Which of the following statements regarding a system of internal control is false? a. Effective internal control systems provide complete assurance against the occurrence of material frauds and embezzlements. b. Internal control systems depend largely on the competency and honesty of people. c. Because internal control systems have a cost, management should evaluate the cost/benefit of each control plan. d. The development of an internal control system is the responsibility of management.

The information process control goal which relates to preventing fictitious events from being recorded is termed: a. ensure input validity b. ensure input accuracy c. ensure input completeness d. ensure effectiveness of operations

Strong anti-fraud controls include: a. segregation of duties b. job rotations c. mandatory vacations d. all of the above

A control that involves reprocessing transactions that are rejected during initial processing is an example of: a. preventive controls b. detective controls c. corrective controls d. programmed controls

COBIT was developed to: a. provide guidance to managers, users, and auditors on the best practices for the management of information technology b. identify specific control plans that should be implemented to reduce the occurrence of fraud c. specify the components of an information system that should be installed in an ecommerce environment d. suggest the type of information that should be made available for management decision making

The control concern that there will be a high risk of data conversion errors relates primarily to which of the following information systems functions? a. data control b. data entry c. data librarian d. database administration

Which of the following is not one of COBIT's four broad IT control process domains? a. plan and organize b. acquire and implement c. repair and replace d. monitor and evaluate

Approving a customer credit purchase would be an example of which basic events processing function? a. authorizing events b. executing events c. recording events d. safeguarding resources

Which of the following is not a strategic planning process? a. IT-related requirements to comply with industry, regulatory, legal, and contractual obligations, including privacy, transborder data flows, e-business, and insurance contracts. b. Acquisition and development schedules for hardware, software, and application systems and for personnel and financial requirements. c. Systems development life cycle adoption to ensure that comprehensive documentation is developed for each application. d. An inventory of current IT capabilities.

Approving a customer credit purchase would be an example of which basic events processing function? a. authorizing events b. executing events c. recording events d. safeguarding resources

Which of the following statements is true? a. Management has a legal responsibility to protect an organizations informational assets. b. Proper protection of organizational information from unauthorized use required both physical and logical controls. c. The unauthorized disclosure of financial information is a violation of federal securities laws. d. All of the above.

A clerk receives checks and customer receipts in the mail. He endorses the checks, fills out the deposit slip, and posts the checks to the cash receipts events data. The clerk is exercising which functions? a. recording and executing events b. authorizing and executing events c. recording and authorizing events d. safeguarding of resources and authorizing events

This logs and monitors who is on or trying to access an organization's network. a. biometrics b. electronic vaulting c. intrusion detection systems (IDS) d. firewall

A mechanism by which a company is reimbursed for any loss that occurs when an employee commits fraud is called a: a. segregation of duties b. fidelity bond c. personnel planning control d. termination control plan

COBIT was developed by: a. COSO b. IT Governance Institute c. PCAOB d. AICPA