AIS CH8

The text mentions four different AIS threats. Which type of threat is sabotage?
Click the card to flip 👆
1 / 45
Terms in this set (45)
The text mentions four different AIS threats. Which type of threat is sabotage?
Intentional acts
Terrorist attacks are considered which type of threat?
Natural and political disasters
Threats that arise from human carelessness, failure to follow established procedures, and poorly supervised personnel are which type of threat?
Unintentional acts
Power outages and fluctuations can result in which type of threat?
Software errors and equipment failures
According to the text, which type of threat represents the greatest risk to information systems and causes the greatest dollar losses?
Unintentional acts
Legally, for an act to be fraudulent there must be: (Check all that apply.)
A. An injury or loss suffered by the perpetrator
B. A material fact that induces a person to act
C. A justifiable reliance, where a person relies on a misrepresentation to take an action
D. A false statement, representation, or disclosure
E. An intent to do bodily harm to the victim
B. A material fact that induces a person to act
C. A justifiable reliance, where a person relies on a misrepresentation to take an action
D. A false statement, representation, or disclosure
Which of the following statements are true? (Check all that apply.)
A. Most fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources.
B. A typical organization loses 5% of its annual revenue to fraud, indicating yearly global fraud losses of over $3.7 trillion.
C. Small businesses are less vulnerable to fraud than large companies because small companies typically have more effective internal controls than larger companies.
D. Fraud perpetrators are often referred to as blue-collar criminals.
E. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company.
A. Most fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources.
B. A typical organization loses 5% of its annual revenue to fraud, indicating yearly global fraud losses of over $3.7 trillion.
E. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company.
Which of the following statements are true? (Check all that apply.)
A. Corruption is misrepresenting or leaving out facts in order to promote an investment that promises fantastic profits with little or no risk.
B. Fraudulent financial reporting is intentional or reckless conduct that results in materially misleading financial statements.
C. Investment fraud is dishonest conduct, such as bribery and bid rigging, by those in power that often involves illegitimate or immoral actions.
D. Misappropriation of assets is the theft of company assets by employees.
B. Fraudulent financial reporting is intentional or reckless conduct that results in materially misleading financial statements.
D. Misappropriation of assets is the theft of company assets by employees.
Which of the following statements are true with respect to asset misappropriation? (Check all that apply.)
A. The sheer magnitude of some frauds leads to their detection.
B. Since few perpetrators voluntarily stop their frauds, there are no small frauds—only large ones that are detected early.
C. A significant contributor to most misappropriations is the absence of internal controls and/or the failure to enforce existing internal controls.
D. Rarely do fraud perpetrators adopt a more lavish lifestyle that requires even greater amounts of money.
E. Few misappropriation frauds are self-perpetuating; that is, they do not require the perpetrator to continue the fraud scheme to avoid detection.
A. The sheer magnitude of some frauds leads to their detection.
B. Since few perpetrators voluntarily stop their frauds, there are no small frauds—only large ones that are detected early.
C. A significant contributor to most misappropriations is the absence of internal controls and/or the failure to enforce existing internal controls.
Which of the following statements are true with respect to fraudulent financial reporting? (Check all that apply.)
A. Auditors and management are just as concerned with misappropriations as they are with fraudulent financial reporting.
B. Management falsifies financial statements in order to deceive investors and creditors, increase a company's stock price, meet cash flow needs, or hide company losses and problems.
C. Frequent "cook the books" schemes involve fictitiously inflating revenues, recognizing revenues before they are earned, delaying expenses to a later period, overstating inventories, and concealing liabilities.
D. The ACFE found that fraudulent financial reporting is as much as 17 times more likely than asset misappropriation.
B. Management falsifies financial statements in order to deceive investors and creditors, increase a company's stock price, meet cash flow needs, or hide company losses and problems.
C. Frequent "cook the books" schemes involve fictitiously inflating revenues, recognizing revenues before they are earned, delaying expenses to a later period, overstating inventories, and concealing liabilities.
Which of the following statements are true about fraud perpetrators? (Check all that apply.) A. Researchers found significant psychological and demographic differences between violent and white-collar criminals. B. Most white-collar criminals have a previous criminal record; and they were honest and respected members of their community. C. Most first-time, unprosecuted fraud perpetrators never commit another fraud. D. Researchers found few psychological and demographic differences between white-collar criminals and the public.A. Researchers found significant psychological and demographic differences between violent and white-collar criminals. D. Researchers found few psychological and demographic differences between white-collar criminals and the public.For most first-time fraud perpetrators, three conditions are present when fraud occurs. These include: (Check all that apply.) A. A criminal mindset B. An opportunity C. The inability to distinguish between right and wrong D. A rationalization that allows a perpetrator to justify the illegal behavior E. A pressure, incentive, or motivationB. An opportunity D. A rationalization that allows a perpetrator to justify the illegal behavior E. A pressure, incentive, or motivationWhich of the following classification of pressures motivate people to perpetrate employee fraud? (Check all that apply.) A. Lifestyle pressures B. Financial pressures C. Management characteristics and pressures D. Industry pressures and conditions E. Emotional pressuresA. Lifestyle pressures B. Financial pressures E. Emotional pressuresOpportunity is the condition or situation that allows a perpetrator to: (Check all that apply.) A. Commit the fraud B. Convert the theft into a personal gain C. Convince the perpetrator that he or she will not be caught D. Conceal the fraud E. Control those who may know of his or her actionsA. Commit the fraud B. Convert the theft into a personal gain D. Conceal the fraudA rationalization allows a person to convince him or herself that his or her actions are not illegal or dishonest. There are several different types of rationalizations: (Check all that apply.) A. A lack of personal integrity that makes what a person wants more important than acting honestly B. A justification, such as "I am underpaid, so they owe it to me" C. An attitude, such as "the rules do not apply to me" D. A mental defect that makes a person think that they own the item that they tookA. A lack of personal integrity that makes what a person wants more important than acting honestly B. A justification, such as "I am underpaid, so they owe it to me" C. An attitude, such as "the rules do not apply to me"Computer systems are particularly vulnerable to fraud for the following reasons: (Check all that apply.) A. Perpetrators who break into corporate databases can steal or destroy massive amounts of data in very little time, often leaving little evidence B. Computer programs need to be illegally modified only once, in order for them to operate improperly for as long as they are in use C. Most employees and suppliers with access to a computer system will eventually perpetrate a computer fraud, irrespective of the strength of the Internal controls D. It is difficult to control physical access to each electronic device that accesses a network E. Few companies design controls into their computer systemsA. Perpetrators who break into corporate databases can steal or destroy massive amounts of data in very little time, often leaving little evidence B. Computer programs need to be illegally modified only once, in order for them to operate improperly for as long as they are in use D. It is difficult to control physical access to each electronic device that accesses a networkA programmer at a large bank inserted code into the company's computer system that told the computer to not only ignore any overdrafts on his accounts, but to not charge his accounts any late or service fees. This is an example of what type of fraud?Computer instruction fraudEmployees at a large brokerage house used their employer's computer system to run a large and lucrative side business that their employer knew nothing about. This is an example of what type of fraud?Processor fraudA woman sent her company fictitious medical bills from doctors who did not exist. The bills were processed in the normal way by her employer, and payments went to her husband's office address. She bilked her company out of millions of dollars. This is an example of what type of fraud?Input fraudA hacker was able to break into the system that transmitted the daily transactions of a retail store to the company's central office. Every night for several weeks he copied the transaction data that included customer names, credit card numbers, and other confidential data. Hundreds of thousands of customers were affected. This is an example of what type of fraud?Data fraudAfter a fraud has occurred, which one of the following is the best way to reduce the loss from that fraud?Collect on fraud insurance purchased before the fraudWhich of the following will improve the ability to detect fraud? (Check all that apply.) A. Implement a fraud hotline B. Implement whistleblower rewards C. Implement project development and acquisition controls, as well as change management controls D. Restrict physical and remote access to system resources to authorized personnel E. Provide employee support programs so they know where they can get help to deal with pressures that might tempt them to perpetrate fraudA. Implement a fraud hotline B. Implement whistleblower rewardsWhich of the following will increase the difficulty of committing fraud? Create and implement a company code of conduct When disposing of used computers, destroy the hard drive Install a fraud hotline Develop a comprehensive, disaster recovery planWhen disposing of used computers, destroy the hard driveWhich of the following will make fraud and errors less likely to occur? (Check all that apply.) A. Develop a comprehensive business continuity plan B. Effectively supervise employees and monitor their performance C. Develop anti-fraud policies that clearly set forth the expectation for honest and ethical behavior D. Create an organizational culture that stresses integrity and commitment to ethical values and competenceB. Effectively supervise employees and monitor their performance C. Develop anti-fraud policies that clearly set forth the expectation for honest and ethical behavior D. Create an organizational culture that stresses integrity and commitment to ethical values and competenceWhich of the following statements about data analytics is true? (Check all that apply.) A. New technologies provide perpetrators with new ways to perpetrate fraud. B. To use data analytics effectively, investigators must understand the analytics tool used, the organization's business, and the data. C. Fraud is often detected by identifying trends, patterns, anomalies, and exceptions within data. D. Detecting and preventing fraud is an easy task.A. New technologies provide perpetrators with new ways to perpetrate fraud. B. To use data analytics effectively, investigators must understand the analytics tool used, the organization's business, and the data. C. Fraud is often detected by identifying trends, patterns, anomalies, and exceptions within data.Which of the following is a fraud in which later payments on account are used to pay off earlier payments that were stolen?lappingWhich type of fraud is associated with 50% of all auditor lawsuits?Fraudulent financial reportingWhich of the following statements is false? The psychological profiles of white-collar criminals differ from those of violent criminals. The psychological profiles of white-collar criminals are significantly different from those of the general public. There is little difference between computer fraud perpetrators and other types of white-collar criminals. Some computer fraud perpetrators do not view themselves as criminals.The psychological profiles of white-collar criminals are significantly different from those of the general public.Which of the following conditions is/are usually necessary for a fraud to occur? (See the Fraud Triangle in Figure 8-1.) pressure explanation rationalization opportunitypressure rationalization opportunityWhich of the following is not an example of computer fraud? (See the "Computer Fraud Classifications" section of the chapter.) theft of money by altering computer records failure to perform preventive maintenance on a computer unauthorized modification of a software program obtaining information illegally using a computerfailure to perform preventive maintenance on a computerWhich of the following causes the majority of computer security problems? human errors power outages software errors natural disastershuman errorsWhich of the following is not one of the responsibilities of auditors in detecting fraud according to SAS No. 99? evaluating the results of their audit tests. catching the perpetrators in the act of committing the fraud. incorporating a technology focus. discussing the risks of material fraudulent misstatements.catching the perpetrators in the act of committing the fraud.Which of the following control procedures is most likely to deter lapping? continual update of the access control matrix background check on employees periodic rotation of duties encryptionperiodic rotation of dutiesWhat is the most important, basic, and effective control to deter fraud?segregation of dutiesOnce fraud has occurred, which of the following will reduce fraud losses? (Select all correct answers.) contingency plan segregation of duties insurance regular backup of data and programscontingency plan insurance regular backup of data and programsMisappropriation of assets is an example of what type of accounting information threat?Intentional actsLogic errors is an example of what type of AIS threat?Unintentional actsFraud is gaining an unfair advantage over another person. Legally, for an act to be fraudulent there must be: A. An intent to deceive B. Unfairness C. An exchange of monetary consideration D. All of these are correctA. An intent to deceiveWhich of the following is not an example of asset misappropriation? A. The president of the company utilizes the organization's cash to pay for her overseas vacation. B. The controller of the company falsely adds $50 million to accounts receivable. C. A warehouse employee takes home five boxes of iPhones without authorization. D. The treasurer of the company makes an unauthorized wire transfer from the organization's bank to a personal account.B. The controller of the company falsely adds $50 million to accounts receivable.Individuals who perpetrate fraud are often referred to aswhite-collar criminals.Which of the following is an example of how a fraud perpetrator would rationalize his actions? A. Sense of dissatisfaction against the company. B. Belief that no one is going to be harmed. C. The need to have additional funds to pay for a gambling addiction. D. There is a lack of internal control in the organization.B. Belief that no one is going to be harmed.Unauthorized theft, use, access, modification, copying, or destruction of software, hardware, or data is calledcomputer fraud.Which of the following is an example of output fraud? A. An insurance company installed software to detect abnormal system activity and found that employees were using company computers to run an illegal gambling website. B. A fraud perpetrator scanned a company paycheck, used desktop publishing software to erase the payee and amount, and printed fictitious paychecks. C. An employee at the Veteran's Memorial Coliseum sold customers full-price tickets, entered them as half-price tickets, and pocketed the difference. D. The office manager of a Wall Street law firm sold information to friends and relatives about prospective mergers and acquisitions found in Word files. They made several million dollars trading the securities.B. A fraud perpetrator scanned a company paycheck, used desktop publishing software to erase the payee and amount, and printed fictitious paychecks.Organizations can make fraud less likely to occur by requiring an annual employee ____________to vacation.Organizations can increase the difficulty of committing fraud by all of the following except: A. Restricting access to company assets and data. B. Maintaining adequate insurance. C. Implementing strong internal controls. D. Encrypting stored and transmitted data.B. Maintaining adequate insurance.