ISC AICPA Blueprint #1

Question 1

A disaster recovery plan is of utmost importance for the survival of an organization. Which of the following is not a step in designing such a plan?

A
Identifying critical mission applications and data
B
Assessing the risks
C
Ensuring physical security of inventory in the event of a disaster
D
Assigning responsibilities to personnel

Answer 1

The correct answer is (C)

Disaster recovery (DR) is the restoration of data and business function after a loss. Disaster recovery, a part of business continuity planning (BCP), is a response to a catastrophe of an entire geographic area, such as natural events like floods, earthquakes, and fire as well as intentional acts such as terrorism and forced power outages.

The crucial steps involved in DR are:

Assessing the risks that are posed to the entity
Identifying mission-critical departments and functions
Having a plan to handle the mission-critical units
Assigning responsibilities to individuals in the event of a disaster
Testing the plan
Securing the inventory is not an expressed step in the DRP process. However, if inventory is identified as one of the mission-critical components, its security would be ensured.

Question 2

Engaging in traditional electronic data interchange (EDI) provides which of the following benefits?

A
Enhanced audit trails
B
Guaranteed payments from customers
C
Added flexibility to entice new partners
D
Reduced likelihood of out-of-stock inventory

Answer 2

D
Traditional Electronic Data Interchange (EDI) systems enable the real-time exchange of information between trading partners, such as inventory levels, purchase orders, and delivery schedules. This timely communication helps businesses keep track of inventory, allowing them to replenish stock efficiently and reduce the likelihood of out-of-stock situations. By integrating supply chain processes, EDI streamlines inventory management, making it possible to respond quickly to demand changes and avoid stockouts.

Enhanced audit trails is incorrect because while EDI transactions can improve record-keeping, traditional EDI systems are not specifically designed to enhance audit trails. EDI focuses more on improving transaction speed and accuracy rather than providing detailed tracking features required for robust audit trails.

Guaranteed payments from customers is incorrect because EDI does not ensure payment. Although EDI facilitates transaction processing, payment terms, and guarantees are governed by contractual agreements and credit policies rather than the data exchange mechanism itself.

Added flexibility to entice new partners is incorrect because traditional EDI can be complex and rigid, often requiring partners to use compatible systems and adhere to specific data formats. This rigidity can make EDI less flexible and challenging for onboarding new partners compared to more modern, adaptable systems.

Question 3

Which of the following statements about multiprocessing and multiprogramming are false?

A
Multiprocessing allows multiple programs to execute simultaneously.
B
Multiprocessing allows a central memory to be shared by multiple programs.
C
Multiprogramming allows multiple programs to execute simultaneously.
D
Multiprogramming involves alternating between programs during processing.

Answer 3

The correct answer is (C).

Multiprogramming involves the operating system (OS) processing a program to the point where input or output is involved, at which point, the OS delegates further work on that program to peripheral hardware, and processing an alternative program until the first program’s input is received or output is finished. Ideally, no interruption occurs that is discernible to the user, so multiple programs appear to run simultaneously.

Multiprocessing involves the OS using multiple CPUs to run multiple programs simultaneously.

In short, Multiprogramming is when a user can use multiple programs simultaneously whereas Multiprocessing is when the computer can process and run multiple programs simultaneously.

Option A: Multiprocessing allows multiple programs to execute simultaneously. (True as you can process multiple programs)
Option B: Multiprocessing allows a central memory to be shared by multiple programs. (True as CPU shares the memory to execute multiple Programs)
Option C: Multiprogramming allows multiple programs to execute simultaneously. (False as Multiprocessing allows multiple programs to execute simultaneously and therefore is the correct Option)
Option D: Multiprogramming involves alternating between programs during processing (True as you can switch between programs)

Question 4

An auditor most likely would test for the presence of unauthorized IT program changes by running a
A
Program with test data
B
Check digit verification program
C
Source code comparison program
D
Program that computes control totals

Answer 4

C
A source code comparison program could be used to compare the original code written for a specific program to the current code in use for that program. Thus, it would make note of any differences in the program from the time it was originally written.

Question 5

A commonly used measure of the relative effectiveness of an online site functioning as a retail (ecommerce) store is the

A
Abandonment ratio
B
Portability ratio
C
Volatility ratio
D
Volume

Answer 5

A
Abandonment ratios are based on the number of visitors who start, but don’t complete, transactions. This is also known as “shopping cart abandonment.” Information on the point at which visitors abandon their selections provides feedback to the website sponsor. Using these ratios, the site can be changed, for example, to make it easier for customers to find complementary products or to provide assurance that payment information is secure.

Portability is used in this question as a nonsense term. Volatility is concerned with how often files are updated. Volume addresses the amount of traffic on the site or the quantity of data transmission.

Question 6

Which of the following is an advantage of a computer-based system for transaction processing over a manual system? A computer-based system:

A
Does not require as stringent a set of internal controls
B
Will produce a more accurate set of financial statements
C
Will be more efficient at producing financial statements
D
Eliminates the need to reconcile control accounts and subsidiary ledgers

Answer 6

C
A computerized system will be more efficient at producing financial statements. No matter what method is used to produce financial statements, the process still requires internal controls stringent enough to be effective for accurate financial statements, with reconciled control accounts and subsidiary ledgers.

Question 7

In an IT department, which of the following professionals would be assigned the task of understanding the needs of the end-users and training them for new systems?

A
Computer operators
B
System analysts
C
System programmers
D
Application programmers

Answer 7

The correct answer is (B).

System analysts are assigned tasks that relate to making developed/purchased systems functional within an organization’s hierarchy. This task is achieved by determining the networks to be used, setting up the IT policies and architecture, and most importantly, by working with the end-users. System analysts understand the needs of the users and train them in the event of a new system being implemented.

Question 8

A controller is developing a disaster recovery plan for a corporation’s computer systems. In the event of a disaster that makes the company’s facilities unusable, the controller has arranged for the use of an alternate location and the delivery of duplicate computer hardware to this alternate location. Which of the following recovery plans would best describe this arrangement?
A
Hot site
B
Cold site
C
Back-up site procedures
D
Hot spare site agreement

Answer 8

B
By definition, a cold site is a location where equipment and power is available in the event of disaster at the primary location, but requires considerable effort to become functional. A hot site is similar to a cold site, except it has constant operational system functionality. Back-up site procedures and a hot spare site agreement are not commonly used terms.

Question 9

Which of the following is likely to be more of a consideration for a personal computer system used to keep records for a business, as opposed to a large computer?

A
Limit or reasonableness checks generally are not adapted to specific situations.
B
The most important program and data files should be duplicated and stored safely off-site.
C
A physical environment free from extreme temperatures and humidity must be maintained.
D
A physical location protected from likely emergencies, such as fire or flooding.

Answer 9

B
In a personal computer system used for business record-keeping, backing up essential files and storing them off-site is crucial because personal systems are often more vulnerable to data loss due to limited disaster recovery measures compared to large computer systems that may have more robust safeguards in place.

Option A is incorrect because reasonableness or limit checks are generally tailored to specific applications or transaction types, regardless of the system’s size, and are important for data integrity in both large and small systems.

Option C is incorrect because maintaining an environment with stable temperatures and humidity is essential for all computing equipment, not just large computers, to prevent damage and ensure system longevity.

Option D is incorrect because protecting any computing system from emergencies like fire or flooding is a fundamental requirement, whether the system is a personal or large computer, to prevent potential physical damage and data loss.

Question 10

What activity is least likely to occur during the analysis stage of system development?
A
Determine user information needs
B
Develop program specifications
C
Evaluate the current system
D
Identify problems in the current system

Answer 10

B
A system life cycle order is analysis, design, programming, implementation, and maintenance. Developing program specifications generally is considered part of design. The analysis stage is characterized by evaluation of the current system and future needs; thus, this phase generally includes determining user needs, evaluating the current system, identifying problems in the current system, and identifying objectives for the new system.

Question 11

Which of the following factors necessitate an improvement or replacement in information systems?

A
Labor attrition
B
Increase in competition
C
New governmental regulations
D
Both (B) and (C)

Answer 11

The correct answer is (D).

Information systems require improvement or a complete replacement in certain events such as:

Change in the scale of business
Technological advancements
Gaining competitive advantages
Changes in governmental regulations
Aging and obsolescence
An increase in competition has to be dealt with by improvements in productivity and increasing the scale of business. New regulations might also mandate that organizations adapt to new technologies.

Question 12

A research-based firm in the medical field could use each of the following Internet-based tools for col­laboration, except

A
An E-mail Application
B
Videoconferencing
C
Groupware Systems
D
Electronic Data Interchange

Answer 12

D
Electronic Data Interchange (EDI) is primarily used for the structured transmission of business documents (such as invoices, purchase orders, and shipping notices) between organizations, typically in supply chain contexts. EDI is not generally intended for collaborative research or real-time communication, making it unsuitable for collaborative purposes in a research-based firm.

An E-Mail Application, Videoconferencing, and Groupware systems are all effective Internet-based tools for collaboration:

E-Mail Applications allow team members to communicate asynchronously, sharing information and updates.
Videoconferencing enables real-time communication and collaboration, essential for discussions and meetings.
Groupware Systems provide a collaborative platform for shared document management, project tracking, and team coordination.

Question 13

Which is not part of the main components of a central processing unit (CPU)?

A
Arithmetic-Logic Unit
B
Control Unit
C
Disk Drive
D
Primary Memory

Answer 13

C
A Disk Drive is not part of the CPU; it is a separate storage device used to read and write data to storage media. The main components of a CPU are:

Arithmetic-Logic Unit (ALU): Performs mathematical calculations and logical operations.
Control Unit (CU): Directs operations within the CPU by interpreting and executing instructions.
Primary Memory (often refers to cache memory associated with the CPU): Temporarily stores instructions and data for quick access during processing.
Arithmetic-Logic Unit, Control Unit, and Primary Memory are all integral parts or closely associated components of the CPU, which work together to execute instructions and process data. Therefore, Disk Drive is correct, as it is not part of the CPU.

Question 14

What best describes an allocation of computer tasks located throughout a nationwide entity’s various facilities?
A
Distributed processing
B
Local area network
C
Online processing
D
Multiprocessing

Answer 14

A
Distributed processing is an allocation of various processing tasks to various business divisions, with some tasks centralized and some decentralized. A local area network (LAN) typically is restricted to a small physical location, such as a building. Online processing refers to processing as data is input, as opposed to batch processing. Multiprocessing involves the operating system using multiple CPUs to run multiple programs simultaneously. Timesharing involves using another entity’s computer.

Question 15

Which activity is a systems analyst least likely to perform?
A
Application design
B
Coding programs
C
Evaluating user requirements
D
Specification development

Answer 15

B
System analysts concentrate on developing system specifications to meet user needs. They assess any current systems, evaluate user needs, and design future systems, supplying programmers with specifications for coding. Under an ideal internal control system, system analysts don’t write programs or have access to operational equipment, programs, or data files—although system analysts might use copies, facsimiles, or samples of operational resources when assessing current systems.

Question 16

What attribute is least descriptive of an executive information system?

A
Combines, integrates, and summarizes data from many sources
B
Designed to monitor business conditions and assist in strategic planning
C
Provides immediate and interactive access to information
D
Provides only highly aggregated information

Answer 16

D
While an executive information system (EIS) provides highly aggregated information, details supporting that information ideally are readily available. An EIS combines, integrates, and summarizes data from many sources (external as well as internal) to monitor business conditions and assist in strategic planning. An EIS typically provides immediate and interactive access to information.

Question 17

Which of the following best describes a time-sharing center?

A
A center that processes client data for a fee
B
A computer remotely accessed by a number of different users, who are unaware of each other
C
A center that distills previously unknown relationships from information in an existing database
D
A location where equipment and power is available to geographically dispersed subscribers in the event of a disaster at one of their business sites

Answer 17

B
A time-sharing center has a computer remotely accessed by a number of different users, who are unaware of each other.

A service bureau processes client data for a fee. Data mining involves distilling previously unknown relationships from information in an existing database; it can be done in-house or out-sourced. A cold site is a location where equipment and power is available in the event of a disaster at regular business sites; geographically dispersed subscribers are unlikely to need the site at the same time; a time-sharing center typically is used routinely.

5

Question 18

Which of the following is not a function of the steering committee?

A
Setting policies and guidelines for various information systems
B
Managing risk at all levels
C
Ensuring support and participation of top management
D
Coordinating and integrating information systems to increase goal congruence and reduce goal conflicts

Answer 18

B
The correct answer is (B).

A steering committee is a group of individuals formed with the intent of overseeing and regulating the Information Technology and System function within an organization. Its primary functions are listed as:

Setting policies for various information systems.
Ensuring support, guidance, and participation of the top management.
Coordination and integration of information systems to increase goal congruence and avoid goal conflicts.
Risk Management, though an important function, is not a part of the responsibilities of the steering committee.

Question 19

Which of the following internal control procedures would prevent an employee from being paid an inappropriate hourly wage?

A
Having the supervisor of the data entry clerk verify that each employee’s hours worked are correctly entered into the system
B
Using real-time posting of payroll so there can be no after-the-fact data manipulation of the payroll register
C
Giving payroll data entry clerks the ability to change any suspicious hourly pay rates to a reasonable rate
D
Limiting access to employee master files to authorized employees in the personnel department

Answer 19

D
An employee’s hourly wage is recorded on the employee master file. Access to the employee master files should be limited to authorized employees in the personnel department only. This is an effective separation of duties. Having the data-entry clerk’s supervisor verify hours worked doesn’t prevent manipulation of wage rates. Early timing of the payroll posting doesn’t prevent data manipulation. Giving data-entry clerks authorization to set wage rates as well as enter hours worked (recording) is a violation of the separation of duties.

Question 20

Which of the following statements about a data warehouse is correct?

A
It provides data to Operational Databases.
B
It is contained within an Operational Database.
C
It is created from a Data Mart for a special purpose.
D
It must be continuously updated to remain relevant.

Answer 20

D
For a Data Warehouse to continue providing value for business intelligence and decision-making, it must be continuously updated with new data from the operational systems and other sources. This ensures that the analyses derived from the warehouse are based on the most current and relevant data available.

Operational Databases provide the raw data that is then integrated into a Data Warehouse for analysis. Data Warehouses are used for analytical purposes and do not typically feed data back into operational systems.

A Data Warehouse is distinct from operational databases. Operational Databases are designed for the day-to-day operations of a business, while a data warehouse is structured to support business decisions by consolidating data from various sources for querying and analysis.

Data Marts are usually created from Data Warehouses. A Data Warehouse stores comprehensive data across the organization, and Data Marts are subsets of data warehouses designed for specific lines of business or departments.

Question 21

Which of the following factors has the greatest impact on the design of an effective management reporting system?

A
Number of transactions to be processed
B
Types of decisions to be made
C
Number of authorized users
D
Number of regulatory agencies to be satisfied

Answer 21

B
The correct answer is (B).

Management reporting system processes information to manage and support business decisions. These are designed to assist in business decision making based on data. The type of decisions to be made has the greatest impact on the design of an effective management reporting system.

Question 21

Which of the following statements is correct concerning the security of messages in an electronic data interchange (EDI) system?

A
Removable drives that can be locked up at night provide adequate security when the confidentiality of data is the primary risk.
B
Message authentication in EDI systems performs the same function as segregation of duties in other information systems.
C
Encryption performed by a physically secure hardware device is more secure than encryption performed by software.
D
Security at the transaction phase in EDI systems is not necessary because problems at that level will be identified by the service provider.

Answer 21

C
In an Electronic Data Interchange (EDI) system, encryption by a secure hardware device, such as a hardware security module (HSM), provides a higher level of security than software-based encryption. Hardware devices are designed specifically for secure cryptographic operations and are generally less vulnerable to tampering or unauthorized access than software-based solutions, which can be compromised if the system’s operating environment is not secure.

“Removable drives that can be locked up at night provide adequate security when the confidentiality of data is the primary risk” is incorrect because removable drives offer limited security and do not prevent data interception or unauthorized access during transmission in an EDI environment.

“Message authentication in EDI systems performs the same function as segregation of duties in other information systems” is incorrect. While message authentication helps ensure data integrity and verify the sender’s identity, it does not perform the same function as segregation of duties, which is designed to prevent fraud by dividing responsibilities among different individuals.

“Security at the transaction phase in EDI systems is not necessary because problems at that level will be identified by the service provider” is incorrect because security at the transaction level is critical to ensure data integrity, confidentiality, and authenticity. Service providers may not detect all issues, and it’s the organization’s responsibility to secure transactions.

3

Question 22

Which of the following allows customers to pay for goods or services from a web site while maintaining financial privacy?

A
Credit Card
B
Site Draft
C
E-Cash
D
Electronic Check

Answer 22

C
E-cash (or electronic cash) allows customers to make payments online while maintaining financial privacy. E-cash transactions are typically anonymous, and customers do not need to share sensitive financial information, such as credit card numbers or bank account details, with the seller, thus preserving their financial privacy.

“Credit Card” is incorrect because credit card transactions usually require customers to provide personal and financial information, such as their card number and billing address, which can be stored by the merchant and does not fully maintain financial privacy.

“Site Draft” is incorrect because site drafts are not commonly used for online payments, and they do not inherently offer privacy protections similar to e-cash.

“Electronic Check” is incorrect because, like traditional checks, electronic checks include personal bank account information, which does not maintain the same level of privacy as e-cash.

Question 23

Which of the following identifies a potential threat posed by the use of blockchain?

A
The shared ledger could promote a weaker control environment.
B
Transaction processing could require greater human intervention.
C
The mutability of the transactions could make them subject to an increased risk of transactional fraud.
D
The resulting decentralization could lead to a decreased level of accountability.

Answer 23

D
The resulting decentralization could lead to a decreased level of accountability. This is a valid concern with Blockchain. Because the system is decentralized and does not rely on a central authority, it can sometimes be challenging to hold any specific entity accountable for actions taken on the network. This decentralization can complicate the tracing of responsibility and accountability, especially in adverse events or disputes.

The shared ledger typically enhances the control environment by providing transparency and an immutable record of transactions, which can be verified by all participants.

One of the advantages of blockchain is that it reduces the need for human intervention due to its automated, consensus-driven process for validating transactions.

One of the fundamental features of blockchain is the immutability of its records. Once a transaction is added to the blockchain, it cannot be altered, which significantly reduces the risk of fraud.

Question 24

Rover Installations is evaluating systems to keep its crews at remote construction sites in contact with a central office. When evaluating proposed system changes, which of the following feasibility studies is least likely to be performed? A Economical B Environmental C Operational D Technical

Answer 24

B A feasibility study determines whether a proposed system is practicable from technical, operational, and economical standpoints. An environment’s impact on the system typically is considered part of an opera­tional study.

Question 25

In an e-commerce environment that requires that the information technology (IT) system be available on a continuous basis, more emphasis will be placed on which of the following aspects of planning than in a traditional organization? A Maintain appropriate written source documents so the data can be re-entered if it is lost or compromised B Maintain redundant systems for instant availability to assure the flow of transactions C Review additional expenses to obtain the required amount of business interruption insurance coverage for the organization D Assure that appropriate data backups are stored in an off-site location

Answer 25

B The best way to assure that the information technology (IT) system is available on a continuous basis would be to maintain backup redundant systems for instant availability to assure the flow of transactions. This can be thought of in a business continuity planning (BCP) context. What would happen to e-commerce transactions if the primary information system crashed?

Question 26

Which of the following are not essential data-flow diagram elements? A Data destination B Data source C Data storage D System flowchart

Answer 26

D A system flowchart is an illustration of a system's data flow and information processing, including hardware. A dataflow diagram typically includes information on data flows, data destination, data source, data storage, and transformation processes, but not hardware.

Question 27

Many entities use the Internet as a network to transmit electronic data interchange (EDI) transactions. An advantage of using the Internet for electronic commerce rather than a traditional value-added network (VAN) is that the Internet A Permits EDI transactions to be sent to trading partners as transactions occur B Automatically batches EDI transactions to multiple trading partners C Possesses superior characteristics regarding disaster recovery D Converts EDI transactions to a standard format without translation software

Answer 27

A Using the Internet for EDI allows real-time transmission of transactions to trading partners, enabling faster, more immediate data exchange. This contrasts with traditional Value-Added Networks (VANs), which may use batch processing and scheduled transmissions, sometimes resulting in delays. Real-time data transfer over the Internet improves the efficiency and responsiveness of business processes, making it a significant advantage in electronic commerce.

Question 28

A company's purchasing department creates purchase orders based on electronic requests sent by operations. These requests are approved by operations, and no further approvals are required to place a purchase order. Purchasing clerks key the order information, including vendor names and prices, into the purchasing system based on the electronic requests. Which of the following is the best control to ensure that orders are entered accurately? A Approvals from management in operations are sent to clerks along with the order requests, which are then filled. B Clerks use preformatted screens, which show the clerks the type of information expected, but do not restrict input. C The purchasing system compares vendor information and prices entered by the clerks to master vendor and pricing data and rejects variances. D A hash total of the total quantity of all items entered by purchasing clerks each day is compared to the total quantity of all the items originated by operations personnel.

Answer 28

C The clerks at purchasing key the order information, including names of vendors and prices, into the system based on the electronic requests. It wouldn’t be unfair to assume that since the entry of information is being done manually, there is room for human error, which can lead to wrong purchase orders being generated. As a control measure, it would be prudent if the purchasing system starts comparing all information input by such clerks with the master vendor files. If any variations are detected, those may be rejected and held for manual reviews.

Question 29

Which of the following areas of responsibility are normally assigned to a systems programmer in a computer system environment? A Systems analysis and applications programming B Data communications hardware and software C Operating systems, installs, and upgrades D Computer operations

Answer 29

C A systems programmer normally programs operating systems, installs, upgrades, and compilers. A compiler is software that translates programs from one computer language to another. Systems analysts normally analyze systems, design the overall system, and prepare system flowcharts. A datacom analyst or network administrator com­monly has responsibility for developing and maintaining a data communications network; generally, a datacom analyst does more network planning than device configuration or troubleshooting. Application programmers nor­mally program applications. Computer operators generally are assigned to computer operations (data entry, processing, and output).

Question 30

A database administrator ordinarily is not responsible for A Assigning passwords for database access B Database design C Database operation D Data input preparation

Answer 30

D Typically, users are responsible for input preparation. A database administrator (DBA) usually has overall responsibility for designing and maintaining a database, including security measures (assigning passwords) and operations.

Question 31

Data analytics is the process of utilizing large data sets to make informed decisions in a plethora of industries, including accounting. Which statement about data analytics in accounting is false? A Internal/external auditors use data analytics to enable continuous auditing and monitoring activities, as well as to be able to use full data sets instead of samples. B FP&A professionals can analyze full data sets to make business decisions for their companies. C CFOs use data analytics to analyze client behavior and future market trends to eliminate client losses. D A tax professional could spot trends over time using effective tax rates and income to make informed decisions about a client’s returns at the end of the year.

Answer 31

C CFOs can never eliminate client losses altogether, but data analytics can help mitigate predictable losses through effective strategy. The other answers are all true.

Question 32

What attribute is characteristic of a decision support system? A Database management system B Expert system C Interactive system D Transaction processing system

Answer 32

C Decision support systems (DSS) are used primarily for semi-structured problems requiring the exercise of judgment. Rather than providing answers, a DSS provides information to assist a user to develop answers. Database management systems (DBMS) create and manage databases. Expert, or knowledge-based, systems provide answers based on information provided by the user and rules developed by an expert to address specified situations. By comparison, DSS facilitate problem-solving by providing computational capacity and data for use in interactive models. DSS support decisions, rather than process transactions.

Question 33

Hash total is an important control method used in the processing of an organization. Which of these is not an example of hash total? A The sum of invoice serial numbers in a batch B Total of units purchased in a batch of invoices C The number of invoices in a batch D Sum total of the number of invoices in a batch

Answer 33

C Hash and batch totals are two tools that are often used by individuals to authenticate the source documents while processing. For example, in a batch of 50 invoices, the total of the invoice serial numbers would be a unique count and would ensure that only the intended invoices are included in the batch. This is known as hash total.

Question 34

Which of the following is an activity that would be expected to be performed by an IT Project Development team? A Holding meetings with users to consider ideas B Preparing reports for IT Governance C Setting governance policies, guidelines, and standards D Coordination with management for support

Answer 34

A A Project Development Team is responsible for the planning of each project and for the successful design and implementation of information systems. One of the primary areas of focus for such a team is to manage the human element within an entity, such as dealing with resistance to change. This is usually handled through meetings which are held with end-users to discuss their expectations and issues with the system. This avoids any conflict in the end and ensures a smooth implementation of the system.

Question 35

Which of the following statements is false regarding a personal computer network? A An integrated package is a type of operating system software appropriate for a personal computer network. B Language translation software is appropriate for a personal computer network. C Operating system software is essential for a personal computer network. D A spreadsheet package is a type of application software appropriate for a personal computer network.

Answer 35

A This statement is false because an integrated Package is not a type of operating system software; it is a type of application software that combines multiple applications (e.g., word processing, spreadsheet, and database functionalities) into a single package. Operating system software, on the other hand, is essential for managing the hardware and software resources of the computer network and is separate from integrated application packages. Language Translation Software is appropriate for a personal computer network is correct because language translation software, such as compilers or interpreters, may be useful for programming and development within a network environment. Operating System Software is essential for a personal computer network is correct, as an operating system manages the network's resources and allows different computers and devices to communicate. A Spreadsheet Package is a type of application software appropriate for a personal computer network is correct, as spreadsheets are commonly used on personal computers for various tasks and can be shared across a network.

Question 36

During a post-implementation review of an accounting information system (AIS), a CPA learned that an AIS with few customized features had been budgeted and scheduled to be installed over nine months for $3 million (including hardware, software, and consulting fees). An in-house programmer was assigned as the project manager and had difficulty keeping the project on schedule. The implementation took 18 months, and actual costs were 30% over budget. Many features were added to the system on an ad-hoc basis, with the project manager's authorization. The end-users are very satisfied with the new system. The steering committee, however, is dissatisfied about the scope creep and would like a recommendation to consider before approving the initiation of another large project. Based on those findings, the CPA should recommend implementing a A Change Control System B Contract Management System C Budgeting System D Project Time Keeping System

Answer 36

Based on this project, the CPA should recommend implementing a change control system. Change control is a systematic approach to managing all changes made to a product or system. The steering committee will be actively involved in the change control process moving forward. All changes will be evaluated as either new scope or absorbed into the original cost of the project. This helps manage and reduce costs. (B) and (C) is incorrect as Based on the information a contract management system and budgeting system already seems to be in place. (D) is incorrect because project timekeeping systems would not be sufficient as there have been both time and cost overruns.

Question 37

For effective internal control, the Accounts Payable Department generally should A Stamp, perforate, or otherwise cancel supporting documentation after payment is mailed B Ascertain that each requisition is approved as to price, quantity, and quality by an authorized employee C Obliterate the quantity ordered on the Receiving Department copy of the purchase order D Establish the agreement of the vendor's invoice with the receiving report and purchase order

Answer 37

D The agreement of the documents will verify that the goods were ordered (purchase order), received (receiving report), and the company has been billed (vendor’s invoice). The individual signing the checks, not accounts payable, should stamp, perforate, or otherwise cancel the supporting documentation. The purchasing department, not accounting, is involved with the approval of purchase requisitions and blanking out the quantity ordered on the receiving department copy of the purchase order.

Question 38

A transaction processing system allows an authorized individual to select a quantity of items from the company's online inventory. It is also possible to trace back to a copy of the purchase order to see when the items were ordered and who authorized the order. Which of the following features does this system have? A Automated order processing. B An audit trail. C An inventory tracking system. D Real-time inventory auditing.

Answer 38

B Transaction Processing Systems are systems used for processing transactions such as Sales Processing Systems, Payroll Processing Systems, and Cash Processing Systems. Transaction Processing System allows for the tracing of an inventory order to a copy of the purchase order to see when the items were ordered and who authorized the order, essentially offering an audit trail.

Question 39

An international retail company is setting up a network to connect its offices and stores across different regions. The company's IT team needs a reliable and scalable network topology that ensures minimal downtime for individual locations and allows for efficient data sharing without the entire network being impacted by a single device failure. They are considering various topologies based on their structure, performance, and cost. Which of the following network topologies would best meet the company's needs, and why? A Bus Topology B Star Topology C Ring Topology D Tree Topology

Answer 39

D Tree topology is ideal for the company’s needs due to its hierarchical structure, which enables regional branches to operate independently within each branch while maintaining connectivity to a central network. This setup allows for scalability, as new branches or devices can be added without affecting the entire network. Additionally, redundancy can be implemented at critical points (such as the root nodes), minimizing the risk of widespread downtime in case of a failure, making it suitable for a large, distributed organization. Bus Topology is incorrect because, while it is cost-effective and easy to set up, it relies on a single central cable (bus). A failure in this cable would disrupt the entire network, making it unsuitable for a large and distributed company where reliability and fault tolerance are essential. Star Topology provides dedicated connections between each device and a central hub, which does improve reliability at the device level. However, at a large scale, such as in an international network, the central hub could become a single point of failure. Implementing redundancy at multiple hubs would increase costs and complexity, making it less practical than a tree topology for this purpose. Ring Topology is efficient in data transmission, as data flows in a single direction around the ring, reducing collisions. However, a single device or connection failure can break the entire ring, leading to a network outage. This lack of fault tolerance makes it unsuitable for an international retail company that requires continuous operation across various locations.

Question 40

The authority to accept incoming goods in receiving should be based on a(an) A Vendor's invoice B Materials requisition C Bill of lading D Approved purchase order

Answer 40

D A good internal control system will include the segregation of [incompatible] duties, such as the comparison of an approved purchase order to items received. Answers A. and C. represent documentation included with the order as it is received, without any indication of authorization. Answer B. represents a form used when goods and materials are taken from inventory to be used or shipped.

Question 41

Which of the following statements most likely represents a disadvantage for an entity that keeps microcomputer prepared data files rather than manually prepared files? A Attention is focused on the accuracy of the programming process rather than errors in individual transactions. B It is usually easier for unauthorized persons to access and alter the files. C Random error associated with processing similar transactions in different ways is usually greater. D It is usually more difficult to compare recorded accountability with physical count of assets.

Answer 41

B Many internal control procedures once performed by separate individuals in manual systems may be concentrated in systems that use computer processing. Therefore, an individual who has access to the computer may be in a position to perform incompatible functions. "Attention is focused on the accuracy of the programming process rather than errors in individual transactions," and "Random error associated with processing similar transactions in different ways is usually greater," are false statements. Detailed ledger accounts may be maintained as easily with microcomputer data files as with manually prepared files.

Question 42

What system derives an answer using a logical problem-solving approach developed by an expert and input from the user? A Decision support system B Knowledge-based system C Natural language processing D Neural network

Answer 42

B Expert, or knowledge-based, systems provide answers based on information provided by the user and rules developed by an expert to address specified situations. For example, a tax planning expert's set of rules may be incorporated into a software program for use by inexperienced tax planning specialists. As new circumstances or decision-making techniques are developed, expert systems must be updated. Decision support systems (DSS) are used primarily for semi-structured problems requiring the exercise of judgment. Rather than providing answers, a DSS provides information to assist a user to develop answers. Natural language processing is an input-output tool. Neural networks are similar to expert systems, but they also learn from their mistakes.

Question 43

While planning for disaster recovery, an organization chooses a location where a functioning system is planned for use with minimal preparation in the event of a disaster at the primary work location. This is an example of: A Warm site B Cold site C Hot site D Lukewarm site

Answer 43

C A hot site generally has all of the equipment’s database and electrical connections in place. Recovery procedures at this site can be completed in a short timeframe. This is vital for organizations that cannot afford to stay off the grid for a long period of time and need their mission-critical units to be up and running as soon as possible.

Question 44

A large organization uses batch processing to process sales transactions. The system sorts sales transactions by customer number and performs edit checks when preparing invoices, processing payment information, recording journal entries, and updating customer account balances. Which of the following reports should be analyzed most frequently to ensure correct customer balances? A Exception reports with control totals. B A cash reconciliation report. C An accounts receivable aging report. D A report on the sales-price master file.

Answer 44

A Control Totals are an input control technique that totals all the key fields in an input record such as total sales value or total amount receivable from customers. These totals are then reconciled with data that is entered into the system. Any variations in these totals are reflected in reports known as exception reports. When viewed in conjunction, exception reports and control totals can immensely help in ensuring that the customer balances reflecting in the system are accurate. Cash reconciliation reports can help in discovering discrepancies in cash receipts and disbursements only. An accounts receivable aging report shows the number of days that accounts receivables are outstanding. It assists in the collection process. A report on the sales-price master file will contain the sales price assigned to various customers; it will not help in ensuring correct customer balances.

Question 45

Which of the following is likely to be more of a consideration for a personal computer system used to keep records for a business, as opposed to a large computer? A Limit or reasonableness checks generally are not adapted to specific situations. B The most important program and data files should be duplicated and stored safely off-site. C A physical environment free from extreme temperatures and humidity must be maintained. D A physical location protected from likely emergencies, such as fire or flooding.

Answer 45

B In a personal computer system used for business record-keeping, backing up essential files and storing them off-site is crucial because personal systems are often more vulnerable to data loss due to limited disaster recovery measures compared to large computer systems that may have more robust safeguards in place. Option A is incorrect because reasonableness or limit checks are generally tailored to specific applications or transaction types, regardless of the system's size, and are important for data integrity in both large and small systems. Option C is incorrect because maintaining an environment with stable temperatures and humidity is essential for all computing equipment, not just large computers, to prevent damage and ensure system longevity. Option D is incorrect because protecting any computing system from emergencies like fire or flooding is a fundamental requirement, whether the system is a personal or large computer, to prevent potential physical damage and data loss.

Question 46

Timeliness of data availability is most significant when designing which of the following? A General ledger system B Internet catalog and order system C Payroll system D Purchasing system

Answer 46

B An Internet catalog and order system generally returns a response to the user almost immediately after data entry. With this system, lack of a speedy response can cost sales as well as diminish goodwill and employee morale. While the general ledger, payroll, and purchasing systems need responses within a reasona­ble time, their response times generally are measured in seconds, rather than milliseconds. A system supporting retail operations has more significant timeliness needs than, for instance, a payroll system.

Question 47

Many entities use the Internet as a network to transmit electronic data interchange (EDI) transactions. An advantage of using the Internet for electronic commerce rather than a traditional value-added network (VAN) is that the Internet A Permits EDI transactions to be sent to trading partners as transactions occur B Automatically batches EDI transactions to multiple trading partners C Possesses superior characteristics regarding disaster recovery D Converts EDI transactions to a standard format without translation software

Answer 47

A Using the Internet for EDI allows real-time transmission of transactions to trading partners, enabling faster, more immediate data exchange. This contrasts with traditional Value-Added Networks (VANs), which may use batch processing and scheduled transmissions, sometimes resulting in delays. Real-time data transfer over the Internet improves the efficiency and responsiveness of business processes, making it a significant advantage in electronic commerce. Automatically batches EDI transactions to multiple trading partners is incorrect because the Internet does not inherently batch transactions. Batching is typically a function of EDI software or the specific configuration within a VAN rather than a feature of Internet-based EDI. Possesses superior characteristics regarding disaster recovery is incorrect because disaster recovery capabilities depend on the specific configurations and protocols implemented by the organization. Both Internet-based EDI and VANs can incorporate disaster recovery measures, but the Internet does not inherently provide superior disaster recovery. Converts EDI transactions to a standard format without translation software is incorrect because translation software is still required to format EDI transactions according to standardized protocols (such as ANSI X12 or EDIFACT), whether the Internet or a VAN is used.

Question 48

What best describes an electronic meeting among several people at different physical locations? A Interactive system B Interfacing C Telecommuting D Teleconferencing

Answer 48

D Teleconferencing refers to an electronic meeting among people in different physical locations, allowing participants to communicate in real time through audio, video, or web-based platforms. This technology enables remote collaboration, making it a suitable choice for meetings when attendees cannot be physically present in the same location. Interactive system is incorrect because it refers to systems that allow user interaction but does not specifically describe a meeting among people in different locations. Interfacing is incorrect because interfacing generally describes the connection or communication between different systems or devices, not a remote meeting among individuals. Telecommuting is incorrect because telecommuting refers to working remotely, typically from home, rather than meeting with others.

Question 49

Which of the following controls should prevent an invoice for the purchase of merchandise from being paid twice? A The check signer accounts for the numerical sequence of receiving reports used in support of each payment. B An individual independent of cash operations prepares a bank reconciliation. C The check signer reviews and cancels the voucher packets. D Two check signers are required for all checks over a specified amount.

Answer 49

C If the check signer reviews and cancels the voucher packets that should prevent an invoice from being paid twice. All of the other answers are valid controls, but not for the purpose of preventing an invoice from being paid twice.