling an employee to suspend or disregard a procedure.

Fraud Triangle

Pressure

Opportunity

Rationalization

2 threats to IT

intentional and unintentional

2 types of IT controls

Application controls

It General controls - entire systems

Application controls (3)

input - make sure data entered is accurate, valid, and complete

processing - all legitimate transactions are processed accurately

output - makes sure that all reports or other outputs are not lost of seen by unauthorized individuals

Input controls (6) - checks

Validity, consistency, check digit, limit, completeness, field

Validity check

ensures account numbers or individual customers exist

consistency check

ensures data entered into fields make sense in relation to other datach

check digit

an extra digit added to the end of an account

limit check

ensures that established limits are not exceeded

Field check

ensures characters in a field are the proper type

Callback procedures

allow users to log in to a system, and then they can shut off the connection

change controls

avoid changes that could break the systems

Which of the following controls access to a computers network’s data and resources in an organization

Empty shell

fidelity bond

ACL

Locks on doors

ACL

In the cobit framwork, Blank is the process for making sure that it governance and control practices established are working properly

monitorying

Change controls is a subdivision of which of the following categories of control

processing

application

implementation

general

general

which of the following terms refer to the process of encoding information in such a way that unauthorized individuals who might gain access to sensitive information cannot read it

firewall

encryption

access control list

callback procedure

encryption1

which of the following are controls that can be used to prevent damage to compute facilities - select all that apply

fire retardants

reasonableness tests

output controls

biometric identification

fire retardants

biometric identification

which of the following approaches to alternate processing facilities would generally present the least risk to a company

recovery op center

reciprocal arrange

internal backup

empty shell

Recovery

All of the following are ways to minimize the risk of cyber attacks except

monito access logs for unusual activity

regular training must be conducted for employees through in person sessions, email, and blogs

biometric identification

test employees by sending phising emails to see if they will click on suspicious links

biiometric identification

which of the following would reduce the likelihood of someone receiving an expense check more than he was entitled to

limit