53 terms


Define SAS 99
Consideration of Fraud in a Financial Statement Audit defines fraud as an intentional act that results in a material misstatement in financial statements. There are two types of fraud considered: Misappropriation of Assets and Fraudulent Financial Reporting
Define Computer Attacks
1. Hacking
2. Denial of Service Attacks
3. Spamming
4. Spoofing
5. Piggybacking
6. Software Piracy
1. Use a computer to gain unauthorized access to data in a system.
2. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.
3. Send the same message indiscriminately to (large numbers of recipients) on the Internet.
4. In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
5. When a person tags along with another person who is authorized to gain entry into a restricted area, or pass a certain checkpoint.
6. The copyright infringement of software
Define Social Engineering
1. Identity Theft - the fraudulent acquisition and use of a person's private identifying information, usually for financial gain.
2. Phishing -Process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
3. Pharming is an attacker's attack intended to redirect a website's traffic to another, bogus site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software.
Define Malware
1. Trojan Horse - is a program in which malicious or harmful code is contained inside.
2. Spyware - software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.
3. Adware - software that automatically displays or downloads advertising material (often unwanted) when a user is online.
Which of the following is not an example of a common activity in AIS?
Recording of sales calls for marketing purposes
A set of two or more interrelated components that interact to achieve a goal; almost always composed of smaller subsystems
facts that are collected, recorded, stored, and processed by an information system
data that have been organized and processed to provide meaning to a user
a system that collects, records, stores, and processes data to produce information for decision makers
reduces uncertainty, improves decision making, or confirms or corrects prior expectations
free from error or bias; accurately represents organization events or activities
does not omit important aspects of the events or activities it measures
provided in time for decision makers to make decisions
presented in a useful and intelligible format
two independent, knowledgeable people produce the same information
documents used to collect data about their business activities; also used to support the validity of the business activities
Source Documents
data processing cycle
1) Data Input 2) Data Storage 3) Data Processing 4) Information Output
something about which information is stored. For example, employees, inventory items, and customers
Periodic updating of data
Batch Processing
a graphical description of the source and destination of data that shows data flow within an organization, the processes performed on the data, and how data are stored
Data Flow Diagram
a graphical description of the flow of documents and information between departments or areas of responsibility within an organization
Document Flow Chart
represents the flow of data among processes, data stores, and data sources and destinations
Data Flow
an analytical technique used to describe some aspect of an information system in a clear, concise, and logical manner; use a standard set of symbols to describe pictorially the transaction processing procedures a company uses and the flow of data through a system
Flow Chart
requires companies to document their business processes and internal controls
Sox Act
depict the relationship among the input, processing, and output of an Accounting Information System
System Flow Chart
An AIS provides value by
Improving products or services through information that increases quality and reduces costs And Providing timely and reliable information to decision makers
Inventory information is provided in real time by a firms accounting information system. The accuracy of this information is questionable, however since the production manager often reports stock outs of components that the system indicates are in stock. Which of the following characteristics of useful information is absent in the situation described above?
Many modern accounting software packages offer separate transaction cycle modules. What is the reason for this?
Every organization does not need to implement all of the available transaction cycle modules.
Which of the following is not a transaction cycle? What are?
General ledger and reporting

Groups of related business activities such as the acquisition of merchandise and payment of vendors are called?
Transaction Cycles
Who of the following would not be involved in the revenue cycle? Who would?
Accounts Payable Clerk

Cashier, Credit manager, Customer
Who of the following is not a stakeholder with whom an accounting information system typically communicates directly? Who is?
Wall Street Industry Analyst

Venture Capitalist, Company that purchases finished goods for resale to consumers, company that supplies raw materials.
The issuing of a purchase order is part of which transaction cycle?
The expenditure cycle
Common source documents for the revenue cycle include all of the following accept?
Receiving report
Define Data about business activities
can be collected with source documents, either on paper or electronic, turnaround documents, and source data automation.
Define Source documents
define what data to collect about an activity, group logically related data close together, provide instructions on how to complete the document, include fields for approvals, and use preprinted standard data. Paper documents should be sequentially prenumbered to allow verification that all documents have been recorded. Electronic source documents should also utilize pull-down menus, drop-down boxes, default values, preformatting, auto sequential numbering, and prompting for complete data entry.
Define Turn Around Documents
often begin as output documents that are then sent to external users for further completion. Turnaround documents should utilize most of the same design and control considerations as source documents, but should include data in machine-readable form, such as bar codes or optical character recognition.
Define Source Data
automation utilizes technology to capture data in machine-readable form at the time and place the business activity occurs. Source data automation technology includes point-of-sale terminals, bar codes, RFID tags, and electronic data interchange. An especially important control consideration for source data automation is a way to indicate authorization of the activity.
When preparing a system flowchart, the names of organizational departments or job functions should appear in the
Column Heading
Graphical representations of information are often supplemented by
Narrative descriptions
The passage of the Sarbanes Oxley Act
Mandates that auditors must be able to prepare, evaluate and read documentation tools such as flowcharts. Requires public companies to prepare an annual internal control report. Made documentation skills even more important.
Flowchart symbols
Are divided into four categories
Which of the following is not a true statement
Data flow diagrams and flowcharts are difficult to prepare and revise using software packages
In a document flowchart of a manual payroll processing system, update employee file will be shown by a _____ symbol, and prepare payroll check will be shown by a ______ symbol.
Manual operation, Manual operation
A flowchart that depicts the relationship among the input, processing and output of an AIS is
A system flowchart
Chas Mulligan has been hired by Yardley Security as an assistant to the internal auditor. He has been asked to document the existing accounting information system, and focus on the activities and flow of data between activities. He decides to begin with a summary description of the sources and uses of data in the organization and how they are processed by the system. The documentation tool that he should employ for this purpose is a
Data flow diagram
Chas Mulligan has been hired by Yardley Security as a assistant to the internal auditor. He has been asked to thoroughly document the existing accounting information system in preparation for making recommendations for improvements. He decides to begin by meeting with the information technology staff in order to develop an understanding of the overall operation of the AIS, including data entry, storage, and output. The documentation tool that he should employ for this purpose is a
System flowchart
Define ERP
Enterprise Resource Planning like Oracle & SAP
What are the 5 major transaction cycles
1. Sales (Revenues)
2. Expenses
3. HR/Payroll
4. Production
5. Financing
AIS does what what and what
Process data
Produces info
Used by Shareholders, managers, investors, Banks, creditors, and Gov.
Classify revenue, expenditure, HR/Payroll, production, or financing cycle
a. Purchase raw Mat'l
b. Pay off mortgage on a factory
c. hire new assistant controller
d. Estab. $10 credit limit
e. Pay for a raw materials
f. disburse payroll
g. record goods frm vendor
h. update allowance for doubt. Acct.
i. decide how many units to make next month
j. complete a picking ticket
k. Record factory employee timecards
L. sell concert tickets
m. draw on line or credit & n. send new employees to a bus. Course
a. Expenditure
b. Finance
c. HR
d. Revenue
e. Expenditure
f. HR
g. Revenue
h. Expenditure
i. Production
j. Production
k. Payroll
L. Revenue
m. Finance
n. HR
define SAS, Sox, PCAOB
1. Statement on auditing standards - requires auditors to understand automated and manual processes used by clients
2. Sarbanes Oxley act of 2002 - Publicly listed clients and their auditors must doc. And test the firms internal controls
3. Public co. accounting oversight board - sets up auditing standards it replaced SAS. Requires external auditor to issue an opinion on their clients internal controls.
4 basic elements of DFD
Data Sources & destinations = a square
Data Flows btw sources & Destinations = arrows
Transformation processes = a circle
Data stores temp or perm storage data = parallel lines