S2-m2

Question 1

Enterprise Resource Planning Systems (ERP)

Answer 1

are cross functional systems that support different business functions and facilitate integration of information across departments such as accounting, customer management, finance, human resources, inventory management, manufacturing, marketing, and vendor management.

Question 2

Accounting Information Systems (AIS)

Answer 2

Collects, records, and stores accounting information, then compiles that information using accounting rules to report both financial and nonfinancial information to decision makers in an enterprise.

Question 3

Transaction Processing System (TPS)

AIS Subsystem

Answer 3

converts economic events into financial transactions and distributes the information to support daily operations. A TPS typically covers three main transaction cycles: sales, conversation, expenditure.

Question 4

Financial Reporting System (FRS)

AIS Subsystem

Answer 4

Aggregates daily financial information fromm the TPS and other sources for infrequent events such as mergers, lawsuit settlements, or natural diasters to enable timely regulatory and financial reporting.

Question 5

Management Reporting System (MRS)

AIS Subsystem

Answer 5

Provides internal financial information to solve day to day business problems, such as budgeting, variance analysis, or cost volume profit analysis.

Question 6

What are the objectives of an AIS

Answer 6

Think assertions
1. Record valid transactions
2. Properly classify those transactions
3. Record the transactions at their correct value
4. Recorded the transactions in the correct accounting period
5. Properly present the transactions and related information in the financial statements of the organization

Question 7

Sequence of Events of an AIS

Answer 7

1. Transaction data from source documents is entered into the AIS by an end user. Alternatively, an order may be entered through the internet by a customer.
2. Original source documents, if they exist are filed
3. Transactions are recorded in the appropriate journal
4. Transactions are posted to the general and subsidiary ledgers
5. Trial balances are prepared
6. Adjustments, accruals, and corrections are entered
7. Financial reports are generated

Question 8

AIS Audit Trail

Answer 8

A well designed AIS creates an audit trail for accounting transactions. The audit trail allows a user to:
-trace a transaction from source documents to the ledger
-vouch from the ledger back to source documents

Question 9

Key AIS Functions of the revenue and cash collections cycle include:

Answer 9

-real time access to the inventory subsidiary ledger to check availability upon receiving a customer order
-automatically approves or denies credit based on the customers record
-concurrently records sales invoices in the database, digitally transmit inventory release orders to the warehouse, sends packing slips to the shipping department
-has a terminal for the shipping department to digitally input shipping notices upon shipment
-has terminal for the cash receipts clerk to access the cash receipt system and record remittance
-closes sales invoice, posts to the general ledger accounts, updates the customers payment record

Question 10

Key AIS functions of the purchasing and disbursement cycle

Answer 10

-reads the requested purchase to verify that it is on the approved list
-digitally prepares the purchase order and delivers the PO to the vendor
-has a terminal for the receiving department to enter the PO number and input quantities received
-has a terminal for the accounts payable clerk to enter invoices from suppliers into the system
-automatically approves payment of invoices and sets the payment date according to terms
-prints and distributes the signed checks to the mail room for mailing

Question 11

Key AIS functions of the HR and Payroll cycle

Answer 11

-integrated with HRMS to enable real-time changes of employment data
-in connection with operational systems, allows employees to enter timekeeping data in real-time
-allocates labor costs to job costs, accumulated direct and indirect labor expenses at the end of a work period
-creates digital journal entries, attaches the original documents to the entries, updates ledger

Question 12

Key AIS functions of the production cycle

Answer 12

-receives a work order for a production run from the production planning department
-labor and materials are added to the production run, and documents reflecting these events, such as material requisitions and labor tickets
- tracks standard production costs for labor, materials, and manufacturing overhead
-closes the WIP account when it receives the final ticket marking the production move from WIP to finished goods inventory
-prepares journal entries as changes to the WIP account are recorded and automatically updates the general ledger

Question 13

Key AIS functions of the fixed asset cycle

Answer 13

-terminal for fixed asset groups to create a record of the asset subsidiary ledger that includes each asset’s useful life, salvage value, depreciation method
-automatically updates the general ledger, prepares journal entries
-automatically calculates depreciation, accumulated depreciation, and book value

Question 14

Key functions of the treasury cycle

Answer 14

-source documents such as deposit slips, checks, stock market data, and interest data are used to post journal entries affecting cash balances
-The accounting department performs bank reconciliations by using bank statements to reconcile the cash account balance
-journal entries are posted for each change in cash

Question 15

Keys AIS functions of the general ledger

Answer 15

-updates the general ledger as various transactions occur and journal entries are posted
-at the end of an accounting period, AIS automatically produces a trial balance showing the dr and cr balances in each account
-The accounting department posts any necessary adjusting entries such as entries for depreciation, prepaid expenses
-produces final financial statements after adjusted entries are made and the debit and credit amounts in the trial balance are equal
-automatically closes temporary accounts

Question 16

How can an organization improve the performance of its information systems?

Answer 16

By improving business processes that provide inputs to those systems. Improving consistency and reliability in processes results in better data. Better processes = fewer errors = more efficient accounting

Question 17

Business process automation

Answer 17

term for the automation of business processes using computer programs designed to perform repetitive tasks.

Question 18

Shared services

Answer 18

refers to seeking out redundant services, combining them, and sharing those services within a group or organization. they are shared within an organization or group of affiliates and almost always involve software that is designed to process large batches of data

Question 19

Outsourcing

Answer 19

contracting of services to an external provider.

Question 20

Quality Risk

Answer 20

an outsourced product or service might be defective

Question 21

Quality of service

Answer 21

poorly designed service agreements may impede the quality of service

Question 22

Productivity

Answer 22

Real productivity may be reduced even though service provider employees are paid less

Question 23

Staff Turnover

Answer 23

experienced and valued staff whose functions have been outsourcing may leave the organizations

Question 24

Language skills

Answer 24

Language barriers may reduce the quality of service

Question 25

Security

Answer 25

security information with a third party might be compromised

Question 26

Qualifications of Outsourcers

Answer 26

credentials may be flawed

Question 27

Labor Insecurity

Answer 27

increases when jobs move to an external service provider

Question 28

Robotic Process Automation (RPA)

Answer 28

refers to the use of programs to perform repetitive tasks that do not require skilled human labor

Question 29

Natural language processing

Answer 29

involves technology developed and used to encode and interpret human languages

Question 30

Neural Networks

Answer 30

an artificial neural network is a form of technology that is modeled after neurons that facilitate the function of human or animal memory. Input layer/hidden layer/output layer

Question 31

Processing Integrity

Answer 31

refers to a system’s ability to initiate and complete transactions so that they are valid, accurate, completed timely, and authorized to meet a company objective

Question 32

How are design control deficiencies in a SOC 2 engagement defined?

Answer 32

1. necessary controls that are missing or
2. existing controls that are not designed properly

Question 33

How are design deficiencies related to processing integrity identified?

Answer 33

By applying the trust services criteria. Understand the risk assessment process, evaluate the link between controls in the system description and relevant services criteria, and determine whether the appropriate controls are in place.

Question 34

Description Criteria for a Description of a Service Organization System in a SOC 2 Report

Answer 34

used to identify deficiencies by comparing organization system design documentation. A set of benchmarks

Question 35

Principle service commitment and the Principle system requirements

Answer 35

Required to be disclosed by management to support the understanding of the system and the services provided, and the design of the controls

Question 36

How are operation control deficiencies in a SOC 2 engagement defined?

Answer 36

1. Does not operate as designed or
2. is performed by a person who lacks authority or competence to perform the control effectively

Question 36

What is the service auditor responsible for?

Answer 36

Designing and performing the tests of controls: inquiries, reperforming controls, observation

Question 37

What are some considerations the service auditor should make?

Answer 37

Timing
Size and frequency of sampling

Question 38

Control Activities category, principle 11

Answer 38

States that there should be general controls over technology in order to achieve organizational objectives. To establish these controls, the company must understand the dependency between general controls over technology and the use of technology in business processes.

Question 39

Information and Communication category, principle 13

Answer 39

States that organizations should acquire, create, and use quality information in order to support internal controls. These include:
identifying the company’s information needs;
capturing both external and internal sources of data;
processing relevant data into useful information;
maintaining quality when processing that data

Question 40

Principle 14

Answer 40

States that effective communication of information is necessary to support internal controls. This means communicating internal information to the proper stakeholders, including the board of directors

Question 41

Blockchain

Answer 41

a control system originally designed to govern the creation and distribution of Bitcoin

Question 42

What is cryptocurrency mining mean?

Answer 42

Mining involves a person or group of people performing cryptography which is solving of complex mathematical equations. Bitcoin must be mined in order to confirm transactions

Question 43

What is the result of cryptography?

Answer 43

Blocks of a fixed number of transactions are confirmed at a time. The reward for solving (validating) the equation is both:
the receipt of bitcoin; and
the validation of a new block of transactions

Question 44

Blockchain was developed to…

Answer 44

prevent Bitcoin from being replicated; and to limit its initial creation so that there is only a finite number of Bitcoins.
Also serves as a audit trail. An auditor can use the chain to verify transactions.
Not all data needed to validate transaction is on the blockchain.

Question 45

Control Environment

Answer 45

1. Demonstrates commitment to integrity and ethical values
2. Exercises oversight responsibility
3. Establishes structure, authority, and responsibility
4. Demonstrates commitment to competence
5. Enforces accountability

Question 46

Risk Assessment

Answer 46

6. Specifies suitable objectives
7. identifies and analyzes risk
8. Assesses fraud risk
9. Identifies and analyzes significant change

Question 47

Control Activities

Answer 47

10. Selects and develops control activities
11. Selects and develops general controls over tech
12. Deploys control activities through policies

Question 48

Information and Communication

Answer 48

13. Uses relevant, quality information
14. Communicates internally
15. Communicates externally

Question 49

Monitoring Activities

Answer 49

16. Conducts ongoing and/separate evaluations
17. Evaluates and communicated deficiencies

Question 50

When implementing COSO controls to a blockchain setting, an organization should consider the following…

Answer 50

-focus on preventative controls due to volume and speed of transactions being processes
-Increase the frequency of detective controls, also due to the volume
-develop controls that use other analytic tech like AI tools
-develop a code of conduct
-create cross disciplinary teams

Question 51

A reasonableness test…

Answer 51

will likely prompt an error message when the offset transaction total exceeds the original transaction

Question 52

Check digit tests…

Answer 52

determines whether an ID number entered is a valid entry

Question 53

A size check tests compares…

Answer 53

the transaction with predetermined threshold on a standalone basis.

Question 54

Waterfall method (changes to business processes and managing system changes)

Answer 54

Teams work linearly, allows organizations to focus on system design, testing, deployment, change review, and maintenance.

Question 55

Agile method (changes to business processes and managing system changes)

Answer 55

structures projects so that different teams work simultaneously

Question 56

What is the goal of protecting cardholder data?

PCI DSS

Answer 56

Encryption of the transmission of cardholder data across open, public networks enhances the ability to acomplish th goal