1 IT for Accountants Sample Final Exam Semester 1/2012 The exam will compose of 30 multiple choices (approximately 3 questions

from each lecture) and 4 essay questions It is noted that this sample exam is used to guide the students to prepare for the exam Part I: Multiple choice questions 1. Who is an internal user of an Accounting Information System? A) Stockholder B) Investor C) Manager D) Customer 2. The transaction processing cycle that is concerned with the events related to the collection of customer payment and issue a customer invoice is A) production B) revenue C) financial D) expenditure 3. What is the supporting business process in the value chain model? A) Inbound sales logistics B) Outbound sales logistics C) Operations D) Human resources 4. What is one of the objectives of Internal Control Process? A)Monitoring B) Compliance C) Risk assessment D) Communication 5. Which is NOT the phase in the system development projects? A) System analysis B) System implementation C) System programming D) System design2 6. What are NOT the elements of internal control process? A. Control environment, Risk assessment B. Control environment, Control activities C. Control activities, Information and Communication D. Information and Communication, Operational assessment 7. In the preparation of a logical data flow diagram for a payroll system, which of the following symbols could be used to indicate the employee data? A) magnetic disk symbol B) data store symbol C) terminator symbol D) input/output symbol

8. Which technique is NOT used in the system design phase? A. Data flow diagram B. Interview C. System flowcharting D. Input/output analysis 9. Which is correct about flowchart and dataflow diagram? A. Both flowchart and dataflow diagram has a process symbol B. A data store is shown in a flowchart C. Input/output is used in a dataflow diagram D. Decision is used in a dataflow diagram 10. Which is NOT a component of Enterprise Risk Management? A. Internal Environment B. Event Identification C. Risk Assessment D. Quality Assurance 11. What are common exposures in an organization? A) Deficient revenue B) Loss of assets C) Excessive costs D) All of the above3 12. Management's philosophy and operating style are part of which component of internal control? A) Control activities B) Control environment C) Information and communication D) Monitoring 13. In transaction processing controls, which one refers to act to uncover errors after they have occurred? A) Preventative B) Detective C) Corrective D) All of the above 14. The component of Enterprise Risk Management which composes of the controls designed to provide reasonable assurance that the following control objectives are met is called A) Control environment B) Control activities C) Monitoring D) Information and Communication 15. The component of Enterprise Risk Management which involves the ongoing process of

assessing the quality of internal controls over time and taking corrective actions to ensure the control remain effective is called A) Control environment B) Control activities C) Monitoring D) Information and Communication 16. In the context of information security, which term is defined as ensuring timely and reliable access to and use of information A) Availability B) Confidentiality C) Integrity D) None of the above4 17. In the context of information security, which term is defined as guarding against improper information modification or destruction A) Confidentiality B) Integrity C) Availability D) None of the above 18. Which is the use of system access control? A) Card-key system B) Biometric hardware authentication C) Close-circuit television D) User ID and Password 19. Which is true about the incremental backup? A) Back up all file in a disk B) Back up only those files that have been modified since the last backup C) Back up only those files that have been deleted since the last backup D) None of the above 20. Which is NOT the component of control environment? A) Management philosophy and operating style B) Board of director and its committees C) Internal audit function D) Internal influences 21. Which of the followings defined quantitative approach in analyzing vulnerabilities and threats? A) The systems vulnerabilities and threats are subjectively ranked in order of their contribution to the companys total loss exposure B) Cost of individual loss multiply likelihood of the financial loss C) Cost of individual loss multiply likelihood of its occurrence D) Both of A and C 22. The last step in the procurement process should be

A) preparation of the purchase order B) vendor payment C) selection of a vendor D) invoice verification5 23. Which procurement document is available in SAP ERP? A. Contracts B. Quatation C. Purchase requisition D. All of the above 24. Which is NOT the human resource module in SAP ERP? A. Personnel Administration B. Personnel Planning C. Personnel Development D. All of the above are the human resource module in SAP ERP 25. Which system approach is more flexible than the traditional approach but requires constant communication between analyst and users? A. System Development Life Cycle B. Agile approach C. Waterfall approach D. Big-Design-Up-Front approach 26. From a cost standpoint, the phase of systems development in which the least money is spent compare toany other area is ________. A) systems analysis B) systems design C) systems implementation D) systems planning 27. During a stage of survey the present system, which is NOT a source for gathering facts inside an organization? A. Interview B. Questionnaire C. Observation D. Industry journal 28. The document that graphically shows the actual and planned times for the major activities of a systems implementation project is the A) Gantt chart B) Network diagram C) PERT diagram D) HIPO chart6 29. Once system design alternatives have been laid out and documented, they must be evaluated. The primary criteria for selecting the alternative for implementation purposes should be

A) cost versus benefits B) simplicity versus complexity C) user acceptance of the alternative D) feasibility 30. Which is NOT the consideration for data input design? A) relevance B) Accuracy C) uniformity D) cost-effectiveness Part II: Essay Question (the real exam has 4 essay questions) Identify and explain four components of Enterprise Risk Management Enterprise risk management is a process, effected by an entitys board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity and manage risk to be within its risk appetite,to provide reasonable assurance regarding the achievement of entity objectives. ERM CONSIST OF 8 COMPONENTS 1. Internal Environment 2. Objective Setting 3. Event Identification 4. Risk Assessment 5. Risk Response 6. Control Activities 7. Information and Communication 8. Monitoring CONTROL ENVIRONMENT : Factors included in the control environment are as follows: The first component of internal control is the control environment Factors included in the control environment are as follows: Integrity and ethical values Commitment to competence Management philosophy and operating style Human resource policies and procedures Organizational structure Attention and direction provided by the board of directors and its committees Manner of assigning authority and responsibility

Human resource policies and procedures

Risk assessment
The second component of internal control is risk assessment Risk assessment is the process of identifying, analyzing, and managing risks that affect the companys objectives

Control activities
The third component of internal control is control activities These include accounting controls designed to provide reasonable assurance that the following control objectives are met: Segregation of duties Design and use of adequate documents and records Access to assets is permitted only in accordance with managements authorization. Independent checks and reviews are made on the accountability of assets and performance Information processing controls are applied to check the proper authorization, accuracy, and completeness of individual transactions.

INFORMATION AND COMUCINCATION The fourth component of internal control is information and communication Information refers to the organizations accounting system Communication relates to providing a clearunderstanding regarding all policies and procedures relating to controls What is an audit trail? An audit trail is comprised of the documentary evidence of the various control techniques that a transaction was subject to during its processing

MONITORING
The fifth component of internal control is monitoring It involves the ongoing process of assessing the quality of internal controls over time and taking corrective actions when necessary to ensure the controls remain effective The COSO report Guidance on Monitoring Internal Control Systems presents a three-phase model for monitoring

1. Establish foundation for monitoring 2. Design and execute monitoring procedures that are based on risk 3. Assess and report the results 2. Discuss all step in a procurement business process Procurement is the business process of selecting a source, ordering, and acquiring goods or services. Obtained internally PURCHASED

The Procurement Business Process

SAP ERP supports procurement in its materials management module. Documents in SAP ERP are online documents. Documents may also be printed and exchanged manually.
2010 Pearson Education, Inc. Publishing as Prentice Hall, AIS, 10/e, by Bodnar/Hopwood
81

The Procurement Business Process

Purchase requisition Quotation Outline agreements Scheduling agreements
.

Request for quotation Purchase order Contracts Purchasing information records

81

2010 Pearson Education, Inc. Publishing as Prentice Hall, AIS, 10/e, by Bodnar/Hopwood

The Procurement Business Process

All procurement documents are assigned a document type code. This code determines the fields that are displayed on video screens. It also controls the range of unique numbers that are assigned to particular document types.
2010 Pearson Education, Inc. Publishing as Prentice Hall, AIS, 10/e, by Bodnar/Hopwood
88

Draw a CONTEXT dataflow diagram to collect the timesheet and pay the employee. 4. Discuss each stage of System Development Life Cycle

Systems Development Life Cycle

Planning

Implementation

Analysis

Design
2010 Pearson Education, Inc. Publishing as Prentice Hall, AIS, 10/e, by Bodnar/Hopwood
10 2

Planning. This phase is the first step of any system's life cycle. It is during this phase that a need to acquire or significantly enhance a system is identified, its feasibility and costs are assessed, and the risks and various project-planning approaches are defined. Roles and responsibilities for the Asset Manager, Sponsor's Representative, System Development Agent (SDA), System Support Agent (SSA), and other parties in SDLC policy are designated during this stage and updated throughout the system's life cycle. ANALYSIS : This phase begins after the project has been defined and appropriate resources have been committed. The first portion of this phase involves collecting, defining and validating functional, support and training requirements. The second part is developing initial life cycle management plans, including project planning, project management, Configuration Management (CM), support, operations, and training management. 3. Design. During this phase, functional, support and training requirements are translated into preliminary and detailed designs. Decisions are made to address how the system will meet functional requirements. A preliminary (general) system design, emphasizing the functional features of the system, is produced as a high-level guide. Then a final (detailed) system design is produced that

expands the design by specifying all the technical detail needed to develop the system. Implementation. During this phase, the new or enhanced system is installed in the production environment, users are trained, data is converted (as needed), the system is turned over to the sponsor, and business processes are evaluated. This phase includes efforts required to implement, resolve system problems identified during the implementation process, and plan for sustainment.
5. What is internal control? Why it is important in the use of an accounting system?7 What is internal control?
Overall, it a process implemented by a company's Board of Directors and Management, designed to provide reasonable assurance regarding objectives in the following areas: 1. Effectiveness and efficiency of operation in the business 2. Reliability of Reporting 3. Compliance with applicable rules, laws, and Regulations governed by GAAP, FASB, and GASP Accounting systems provides businesses with a uniform way to use a company's data and financial information to strategize in the areas listed above. There are five key elements of implementing internal control: 1. Environmental control 2. Risk Assessment 3. Control Procedures 4. Monitoring of all of the above - the overall system The reason these issues are so important is that it ultimately protects the company from fraud and collusion. In addition to criminal injuries, good internal control is necessary to inform the management of abuses or inconsistencies vis a vie over-production, poor production, or inadequate production by both personnel and equipment. For example, manufacturing production controls must be stringently adhered to. If a machine is off by 5% in making a product, the ramifications of this downturn could be a disaster. Simiiarly with people. People in

an organization need to know what is expected of them up front. This comes with good controls. It then becomes easier to monitor their commitment, production and success at their job. Numbers do not only belong in the front office. For a business to run successfully, all employees need to know production numbers, reality of achieving those numbers and can contribute mightily to enable production to increase based on their input. In short, we could write pages about internal controls. Suffice to say that this is just a snippet of information about running a business. If you are a small business owner, an example of internal controls would be the issuance of a purchase order to your supplier, a receiving ticket created by you when product is received, and matched to an invoice when received. Although internal controls can sound sophisticated and overly-complicated, the bottom line is that you must know your business, understand all facets of your business, and in general ALWAYS control the money. Start with that and then we can go to using GAAP and FASB.