Information is data that has been organized and processed.

Your Answer: False

Correct Answer: True

Incorrect.
Information
allows users
to make
decisions.

2.

Information
that is timely
is free from
error or bias.

Your Tr
Answer: ue

Correct Fa
Answer: ls
e

Incorrect.
Timely
information is
provided in
time for
decision
makers to
make
decisions.

3.

Inbound
logistics
consists of
receiving,
storing, and
distributing
the materials

an
organization
uses to
create the
services and
products it
sells.

Your Tr
Answer: ue

Correct.

4.

An AIS
designer, who
is very
competent
with
information
technology
skills, will be
successful in
designing an
information
system
regardless of
his/her
understandin
g of the
organization
that he/she is
designing
for.

Your Fal
Answer: se

Correct.

5.

A component
of an
Accounting
Information
System are

the people
who use the
system.

Your Tr
Answer: ue

Correct.

1.

Which of the following

is NOT one of the five
major business
processes or
transaction cycles?
All of
Your Answer: the
above
are
major
cycles.
Correct.

2.

Which of the following

is NOT a characteristic
of useful information?
Accessi
Your ble
Answer:
CostCorrect effectiv
Answer: e

Incorrect. This is a
characteristic of useful
information.

3.

Accounting Information
Systems (AIS) is most
likely applicable to
which area of
accounting?
All of
Your the
Answer: above
are
applicabl
e to AIS.
Correct.

4.

Which of the following

is NOT a "primary
activity" that directly
provides value to the
customer?
Operati
Your ons
Answer:
Human
Correct resourc
Answer: es

Incorrect. This is a
primary activity.

5.

Which of the following

best describes the
sequence of the supply
chain?
Raw
Your materials
Answer: supplier,
manufactu
rer,
distributor,
retailer,

and
consumer
Correct.

6.

Which of the following

is NOT one of the
support activities in the
value chain of an
organization?
Firm
Your Infrastru
Answer: cture
Service
Correct
Answer:

Incorrect. This is one

of the four support
activities in the value
chain.

7.

AIS adds value to an

organization by:
Answer
Your s #1,
Answer: #2,
and
#3.
Correct.

8.

Which of the following

does not influence the
design of an
Accounting Information
System (AIS)?
Organiza
Your tional

culture
Answer:
Legal
Correct environm
Answer: ent

Incorrect. This element

does influence the
design of AIS.

What is data?

9.

The
Your output
Answer: which
results
from
the
input of
informa
tion
All of
Correct the
Answer: facts
that are
collecte
d,
stored,
and
process
ed by
an
informa
tion
system
Incorrect. The reverse
is the case. Data is the
input which has an
output of information.

10.

Reliability refers to the

characteristic of
information whereby

Timely.
Your
Answer:
Informa
Correct tion is
Answer: free
from
error or
bias.
Incorrect. This refers
to information being
presented to the
decision-maker in time
to make a decision.

11.

In order for an
accounting information
system to meet the
needs of systems
users, one must take
into account the types
of decisions that are
made. Decisions vary
from repetitive and
routine to nonrecurring
and non-routine. How
would you classify a
decision where no
framework or model
exists for the decision?
Structur
Your ed
Answer:
Unstruct
Correct ured
Answer:

Incorrect. A structured
decision is easily
modeled.

12.

Information can
improve decision
making in what way?
All of
Your Answer: the
above.

Correct

1.

A chart of accounts
provides the user with
a list of general ledger
accounts.

Your Answer: Fals

e

Correct True
Answer:

Incorrect. A chart of
accounts lists each
general ledger account
and an associated code
number so that
transaction data can be
correctly entered into
an accounting system.

2.

An audit trail can only

assist external
auditors.

Your Answer: False

Correct.

3.

A master file is
analogous to a journal
in a manual system.

Your Answer: True

Correct Fals
Answer: e

Incorrect. The master

file is analogous to a
ledger in a manual
system.

4.

Accounts receivable
generally has a subledger for many
companies.

Your Answer: True

Correct.

5.

Data processing is
comprised of four
elements and can be
represented by the
acronym CRUD. The R
in CRUD stands for
Revise.

Your Answer: True

Correct Fals
Answer: e

Incorrect. The R in

CRUD stands for Read.

1.

A foreign key imposes

a specific kind of
integrity to related
tables. What is the
name of this integrity?
Schema
Your
Answer:
Referen
Correct tial
Answer:

Incorrect. A schema is
a subset of a database
that a particular user is
allowed to view.

2.

What are the benefits

associated with
database technology?
Answer
Your s #1,
Answer: #2,
and #3

Correct.

3.

Which of the following

provides the low-level
view of the database?
None
Your of the
Answer: above
The
Correct intern

alAnswer: level
schem
a
Incorrect. There is a
correct response
above.

4.

This type of key is used

to link rows from one
table to the rows in
another table.
Foreign
Your key
Answer:

Correct.

5.

Which method of
gathering business
intelligence uses
sophisticated statistical
analysis and neural
networks to aid in
decision making?
Data
Your Warehou
Answer: sing
Data
Correct mining
Answer:

Incorrect. Large
databases that can
contain several years
of data.

6.

Which of the following

cannot be blank (null)?
Primar
Your y key
Answer:

Correct.

7.

When the same, nonkey, data element is

stored multiple times
in table it creates an
anomaly known as the:
Update
Your Anomal
Answer: y.

Correct.

8.

Which of the following

are requirements of a
relational database?
All of
Your Answer: the
above.

Correct.

9.

When a non-null value

for the primary key
indicates that a specific
object exists and can
be identified by
reference to its
primary key value, it is
referred to as

the
Your relatio
Answer: nal
databa
se
rule.
the
Correct entity
Answer: integrit
y rule.

Incorrect. There is no
such rule.

10.

What is (are) the

component(s) of a data
dictionary?
Answer
Your s #1,
Answer: #2,
and #3
are
correct.
Correct.

11.

"Get me the date

attribute of the third
tuple in the sales order
relation." What is being
requested?
None
Your Answer: of the
abov
e.
The
Correct perso
Answer: n
wants
the
value
in the
date
field
of the
third

recor
d in
the
sales
order
table.
Incorrect. Review the
answers above.

12.

Data manipulation
language is used to do
which of the following?
All of
Your the
Answer: above
Updati
Correct ng the
Answer: databa
se

Incorrect.

1.

A data manipulation
language (DML) is used to
query a database.

Your Answer: True

Correct Answer: False

Incorrect. The data

manipulation language
(DML) is used for data
maintenance. The data
query language (DQL) is
used to query a database.

2.

A data dictionary contains

information about the
structure of the database.

Your Answer: False

Correct Answer: True

Incorrect. By definition, the

data dictionary maintains
information about the
structure of the database.

3.

The primary difference

between the conceptual and
external schema is that the
external schema is an
organization-wide view of
the entire database.

Your Answer: True

Correct Answer: False

Incorrect. This describes the

conceptual-level schema.

4.

It is possible that two or

more attributes can form a
single key.

Your Answer: True

Correct.

5.

A foreign key is an attribute

in a table that is a primary
key in another table.

Your Answer: True

Correct.

1.

What criteria contribute to

systems reliability?
All of the
Your Answer: above

Correct!

2.

Compliance with the

Sarbanes Oxley Act of 2002
requires
The CEO
Your and CFO
Answer: must certify
that they
have
evaluated
the
effectivenes
s of internal
controls.
Correct!

3.

What type of security

controls are authorization
controls?
Internal
Your Answer: controls
Preventiv
Correct e controls

Answer:

Incorrect, authorization
controls are preventive
controls.

4.

Which of the following

devices should NOT be
placed in the demilitarized
zone (DMZ)?
Remote
Your Answer: access
server
Sales
Correct departme
Answer: nt server

Incorrect.

5.

The time based model of

security does not include
which factor to evaluate the
effectiveness of an entity's
security controls
The time it
Your takes to
Answer: evaluate the
financial
consequence
s from an
attack.
Correct!

6.

Defense in depth utilizes

what techniques to assure
security?

All of the
Your Answer: above

Correct.

7.

Which of the following

statements is true regarding
authorization controls?
All of
Your Answer: the
above.
None of
Correct Answer: the
above.

Incorrect. Authorization
permits limited access to a
system and permits limited
actions.

8.

Which of the following items

are considered detective
controls?
Both 1 and
Your Answer: 2

Correct.

9.

Which of the following is an

example of a corrective
control?
Encryption
Your Answer:

Patch
Correct manageme
Answer: nt

Incorrect. This is an
example of a preventive
control.

10.

Which type of network

filtering screens individual IP
packets based solely on its
contents?
None of
Your Answer: the
above
Static
Correct Answer: packet
filtering

Incorrect.

11.

Which step would a

computer incident response
team (CIRT) team take first
in the incident response
process?
Recognition
Your Answer: that the
problem
exists
Correct!

12.

Which of the following is a

method of controlling
remote access?
All of the
Your Answer: above

Correct!

1.

Security is considered to be more

the responsibility of the
Information Technology
department than that of
Management.

Your Answer: False

Correct.

2.

The time-based model of security,

while theoretically valid, is
difficult to apply.

Your Answer: True

Correct.

3.

Authentication is a type of access

control.

Your Answer: True

Correct.

4.

Cloud computing takes advantage

of the power and speed of
modern computers to run
multiple systems simultaneously
on one computer.

Your Answer: True

Correct Answer: False

Incorrect. This statement defines

virtualization.

5.

Detective controls actually

monitor preventive controls.

Your Answer: True

Correct
Access controls include the following:

1.

Answers 1 and 2 only.

Your Answer:

Correct.

Identity theft can be prevented by:

2.
Your Answer: (blank)

3.

Which of the following can be used to

detect whether confidential information
has been disclosed?
A digital watermark
Your Answer:

Correct.

4.

Which of the following is a

fundamental control for protecting
privacy?
Encryption
Your Answer:

Correct.

5.

Which of the following are

internationally recognized best
practices for protecting the privacy of
customers' personal information.
All of the above.
Your Answer:

Correct.

6.

The same key is used to encrypt and

decrypt in which type of encryption
systems?
Symmetric encryption
Your Answer: systems

Correct!

7.

Which of the following represents a

process that takes plaintext and
transforms into a short code?
Hashing
Your Answer:

Correct.

8.

Which of the following uses encryption

to create a secure pathway to transmit
data?
Virtual Private
Your Answer: Network (VPN)

Correct.

9.

Which of the following represents an

organization that issues documentation
as to the validity and authenticity of
digital identification such as digital
certificates?
Symmetric Key
Your Answer: Infrastructure
Certificate
Correct Answer: Authority

Incorrect.

10.

Which of the following is NOT a factor

that can influence encryption strength?
Policies for
Your Answer: managing
cryptographic keys
Digital Certificate
Correct Answer: Length

Incorrect. This factor can influence

encryption strength.

11.

What is the first step in protecting the

confidentiality of intellectual property
and other sensitive business
information?
Identify where
Your Answer: confidential data
resides and who has
access to it.
Correct.

12.

Which of the following is a major

privacy-related concern?
Answers 1 and 2
Your Answer:

Correct.

1.

Encryption is generally sufficient to ensure data

confidentiality.

Your Answer: True

Correct Answer: False

Incorrect, access controls are also required.

2.

CAN-SPAM provides only civil sanctions for SPAM

violations.

Your Answer: False

Correct.

3.

A digital signature is an electronic document that

contains an entity's public key.

Your Answer: False

Correct.

4.

Training is arguably the most important control

for protecting confidentiality.

Your Answer: False

Correct Answer: True

Incorrect.

5.

One significant advantage of firewalls is that they

can inspect encrypted packets.

Your Answer: False

Correct. One significant limitation of a firewall is

that it cannot inspect an encrypted packet.

1.

A concurrent audit technique would include

the following:

system control audit

Your Answer: review file.
All of the above.
Correct Answer:

Incorrect. There are multiple correct

answers.

Internal auditors are responsible for:

2.

Both a and c.
Your Answer:

Correct.

3.

Which of the following are types of internal

audits?
All of the above.
Your Answer:

Correct.

4.

In audit planning, auditors assess various

audit risk factors, which of the following is
NOT an audit risk factor considered during
audit planning?
Compliance risk
Your Answer:

Correct.

5.

Which of the following methods can be used

to collect audit evidence?
All of the above.
Your Answer:

Correct.

6.

Audits which assess computer security

include a review of:
All of the above.
Your Answer:
Answers #1 and #3 are
Correct Answer: correct.

Incorrect. Answer #2 is incorrect.

7.

When would compensating controls be most

important?
When security controls
Your Answer: are deficient
Answers #1 and #2
Correct Answer: only

Partially correct, but there are multiple

correct answers.

8.

The auditor's role in systems development

should be as a(n):
Both a and b.
Your Answer:

independent reviewer.
Correct Answer:

Incorrect.

9.

Which of the following is not a part of audit

planning?
Review of documentation
Your Answer:

Correct. This is the collection of audit

evidence.

10.

Confirmation involves which of the following

actions?
Examining supporting
Your Answer: documents
Communication with
Correct Answer: third parties

Incorrect. This is vouching.

11.

When sorting inventory records by location

with generalized audit software, the
__________ function of a generalized audit
software package is used.
data analysis
Your Answer:
file manipulation
Correct Answer:

Incorrect.

Evaluation of audit evidence includes which

of the following?

12.

All of the above.

Your Answer:

Correct.

1.

Inherent risk is the risk of a material misstatement will get

through the internal control structure and into the financial
statements.

Your Answer: True

Correct Answer: False

Incorrect. This describes control risk.

2.

Materiality tends to be more important in external audits

than in internal audits.

Your Answer: True

Correct.

3.

The first step in carrying out an audit is to identify control

procedures.

Your Answer: True

Correct Answer: False

Incorrect. The first step is to determine the threat.

4.

An integrated test facility (ITF) inserts fictitious records into

a company master file.

Your Answer: True

Correct.

5.

A disadvantage of processing test transactions is the time it

takes the auditor to develop an understanding of the
system.

Your Answer: True

Correct.

The threat of inaccurate inventory records can be mitigated by

which of the following controls?
Verification of invoice accuracy

1.

Your Answer:
Bar coding or RFID tags
Correct Answer:

Incorrect. Threat is associated errors in supplier

invoices.

Ordering unnecessary items can result from:

2.

None of the above.

Your Answer:
inaccurate perpetual inventory
Correct Answer: records.

Incorrect. There is a correct answer above.

3.

What is a method that companies use to minimize the

risk of inferior quality products?
All of the above.
Your Answer:
Tracking and monitoring product
Correct Answer: quality by supplier.

Incorrect. Only one answer above is correct.

The practice of allowing kickbacks:

4.

provides quantity discounts.

Your Answer:
impairs the objectivity of the
Correct Answer: purchaser.

Incorrect.

5.

What is the most effective technique used to minimize

the risk of an inaccurate inventory counts?
The use of just-in-time (JIT)
Your Answer: accounting systems.

The use of a bar-coding or radio

Correct Answer: frequency identification tag (RFID)
system

Incorrect. This is a way of reducing carrying costs, and

is not related to accuracy.

An effective method of reducing the risk of theft is

6.

All of the above.

Your Answer:
proper segregation of duties.
Correct Answer:

Incorrect. There are incorrect answers above.

7.

What control procedures reduce the risk of paying the

same invoice twice?
All of the above.
Your Answer:

Correct.

8.

Which inventory system attempts to minimize

inventory costs by only purchasing goods required for
actual sales orders?
Just-in-time (JIT)
Your Answer:

Correct.

What are the typical expenditure cycle functions?

9.

All of the above.

Your Answer:

Correct.

10.

What is one unusual feature of an imprest petty cash

fund?
The account is reviewed
Your Answer: periodically by internal auditors.
The lack of segregation of duties
Correct Answer: involved in administering the
account.

Incorrect. This is a feature associated with most

assets.

11.

The risk of receiving unordered goods is prevented

most effectively by
recalculation of invoice prices.
Your Answer:
instruct the receiving department
Correct Answer: to accept deliveries only those
goods where there is an approved
copy of the purchase order.
Incorrect. This would detect mathematical errors but
would generally be unrelated to unordered goods.

12.

The objective of approving and paying vendor invoices

is to ensure:
None of the above.
Your Answer:

Two answers are correct.

Correct Answer:

Incorrect. There is at least one correct answer.

1.

The primary objective of the expenditure cycle is to minimize the

total cost of acquiring inventories and supplies.

Your Answer: True

Correct. This is the primary objective of the expenditure cycle.

2.

A key decision with respect to the expenditure cycle does not

include the optimal level of inventory.

Your Answer: True

Correct Answer: False

Incorrect.

3.

Material requirements planning (MRP) relies on sales forecasts to

schedule inventory purchases.

Your Answer: True

Correct.

4.

Obsolescence is a disadvantage associated with JIT inventory

systems.

Your Answer: False

Correct.

Kickbacks are a threat associated with the ordering of goods.

5.
Your Answer: False

Correct Answer: True

Incorrect. This is a specific threat in the goods ordering process.