Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

1. 2 The risk of an identified event can significantly impact the system of internal control. Identify the correct ways that management can used in

image text in transcribed
image text in transcribed
image text in transcribed
image text in transcribed
image text in transcribed
image text in transcribed
image text in transcribed
image text in transcribed
1. 2 The risk of an identified event can significantly impact the system of internal control. Identify the correct ways that management can used in respond to that risk. i. Share risk or transfer it to someone else. ii. Avoid risk by not engaging in the activity that produces the risk. iii. Assess the likelihood and impact of the risk. iv. Reduce the likelihood and impact of the risk by implementing an effective system of internal controls. A i and iii B. i, ii and ili C. i, ii and iv D. All of the above (1 mark) Identify which of the statements are TRUE? i. The Committee of Sponsoring Organizations (COSO) issued an integrated framework to evaluate internal control. ii. Preparing bank reconciliation is an example of preventive control. ii. General controls refer to the controls designed to make sure an organization's information system and control environment is stable and well managed. iv. One of the objectives of internal controls is to prepare financial reports in accordance with established criteria. A i and ii B. i, ii and ili c. i, ii and iv D. , ii and iv (1 mark) Identify which of the statements are TRUE in describing control environment. i. The company nation that is the substance for all other internal control mechanisms. ii. The company culture that stimuli on how organizations establish plans and purposes. ili. The company that stresses integrity and commitment to ethical values and competence. iv. Identifying and assessing changes that could not significantly impact the system of internal control A i and ii i, ili and iv i, ii and iii D. All of the above (1 mark) 3. B. C. 4. 5. ii. Jaring Bhd management have set good environment which support integrity and necessity for a strong internal control system. They have good attitude about the risk that affects policies, procedures, oral and written communication and decision. Jaring also have set the amount of risk that they are willing to accept in ensuring it aligns with their strategy. Determine which are NOT related to this scenario. i. Risk assessment ii. Risk strategy iii. Risk appetite iv. Risk response A. iii only B i and iv C. i, ii and iv D. i, ii and iii (1 mark) Carigali Bhd allows shoppers and sellers having access to each other's system and data. This allows them to access databases that contain confidential information. Choose which of the answers that do NOT represent this scenario. i. Faulty judgments and decision making and collusion. Misunderstanding of information technology (IT) capabilities and risks. iii. Controlling the security and integrity of their computer systems. iv. Management's vision that does not communicate company core values. A. i and iv B. ii and ill c. i, ii and iv D. Hi, i and iv (1 mark) Jasa Sdn Bhd would ensure that no single employee be given too much responsibility over business transactions or process. Choose the correct accounting duties that should be segregated so that Jasa Sdn Bhd will have a good internal control. Approving the source data, monitor the flow of work, reconcile input and output handle input errors, and distribute systems output; specified as network control. Approving transactions and decisions; identified as authorization Preparing source documents: entering data into computer systems; and maintaining journals, ledgers, files, or databases; recognized as recording. iv. Handling cash, tools, inventory, or fixed assets; receiving incoming customer checks; writing checks; known as custody. A i, ii and iii B. li, lli and liv C. ii and iv D ili and iv (1 mark) 6. ii. A. 8. 7. A clerk in Indah Lang Bhd has stolen 50 blank checks, wrote checks from RM50,000 to RM500,000, bogus the names of officials and pursued them. Safety of documents and records can be implemented by Determine the correct answer. i locked filing cabinets that can be accessed by all staffs. ii. backup files, and off-site storage protect records and documents. iii.kept in an unlocked storeroom. iv. access to blank checks and documents should be limited to authorized personnel. i and ii Bill only c. ii and iv D. ii, iii and iv (1 mark) Identify which of the statements are TRUE in relation to Trust Services Framework. i. A guidance to assess the reliability of information systems. ii. Widely accepted as the authority on internal controls. iii. Jointly developed by the AICPA and the CICA. iv. Contains five (5) important principles. A. ii and iv B. i, ii and ii C. i, ili and iv D. All the above (1 mark) Which of the following statements describe an effective security based on time-based model of information security? i. The information security personnel successfully blocked the hacker upon being alerted about the network breach by the intrusion detection system. ii. Defense in depth is the strategy employed to satisfy the objective of time-based model of security The time an attacker takes to break through the organization's preventive controls should not be greater than the sum of the time required to detect the attack. It is implemented by combining the preventive, detective, and corrective controls. A. i and ii i, ii and iii c. i, ii and iv All of the above (1 mark) 9. ili. iv. B. D. 10. Natasha works as a security officer at one of the security consulting firms. She is responsible to attempt an authorized access to client network and prepare a report on how the client can design and implement better controls, Determine the correct testing performed by Natasha. A Vulnerability Test B. Penetration Test c. Compatibility Test D. Buffer Overflow Test (1 mark) 11. Sammy has been recently hired by a large manufacturing company and he is responsible to disseminate information about fraud, errors, breaches and other improper system uses in the organization and their consequences to the top-level management every week. The suitable job title for Sammy is Choose the correct answer A Chief security officer B. Chief information officer C. Chief operations officer D. Computer emergency response leader (1 mark) 12. Ravi, a new staff of Mad Technologies has been assigned username and appropriate permission to specific portions of the company systems. When Ravi attempts to access the systems resource, the system performs a/an to determine whether he should be allowed to access those resources and perform the requested actions or not. Determine the correct answer. A access control matrix B. authentication control C. remote access control D. compatibility test (1 mark) 13. Identify which of the following statement(s) is TRUE? i. The only way to decrypt a file encrypted using X's private key is to use X's public key. The only way to decrypt a file encrypted using X's private key is to use X's private key iii. Only using Y's private key can a file encrypted with X's private key be decrypted. Only with Y's public key can a file encrypted with X's private key be decrypted. i and iii ii and iv i only ii only (1 mark) it. iv. A B. C. D i. iv. A B. 14. Darrel is trying his best to understand the best practices related to the Generally Accepted Privacy Principles (GAPP). Identify which are the best practices that Darrel needs to understand about said principles. Consent should be obtained from the customers before collecting their personal information. Customer information should be protected by coded with digital watermark. iii. Customer information should be disposed in a secure manner when the information is no longer useful. Organizations are allowed to collect all information about particular customers. i and ii i and i c. 1, li and it D. i, ili and iv (1 mark) 15. Tailway Bhd has specified that any company's information must be safely protected, all sensitive information must be exchanged securely and transited over the Internet with a proper encryption process. Choose which of the answers that do not relate with the scenario i. Hashing process Virtual private network Information rights management (IRM) iv. Public key infrastructure (PKI) A i and iv ili and iii i, ili and iv D. iii and iv (1 mark) 16. Linda has expressed her concerned to the top management of Umit Bhd, regarding information security that requires preservation of confidentiality and privacy of the organization. Determine which are the components of protecting confidentiality and privacy i. Identifying the information need to be protected and classify the information in terms of its value to the organization. ii. Developing confidentiality and privacy policies. Accessing to the information must be properly controlled by the organization. Conduct training to employees on how to handle the information i and iii B. i, ili and iv i, li and iv iii. B. C. iii. iv. A C. D All of the above (1 mark) iii. . iv. 20. Backup process are designed to deal with situation when information is not accessible due to several factors. Identify which of the following statements are TRUE in relation to data backup procedures. i. The types of daily backup are: full incremental and differential backup. ii. Most organizations are not preferred to perform full backups daily due to time- consuming. Incremental daily backups take longer time to backup compared to differential daily backup. Restoration process of differential daily backup is easier and faster than incremental daily backup. A il and iv B. ii and ili C. i, ii and iv D. ii, ili and iv (1 mark) 21. Most organizations use spreadsheets to support decision making. Identify which of the following statements are TRUE regarding processing integrity controls in spreadsheet. i. Spreadsheet errors may give bad impact to the organization such as misreport financial statements. ii. Once the organization uses spreadsheet in recording the data, no further check is required. iii. The built-in "audit" features can detect common error, however, the organization needs to conduct careful testing to detect subtle errors. Using reference cells and then write formulas that include the reference cell is a way to check hardwiring problem. i and iii i, li and iii c. i, iii and iv D. All of the above (1 mark) 22. AMAL Bhd hired 2 account clerks. Due to the pandemic and movement control order, the clerks will work from home and office alternately. When a clerk in the office key in the data for the account receivables, the system locks him out due to the data is being updated by his college who is working from home. Determine the correct processing control related to the situation. Write-protection mechanism B. Concurrent update control C. Data updating control Cross-footing control (1 mark) iv. A B. A D 23. Raja as a payroll executive at Tamarind Bhd will periodically reconciled the total number of employees records in the payroll file with the total number of employees in the human resources database to detect if any fictitious employees being add in the payroll database. Choose the control that are used by Raja. A. External data reconciliation B. Cross-footing test c. Sequence check D. Reasonable test (1 mark) 24. Mahirah works as an account payable officer at Jamamy Sdn Bhd which received about 40 shipments per day from various vendors. Once the goods are received, Mahirah is responsible to make payment to all vendors. Choose the most effective way that Mahirah can do in preventing paying twice to the same vendor? A. Only pay from original invoices. B. Allow only the accounts payable department to authorize payment for vendor invoices and allow only the cash receipt department to cut and mail checks to vendors. C. Only pay vendor invoices that have been matched and reconciled to a purchase order and a receiving report. D. Cancel each document in the voucher package once the check is prepared and mailed. (1 mark) 25. In the past two weeks, headquarter office of RGTP Berhad at Kuala Muda, Kedah has been destroyed by flood. Due to that, they need to close down their business for a few days. Therefore, the management of RGTP Berhad needs to have so that they can act accordingly in resuming all business process and operation to prevent more losses. Determine the correct answer. A. Master plan B. Business continuity plan C. Recovery time objective D. Recovery point objective (1 mark) (Total: 25 marks) 17. A digital watermark is data embedded into digital intellectual property (IP) to identify its originator or owner. A digital watermark tracks online digital media use and warns against potentially unauthorized access. In other words, it is used to identify the confidential information that has been disclosed. The digital watermark is alan example of Choose the correct answer. A detective control B. preventive control C. identification control D. corrective control (1 mark) 18. Suri Sdn Bhd is developing a new database for the customer ordering system. In order to protect customers privacy, the management uses a program that replaces private customers' information with false values before sending the data to programmers for testing. The program that replaces customers information with false values is implementing Determine the correct answer. A. Data wiping B. Data encryption C. Data masking D. Data replacing (1 mark) 19. Identify which of the following is the preventive maintenance to minimize the risk of system downtime. i. Archive ii. Conducting training to operator lii. Cleaning disk drives iv. Storing magnetic and optical media Ai, and it B. iii and iv c. ii, iii and iv D. All of the above (1 mark)

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

International Financial Reporting Standards An Introduction

Authors: Belverd E. Needles, Marian Powers

3rd Edition

1133187943, 978-1133187943

More Books

Students also viewed these Finance questions

Question

How is the NDAA used to shape defense policies indirectly?

Answered: 1 week ago