33. Which of the following is not an implication of section 302 of the Sarbanes Oxley Act? a. Corporate management (including the CEO) must certify monthly and annually their orga nization's internal controls over financial reporting b. Auditors must interview management regarding significant changes in the design or oper ation of internal control that occurred since the last audit c. Management must disclose any material changes in the company's internal controls that h ave occurred during the most recent fiscal quarter d. Auditors must determine, whether changes in internal control has, or is likely to, materiall y effect internal control over financial reporting 28. Which of the following is not a risk associated with Enterprise Resource Planning (ERP) syst em implementation? a. A drop in firm performance after implementation because the firm looks and works differ ently than it did while using a legacy system b. The selected system does not adequately meet the adopting firm's economic growth c. ERP's are too large, complex, and generic for them to be well integrated into most compa ny cultures d. Implementing firms fail to select systems that properly support their business activities e. Implementing companies have found that staff members, employed by ERP consulting fir ms, do not have suficient experience in implementing new systems P Pow Juppy 26. Including appropriate application controls such as validity and field checks promotes: a. Accuracy of data entry b. Evidence of authorization c. Assurance that all transactions are recorded d. Efficient recording of transactions 22. Which of the following is most likely to improve detection of a computer fraud? A. Increase the penalty for committing fraud by prosecuting fraud perpetrators more vigorou sly b. Develop a strong system of internal controls c. Create an audit trail so that individual transactions can be traced through the system to th e financial statements and financial statement data can be traced back to individual transa ctions d. Store backup copies of program and data files in a secure, off-site location