Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Part 1: Applying General Controls General Controls - A company designs general controls to ensure that its overall AIS is stable and well managed. They
Part 1: Applying General Controls General Controls - A company designs general controls to ensure that its overall AIS is stable and well managed. They contain (partial list): Proper Authorization of transactions and Independent Checks on Performance events Proper Authorization of transactions Top level review Analytical review Segregation of duties reconciliation of two independently maintained sets of records Segregation of duties within processing (CAR) comparison of actual quantities with recorded amounts Segregation of duties within the systems function double-entry accounting independent reviews Change Management controls Document all change requests Approval of changes Test change prior to implementation Update company documentation to reflect change Monitoring Develop backout plan Logical access controls passwords biometric identification compatibility tests (access control matrix) Safeguard assets, records, and data Physical access controls locked rooms, restricting access to authorized personnel having only one or two entrances to the computer room requiring proper employee ID using guards and requiring that visitors sign a log installing locks on PCs, (Asset Accountability Controls) effectively supervising and segregating duties maintaining accurate records of assets, including information restricting physical access assets Protect records and documents (ie, having restricted storage areas) Security cameras/alarms Required: What general controls from above would be most effective in preventing or detecting each of the following errors or undesirable practices? Your answer can have more than one general control. Use the detailed control, not the header. 1) A clerk in the personnel department lists a phantom employee in the personnel records; when the signed paychecks are received from the cashier for distribution, this clerk takes the paycheck for the fictitious employee, cashes it, and keeps the proceeds. 2) A salesperson collects $500 cash on account from a customer and pockets the proceeds. 3) An accounts payable clerk prepares and submits an invoice form a fictitious supplier having the name of her mother, writes a check to the supplier and mails the check to her mother's address; the daughter and mother later split the proceeds. 1 4) Several employees pad the hours worked on their time cards to receive pay for overtime hours never worked. 5) An accountant steals payments made by customers by writing off the receivables against the allowanc for doubtful accounts. 6) A salesperson using her microcomputer, which is interconnected to a local-area network, accesses the server containing payroll data and prints out a list of the salaries of the firm's sales personnel. Part 2: Applying Application Controls Application controls pertain directly to the transaction processing systems and help ensure the accuracy of a specific application's inputs, files, programs, and outputs. The objectives of application controls are to ensure that all transactions are legitimately authorized and accurately and completely recorded, classified, processed, and reported The application controls relate to transaction processing (input, processing and outputs) include the following: Input (Source Data) Controls Additonal Batch Entry Controls Form design Sequence Check Cancellation and storage of documents Error Logs Authorization and segregation of duties Batch Totals (financial total, hash total, record count) Visual scanning Additional Online Data Entry Data Entry Controls Prompting Field Check Preformatting Sign Check closed-loop verifications - Limit Check Transaction Logs Range Check Clear error messages Size (Capacity) check automatic transaction data entry Completeness check Validity Check Output Controls Reasonableness Check User review of output check digit verification Reconciliation Procedures External data reconciliation Required: What application controls from above would be most effective in preventing or detecting each of the following errors or undesirable practices? Note: can have more than one control 1) At the time of adjusting salaries for wages, an HR clerk keys in $2,500 rather than $250 as the monthly increase in a secretaries salary 2) A sales clerk entering a sales order via his terminal for 100 microcomputer keyboards mistakenly keys in the product number for microcomputers in the quantity field 3) A bookkeeping clerk incorrectly enters the letter r instead of the digit 4 as the last data item in a customer identification number field. 4) On his way to the payroll department, Igor the timekeeper loses 10 employee time cards when they accidentally fall out of a file folder. 5) An accounting clerk inadvertently enters part number 820015 as 820510 (an invalid number). Same as 5 but assume the part number entered is a valid part number. Part 3: Applying Controls For the next three questions, Listed below are system threats that have control implications. What is the best control plan to prevent the system failure from occurring? A letter should be used only once. A. Authorization of customer (includes existence check) B. Independent shipping authorization (such as using approved sales order to authorize shipment) C. Checking of goods, picking ticket and packing slip D. Reasonableness check E. User ID and passwords F. Field Check 1) A XYZ Co., the finished goods warehouse delivers goods to the shipping department, accompanied by the picking ticket. After checking the goods against the picking ticket, the shipping employee signs the picking ticket and gives it to the warehouse employee. Then the shipping department prepares a 3-part shipping notice, one copy of which serves as the packing slip. A recent audit discovered that a dishonest warehouse employee had been forging picking ticket documents, thereby having goods shipped to an accomplice. a 2) A former employee of the order entry department gained access to the department after hours and signed-on at one of the terminals. He entered an order for a legitimate customer, but instructed the system to ship the goods to his home address. Consequently, several thousand dollars worth of inventory was shipped to him. When the misappropriation was discovered, he had long since left the company and had changed addresses. 3) To encourage new business, Carefree Industries adopted a policy of shipping up to $1,000 of orders to new customers, during the period in which the customer's credit was being investigated. A recently- terminated order entry manager at Carefree, aware of the policy, placed several bogus phone orders, disguised each time as a first-time customer. She absconded with over $10,000 of merchandise that was shipped to her. Part 4: Miscellaneous Multiple-Choice Questions 1. Which of the following statements about the intemal environment is false? a. It is important to create an organizational culture that stresses a commitment to integrity and ethical values b. Management's attitudes toward intemal control and ethical behavior have little impact on employee beliefs or actions c. A weak internal environment often results in breakdowns in risk management and control d. Independent audit committees play a role in internal controls by overseeing the company's intemal control structure 2. A firm's sales procedure involves preparing sales invoices based on shipping documents; posting the sales amounts to accounts receivable records; and posting quantities billed to the inventory records. Due to control weaknesses in the procedure, certain goods that are shipped may not be reflected in the sales invoices. The exposure from this risk can result in: a. overstatements of revenues, receivables, and inventory b. understatements of revenues and receivables and over statement of inventory c. understatements of revenues, receivables, and inventory d. overstatements of revenues and receivables and understatement of inventory e understatement of revenues and overstatements of receivables and inventory 3. A serious exposure for an organization that is connected with the revenue cycle is the loss of assets. What is the related threat and applicable contitol procudure associated with this exposure? a. receiving unordered goods; compare to valid order b. billing errors; reconciliation of shipping documents to sales order C. errors in accounts receivable; reconcile to general ledger d. shipping errors, data entry controls e theft of inventory, documentation of all internal transfers of inventory Which of the following attributes would most likely be a primary key in one of the tables of a company's database: a. Supplier name b. Supplier purchase order number C. Customer check number d. Cash receipts date e. Customer ID number 5. Which of the following is not part of the basic requirements for a well-structured relational database? a. Every attribute in every table is single-valued (i.e., each table is a flat file). b. Every event must be linked to at least one resource. C. Every table must have a primary key. d. Other non-key attributes in each table must be either a fact about the thing designated by the primary key or foreign keys used to link that table to another table. 6. Which of the following is not an advantage of a well designed Database Accounting System? a. increased efficiency for high volume applications b. minimize data redundancy data is independent of the programs that use data d. reduces data inconsistencies e. Data is easily accessed for reporting and cross-functional analysis 4. C. Part 1: Applying General Controls General Controls - A company designs general controls to ensure that its overall AIS is stable and well managed. They contain (partial list): Proper Authorization of transactions and Independent Checks on Performance events Proper Authorization of transactions Top level review Analytical review Segregation of duties reconciliation of two independently maintained sets of records Segregation of duties within processing (CAR) comparison of actual quantities with recorded amounts Segregation of duties within the systems function double-entry accounting independent reviews Change Management controls Document all change requests Approval of changes Test change prior to implementation Update company documentation to reflect change Monitoring Develop backout plan Logical access controls passwords biometric identification compatibility tests (access control matrix) Safeguard assets, records, and data Physical access controls locked rooms, restricting access to authorized personnel having only one or two entrances to the computer room requiring proper employee ID using guards and requiring that visitors sign a log installing locks on PCs, (Asset Accountability Controls) effectively supervising and segregating duties maintaining accurate records of assets, including information restricting physical access assets Protect records and documents (ie, having restricted storage areas) Security cameras/alarms Required: What general controls from above would be most effective in preventing or detecting each of the following errors or undesirable practices? Your answer can have more than one general control. Use the detailed control, not the header. 1) A clerk in the personnel department lists a phantom employee in the personnel records; when the signed paychecks are received from the cashier for distribution, this clerk takes the paycheck for the fictitious employee, cashes it, and keeps the proceeds. 2) A salesperson collects $500 cash on account from a customer and pockets the proceeds. 3) An accounts payable clerk prepares and submits an invoice form a fictitious supplier having the name of her mother, writes a check to the supplier and mails the check to her mother's address; the daughter and mother later split the proceeds. 1 4) Several employees pad the hours worked on their time cards to receive pay for overtime hours never worked. 5) An accountant steals payments made by customers by writing off the receivables against the allowanc for doubtful accounts. 6) A salesperson using her microcomputer, which is interconnected to a local-area network, accesses the server containing payroll data and prints out a list of the salaries of the firm's sales personnel. Part 2: Applying Application Controls Application controls pertain directly to the transaction processing systems and help ensure the accuracy of a specific application's inputs, files, programs, and outputs. The objectives of application controls are to ensure that all transactions are legitimately authorized and accurately and completely recorded, classified, processed, and reported The application controls relate to transaction processing (input, processing and outputs) include the following: Input (Source Data) Controls Additonal Batch Entry Controls Form design Sequence Check Cancellation and storage of documents Error Logs Authorization and segregation of duties Batch Totals (financial total, hash total, record count) Visual scanning Additional Online Data Entry Data Entry Controls Prompting Field Check Preformatting Sign Check closed-loop verifications - Limit Check Transaction Logs Range Check Clear error messages Size (Capacity) check automatic transaction data entry Completeness check Validity Check Output Controls Reasonableness Check User review of output check digit verification Reconciliation Procedures External data reconciliation Required: What application controls from above would be most effective in preventing or detecting each of the following errors or undesirable practices? Note: can have more than one control 1) At the time of adjusting salaries for wages, an HR clerk keys in $2,500 rather than $250 as the monthly increase in a secretaries salary 2) A sales clerk entering a sales order via his terminal for 100 microcomputer keyboards mistakenly keys in the product number for microcomputers in the quantity field 3) A bookkeeping clerk incorrectly enters the letter r instead of the digit 4 as the last data item in a customer identification number field. 4) On his way to the payroll department, Igor the timekeeper loses 10 employee time cards when they accidentally fall out of a file folder. 5) An accounting clerk inadvertently enters part number 820015 as 820510 (an invalid number). Same as 5 but assume the part number entered is a valid part number. Part 3: Applying Controls For the next three questions, Listed below are system threats that have control implications. What is the best control plan to prevent the system failure from occurring? A letter should be used only once. A. Authorization of customer (includes existence check) B. Independent shipping authorization (such as using approved sales order to authorize shipment) C. Checking of goods, picking ticket and packing slip D. Reasonableness check E. User ID and passwords F. Field Check 1) A XYZ Co., the finished goods warehouse delivers goods to the shipping department, accompanied by the picking ticket. After checking the goods against the picking ticket, the shipping employee signs the picking ticket and gives it to the warehouse employee. Then the shipping department prepares a 3-part shipping notice, one copy of which serves as the packing slip. A recent audit discovered that a dishonest warehouse employee had been forging picking ticket documents, thereby having goods shipped to an accomplice. a 2) A former employee of the order entry department gained access to the department after hours and signed-on at one of the terminals. He entered an order for a legitimate customer, but instructed the system to ship the goods to his home address. Consequently, several thousand dollars worth of inventory was shipped to him. When the misappropriation was discovered, he had long since left the company and had changed addresses. 3) To encourage new business, Carefree Industries adopted a policy of shipping up to $1,000 of orders to new customers, during the period in which the customer's credit was being investigated. A recently- terminated order entry manager at Carefree, aware of the policy, placed several bogus phone orders, disguised each time as a first-time customer. She absconded with over $10,000 of merchandise that was shipped to her. Part 4: Miscellaneous Multiple-Choice Questions 1. Which of the following statements about the intemal environment is false? a. It is important to create an organizational culture that stresses a commitment to integrity and ethical values b. Management's attitudes toward intemal control and ethical behavior have little impact on employee beliefs or actions c. A weak internal environment often results in breakdowns in risk management and control d. Independent audit committees play a role in internal controls by overseeing the company's intemal control structure 2. A firm's sales procedure involves preparing sales invoices based on shipping documents; posting the sales amounts to accounts receivable records; and posting quantities billed to the inventory records. Due to control weaknesses in the procedure, certain goods that are shipped may not be reflected in the sales invoices. The exposure from this risk can result in: a. overstatements of revenues, receivables, and inventory b. understatements of revenues and receivables and over statement of inventory c. understatements of revenues, receivables, and inventory d. overstatements of revenues and receivables and understatement of inventory e understatement of revenues and overstatements of receivables and inventory 3. A serious exposure for an organization that is connected with the revenue cycle is the loss of assets. What is the related threat and applicable contitol procudure associated with this exposure? a. receiving unordered goods; compare to valid order b. billing errors; reconciliation of shipping documents to sales order C. errors in accounts receivable; reconcile to general ledger d. shipping errors, data entry controls e theft of inventory, documentation of all internal transfers of inventory Which of the following attributes would most likely be a primary key in one of the tables of a company's database: a. Supplier name b. Supplier purchase order number C. Customer check number d. Cash receipts date e. Customer ID number 5. Which of the following is not part of the basic requirements for a well-structured relational database? a. Every attribute in every table is single-valued (i.e., each table is a flat file). b. Every event must be linked to at least one resource. C. Every table must have a primary key. d. Other non-key attributes in each table must be either a fact about the thing designated by the primary key or foreign keys used to link that table to another table. 6. Which of the following is not an advantage of a well designed Database Accounting System? a. increased efficiency for high volume applications b. minimize data redundancy data is independent of the programs that use data d. reduces data inconsistencies e. Data is easily accessed for reporting and cross-functional analysis 4. C
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started