Académique Documents
Professionnel Documents
Culture Documents
ANS: B PTS: 1
ANS: D PTS: 1
ANS: B PTS: 1
ANS: D PTS: 1
ANS: A PTS: 1
6. Which of the following statements is least likely to be true about a data warehouse?
a. It is constructed for quick searching and ad hoc queries.
b. It was an original part of all ERP systems.
c. It contains data that are normally extracted periodically from the operating databases.
d. It may be deployed by organizations that have not implemented an ERP.
ANS: B PTS: 1
Page 1 of 28
d. The database and application functions are separate in the three-tier model.
ANS: C PTS: 1
ANS: D PTS: 1
ANS: C PTS: 1
ANS: D PTS: 1
ANS: C PTS: 1
ANS: B PTS: 1
ANS: D PTS: 1
Page 2 of 28
a. peer to peer
b. client-server
c. ring topology
d. bus topology
ANS: B PTS: 1
ANS: C PTS: 1
ANS: B PTS: 1
ANS: D PTS: 1
ANS: C PTS: 1
ANS: B PTS: 1
20. Which of the following is not a risk associated with ERP implementation?
a. Opposition to changes in the business culture
b. Choosing the wrong ERP
c. Choosing the wrong consultant.
d. All of these are risks associated with ERP implementations.
Page 3 of 28
ANS: D PTS: 1
ANS: B PTS: 1
22. Which of the following is NOT as a risk associated with ERP implementation?
a. A drop in firm performance after implementation because the firm looks and works
differently than it did while using a legacy system.
b. Implementing companies have found that staff members, employed by ERP consulting
firms, do not have sufficient experience in implementing new systems.
c. Implementing firms fail to select systems that properly support their business activities.
d. The selected system does not adequately meet the adopting firm’s economic growth.
e. ERPs are too large, complex, and generic for them to be well integrated into most
company cultures.
ANS: E PTS: 1
ANS: D PTS: 1
24. Which of the following is NOT a reason that data warehouses be created and maintained separately from
operational databases?
a. It is impractical to keep both operational and archive data in the same database.
b. The continued influence of legacy systems.
c. A separate centralized data warehouse is an effective means of collecting data from
diverse sources.
d. All of these are reasons that data warehouses are maintained separately.
ANS: D PTS: 1
Page 4 of 28
ANS: A PTS: 1
ANS: C PTS: 1
1.What do you call a system of computers that connects the internal users of an organization that is distributed over a
wide geographic area?
a. LAN
b. decentralized network
c. multidrop network
d. Intranet
ANS: D PTS: 1
ANS: D PTS: 1
ANS: B PTS: 1
4. Packet switching
a. combines the messages of multiple users into one packet for transmission. At the receiving
end, the packet is disassembled into the individual messages and distributed to the
intended users.
b. is a method for partitioning a database into packets for easy access where no identifiable
primary user exists in the organization.
c. is used to establish temporary connections between network devices for the duration of a
communication session.
d. is a denial of service technique that disassembles various incoming messages to targeted
users into small packages and then reassembles them in random order to create a useless
garbled message.
ANS: C PTS: 1
Page 5 of 28
5. Protocols
a. facilitate the physical connection between the network devices.
b. synchronize the transfer of data between physical devices.
c. provide a basis for error checking and measuring network performance.
d. all of the above.
ANS: D PTS: 1
ANS: B PTS: 1
7. Which topology has a large central computer with direct connections to a periphery of smaller computers? Also in
this topology, the central computer manages and controls data communications among the network nodes.
a. star topology
b. bus topology
c. ring topology
d. client/server topology
ANS: A PTS: 1
ANS: D PTS: 1
ANS: B PTS: 1
ANS: B PTS: 1
Page 6 of 28
b. used by network administrators to analyze network traffic
c. used by bus topology Intranets to sniff for a carrier before transmitting a message to avoid
data collisions
d. illegal programs downloaded from the Net to sniff passwords from the encrypted data of
Internet customers
ANS: B PTS: 1
ANS: D PTS: 1
ANS: C PTS: 1
ANS: A PTS: 1
ANS: A PTS: 1
Page 7 of 28
ANS: C PTS: 1
ANS: B PTS: 1
18. Which method does not manage or control data collisions that might occur on a network?
a. Multiplexing
b. Polling
c. carrier sensing
d. token passing
ANS: A PTS: 1
19. All of the following are true about the Open System Interface (OSI) protocol except
a. within one node different layers communicate with other layers at that node
b. one protocol is developed and applied to all the OSI layers
c. specific layers are dedicated to hardware tasks and other layers are dedicated to software
tasks
d. layers at each node communicate logically with their counterpart layers across nodes
ANS: B PTS: 1
20. NNTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level (HTTP)
format.
ANS: C PTS: 1
ANS: A PTS: 1
22. FTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: D PTS: 1
23. IP spoofing
Page 8 of 28
a. combines the messages of multiple users into a “spoofing packet” where the IP addresses
are interchanged and the messages are then distributes randomly among the targeted users.
b. is a form of masquerading to gain unauthorized access to a web server.
c. is used to establish temporary connections between network devices with different IP
addresses for the duration of a communication session.
d. is a temporary phenomenon that disrupts transaction processing. It will resolve itself when
the primary computer completes processing its transaction and releases the IP address
needed by other users.
ANS: B PTS: 1
24. HTML
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet.
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: A PTS: 1
ANS: C PTS: 1
26. A message that is made to look as though it is coming from a trusted source but is not is called
a. a denial of service attack
b. digital signature forging
c. Internet protocol spoofing
d. URL masquerading
ANS: C PTS: 1
27. An IP Address:
a. defines the path to a facility or file on the web.
b. is the unique address that every computer node and host attached to the Internet must
have.
c. is represented by a 64-bit data packet.
d. is the address of the protocol rules and standards that governing the design of internet
hardware and software.
e. none of the above is true.
ANS: B PTS: 1
ANS: B PTS: 1
29. HTTP
a. is the document format used to produce Web pages.
b. controls Web browsers that access the Web.
c. is used to connect to Usenet groups on the Internet
Page 9 of 28
d. is used to transfer text files, programs, spreadsheets, and databases across the Internet.
e. is a low-level encryption scheme used to secure transmissions in higher-level () format.
ANS: B PTS: 1
ANS: C PTS: 1
31. The provision of computing power and disk space to client firms who access it from desktop PCs is known as
a. Computing-as-a-Service
b. Infrastructure-as-a-Service
c. Platform-as-a-Service
d. Software-as-a-Service
ANS: B PTS: 1
32. This class of cloud computing enables client firms to develop and deploy onto the cloud infrastructure consumer-
generated applications using facilities provided by the vendor.
a. Computing-as-a-Service
b. Infrastructure-as-a-Service
c. Platform-as-a-Service
d. Software-as-a-Service
ANS: C PTS: 1
Page 10 of 28
ANS: D PTS: 1
Page 11 of 28
4. Examples of one-time costs include all of the following except
a. hardware acquisition
b. insurance
c. site preparation
d. programming
ANS: B PTS: 1
8. When implementing a new system, the costs associated with transferring data from one storage medium to
another is an example of
a. a recurring cost
b. a data conversion cost
c. a systems design cost
d. a programming cost
ANS: B PTS: 1
Page 12 of 28
10. An example of an intangible benefit is
a. expansion into other markets
b. reduction in supplies and overhead
c. more efficient operations
d. reduced equipment maintenance
ANS: C PTS: 1
14. The formal product of the systems evaluation and selection phase of the Systems Development Life Cycle is
a. the report of systems analysis
b. the systems selection report
c. the detailed system design
d. the systems plan
ANS: B PTS: 1
Page 13 of 28
16. Recurring costs include all of the following except
a. data conversion
b. software maintenance
c. insurance
d. supplies
ANS: A PTS: 1
17. All of the following are reasons why new systems fail except
a. the user is not involved in the development of the system
b. system requirements are not clearly specified
c. systems analysts rely on prototyping models
d. system development techniques are ineffective
ANS: C PTS: 1
18. The systems steering committee is responsible for all of the following except
a. assigning priorities
b. determining whether and when to terminate systems projects
c. analyzing the technical feasibility of the project
d. budgeting funds for systems development
ANS: C PTS: 1
21. The degree of compatibility between the firm’s existing procedures and personnel skills and the requirements of
the new system is called
a. technical feasibility
b. operational feasibility
c. schedule feasibility
d. legal feasibility
ANS: B PTS: 1
22. The ability of a system to protect individual privacy and confidentiality is an example of
a. schedule feasibility
b. operational feasibility
c. legal feasibility
d. economic feasibility
ANS: C PTS: 1
Page 14 of 28
d. prioritizes the proposal in relation to other system proposals
ANS: A PTS: 1
24. Which step is not used to evaluate a systems proposal? An analysis of the project’s
a. feasibility factors
b. ability to eliminate nonessential activities and costs
c. ability to provide a competitive advantage to the firm
d. use of Computer Aided Software Engineering (CASE) tools in developing the system
proposal
ANS: D PTS: 1
25. Reasons that a new systems implementation may be unsuccessful include all of the following except
a. organizational restructuring required by the new system results in displaced workers
b. end users do not understand the strategic merits of the new system
c. employees are not trained to use the system
d. system development team members include representatives from end-user departments
ANS: D PTS: 1
Page 15 of 28
28. Systems analysis involves all of the following except
a. gathering facts
b. surveying the current system
c. redesigning bottleneck activities
d. reviewing key documents
ANS: C PTS: 1
30. After the systems analysis phase of the System Development Life Cycle (SDLC) is complete, the company will
have a formal systems analysis report on
a. the conceptual design of the new system
b. an evaluation of the new system
c. users’ needs and requirements for the new system
d. a comparison of alternative implementation procedures for the new system
ANS: C PTS: 1
31. The accountant’s role in systems analysis includes all of the following except
a. specify audit trail requirements
b. prepare data gathering questionnaires
c. suggest inclusion of advanced audit features
d. ensure mandated procedures are part of the design
ANS: B PTS: 1
Page 16 of 28
34. Aspects of project feasibility include all of the following except
a. technical feasibility
b. economic feasibility
c. logistic feasibility
d. schedule feasibility
ANS: C PTS: 1
37. The role of the accountant/internal auditor in the conceptual design phase of the Systems Development Life Cycle
includes all of the following except
a. the accountant is responsible for designing the physical system
b. the accountant is responsible to ensure that audit trails are preserved
c. the internal auditor is responsible to confirm that embedded audit modules are included in
the conceptual design
d. the accountant is responsible to make sure that the accounting conventions that apply to
the module are considered by the system designers
ANS: A PTS: 1
2. Which statement is not true? Computer Aided Software Engineering (CASE) technology
a. is commercially available software
b. reduces the productivity but increases the quality of the work of systems professionals
c. expedites the System Development Life Cycle
d. consists of upper and lower tools
ANS: B PTS: 1
3. The central repository of the Computer Aided Software Engineering (CASE) system contains
a. the program code
b. user prototype screens
c. data flow diagrams
d. all of the above
ANS: D PTS: 1
Page 17 of 28
4. Which is not a level of a data flow diagram?
a. conceptual level
b. context level
c. intermediate level
d. elementary level
ANS: A PTS: 1
5. Which level of a data flow diagram is used to produce program code and database tables?
a. context level
b. elementary level
c. intermediate level
d. prototype level
ANS: B PTS: 1
7. An advantage of the Computer Aided Software Engineering (CASE) model tool, which transforms the structure
diagram into machine language, is
a. it facilitates the auditors review of the system
b. it ensures that firm will use a specific CASE tool and vendor
c. it forces all system changes to be made through the data flow diagrams
d. it reduces the analysis required in designing the system
ANS: C PTS: 1
8. When maintaining a system that was developed using Computer Aided Software Engineering (CASE) tools,
a. the programmer must thoroughly review the program code
b. changes should be made directly to the structure diagram
c. significantly less time is required compared to maintenance activities for a system
developed without using Computer Aided Software Engineering (CASE) tools
d. the need for testing the modified application is eliminated
ANS: C PTS: 1
9. Which of the following is an advantage of the Computer Aided Software Engineering (CASE) approach?
a. the ability to easily revise the model during the development stage
b. the requirement that all program code and documentation be regenerated for each module
c. the cost of software engineering programs
d. user involvement is restricted to final stages of development
ANS: A PTS: 1
10. Which of the following is a disadvantage of the Computer Aided Software Engineering (CASE) approach?
a. source code produced by CASE tools is less efficient than code written by a skilled
programmer
b. alternative designs cannot be reviewed prior to implementation
c. system users are reluctant to become involved with the CASE approach
d. maintenance costs are increased
ANS: A PTS: 1
Page 18 of 28
d. starts with an abstract description of the system and redefines it to produce a more detailed
description of the system
ANS: C PTS: 1
12. The benefits of the object-oriented approach to systems design include all of the following except
a. this approach does not require input from accountants and auditors
b. development time is reduced
c. a standard module once tested does not have to be retested until changes are made
d. system maintenance activities are simplified
ANS: A PTS: 1
13. In the object-oriented systems design approach, the employee pay rate is an example of
a. an object
b. an attribute
c. an operation
d. a class
ANS: B PTS: 1
14. Ms. Andrews is a customer of the Edsell Company. In the object-oriented design approach
a. Ms. Andrews is an instance in the object class accounts receivable
b. the amount Ms. Andrews owes the Edsell Company is an operation
c. determining the amount past due is an attribute
d. the object class accounts receivable inherits all the attributes of Ms. Andrews
ANS: A PTS: 1
18. A commercial software system that is completely finished, tested, and ready for implementation is called a
a. backbone system
b. vendor-supported system
c. benchmark system
d. turnkey system
ANS: D PTS: 1
Page 19 of 28
19. Which of the following is not an advantage of commercial software? Commercial software
a. can be installed faster than a custom system
b. can be easily modified to the user’s exact specifications
c. is significantly less expensive than a system developed in-house
d. is less likely to have errors than an equivalent system developed in-house
ANS: B PTS: 1
20. Which step is least likely to occur when choosing a commercial software package?
a. a detailed review of the source code
b. contact with user groups
c. preparation of a request for proposal
d. comparison of the results of a benchmark problem
ANS: A PTS: 1
21. The output of the detailed design phase of the Systems Development Life Cycle (SDLC) is a
a. fully documented system report
b. systems selection report
c. detailed design report
d. systems analysis report
ANS: C PTS: 1
22. The detailed design report contains all of the following except
a. input screen formats
b. alternative conceptual designs
c. report layouts
d. process logic
ANS: B PTS: 1
23. When each element of information supports the user’s decision or task, the output is said to possess
a. completeness
b. summarization
c. conciseness
d. relevance
ANS: D PTS: 1
25. A report of accounts that are past due has many information attributes. The most important attribute is
a. summarization
b. timeliness
c. conciseness
d. exception orientation
ANS: D PTS: 1
26. When hardcopy forms are used as the source for electronic data input,
a. a paper audit trail is maintained
b. economies of scale in data collection are avoided
c. input errors are reduced
d. a point-of-sale terminal is required
Page 20 of 28
ANS: A PTS: 1
27. The most important design element for a hardcopy form that is used for electronic data input is that
a. the form is a standard size
b. the source document and the input screen are identical
c. instructions use active voice
d. sufficient copies of the form are prepared
ANS: B PTS: 1
28. Which of the following is not one of the problems that accounts for most systems failures?
a. poorly specified systems requirements
b. ineffective development techniques
c. lack of user involvement in systems development
d. insufficient dollar investment in the new system
ANS: D PTS: 1
32. System documentation is designed for all of the following groups except
a. systems designers and programmers
b. end users
c. accountants
d. all of the above require systems documentation
ANS: D PTS: 1
33. Which type of documentation shows the detailed relationship of input files, programs, and output files?
a. structure diagrams
Page 21 of 28
b. overview diagram
c. system flowchart
d. program flowchart
ANS: C PTS: 1
34. Typical contents of a run manual include all of the following except
a. run schedule
b. logic flowchart
c. file requirements
d. explanation of error messages
ANS: B PTS: 1
35. Computer operators should have access to all of the following types of documentation except
a. a list of users who receive output
b. a program code listing
c. a list of all master files used in the system
d. a list of required hardware devices
ANS: B PTS: 1
37. When converting to a new system, which cutover method is the most conservative?
a. cold turkey cutover
b. phased cutover
c. parallel operation cutover
d. data coupling cutover
ANS: C PTS: 1
1.Which of the following is NOT an implication of section 302 of the Sarbanes-Oxley Act?
a. Auditors must determine, whether changes in internal control has, or is likely to,
materially affect internal control over financial reporting.
b. Auditors must interview management regarding significant changes in the design or
operation of internal control that occurred since the last audit.
c. Corporate management (including the CEO) must certify monthly and annually their
organization’s internal controls over financial reporting.
d. Management must disclose any material changes in the company’s internal controls that
have occurred during the most recent fiscal quarter.
ANS: C PTS: 1
2. Which of the following is NOT a requirement in management’s report on the effectiveness of internal controls
over financial reporting?
a. A statement of management’s responsibility for establishing and maintaining adequate
internal control user satisfaction.
b. A statement that the organization’s internal auditors has issued an attestation report on
Page 22 of 28
management’s assessment of the company’s internal controls.
c. A statement identifying the framework used by management to conduct their assessment
of internal controls.
d. An explicit written conclusion as to the effectiveness of internal control over financial
reporting.
ANS: B PTS: 1
4. Supervision in a computerized environment is more complex than in a manual environment for all of the
following reasons except
a. rapid turnover of systems professionals complicates management's task of assessing the
competence and honesty of prospective employees
b. many systems professionals have direct and unrestricted access to the organization's
programs and data
c. rapid changes in technology make staffing the systems environment challenging
d. systems professionals and their supervisors work at the same physical location
ANS: D PTS: 1
6. Which is the most critical segregation of duties in the centralized computer services function?
a. systems development from data processing
b. data operations from data librarian
c. data preparation from data control
d. data control from data librarian
ANS: A PTS: 1
9. All of the following are control risks associated with the distributed data processing structure except
a. lack of separation of duties
b. system incompatibilities
Page 23 of 28
c. system interdependency
d. lack of documentation standards
ANS: C PTS: 1
10. Which of the following is not an essential feature of a disaster recovery plan?
a. off-site storage of backups
b. computer services function
c. second site backup
d. critical applications identified
ANS: B PTS: 1
12. The major disadvantage of an empty shell solution as a second site backup is
a. the host site may be unwilling to disrupt its processing needs to process the critical
applications of the disaster stricken company
b. intense competition for shell resources during a widespread disaster
c. maintenance of excess hardware capacity
d. the control of the shell site is an administrative drain on the company
ANS: B PTS: 1
14. For most companies, which of the following is the least critical application for disaster recovery purposes?
a. month-end adjustments
b. accounts receivable
c. accounts payable
d. order entry/billing
ANS: A PTS: 1
16. Some companies separate systems analysis from programming/program maintenance. All of the following are
control weaknesses that may occur with this organizational structure except
a. systems documentation is inadequate because of pressures to begin coding a new program
before documenting the current program
b. illegal lines of code are hidden among legitimate code and a fraud is covered up for a long
period of time
c. a new systems analyst has difficulty in understanding the logic of the program
Page 24 of 28
d. inadequate systems documentation is prepared because this provides a sense of job
security to the programmer
ANS: C PTS: 1
17. All of the following are recommended features of a fire protection system for a computer center except
a. clearly marked exits
b. an elaborate water sprinkler system
c. manual fire extinguishers in strategic locations
d. automatic and manual alarms in strategic locations
ANS: B PTS: 1
20. Typically, internal auditors perform all of the following tasks except
a. IT audits
b. evaluation of operational efficiency
c. review of compliance with legal obligations
d. internal auditors perform all of the above tasks
ANS: D PTS: 1
21. The fundamental difference between internal and external auditing is that
a. internal auditors represent the interests of the organization and external auditors represent
outsiders
b. internal auditors perform IT audits and external auditors perform financial statement audits
c. internal auditors focus on financial statement audits and external auditors focus on
operational audits and financial statement audits
d. external auditors assist internal auditors but internal auditors cannot assist external
auditors
ANS: A PTS: 1
Page 25 of 28
ANS: B PTS: 1
25. When planning the audit, information is gathered by all of the following methods except
a. completing questionnaires
b. interviewing management
c. observing activities
d. confirming accounts receivable
ANS: D PTS: 1
30. All of the following tests of controls will provide evidence about the physical security of the computer center
except
a. review of fire marshal records
b. review of the test of the backup power supply
c. verification of the second site backup location
d. observation of procedures surrounding visitor access to the computer center
ANS: C PTS: 1
Page 26 of 28
31. All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan
except
a. inspection of the second site backup
b. analysis of the fire detection system at the primary site
c. review of the critical applications list
d. composition of the disaster recovery team
ANS: B PTS: 1
34. Which of the following is not a generally accepted auditing standard general standard?
a. The auditor must have adequate technical training and proficiency.
b. The auditor must obtain sufficient, competent evidence.
c. The auditor must have independence of mental attitude.
d. All of the above are generally accepted auditing standard general standards.
ANS: B PTS: 1
35. The financial statements of an organization reflect a set of management assertions about the financial health of the
business. All of the following describe types of assertions except
a. that all of the assets and equities on the balance sheet exist
b. that all employees are properly trained to carry out their assigned duties
c. that all transactions on the income statement actually occurred
d. that all allocated amounts such as depreciation are calculated on a systematic and rational
basis
ANS: B PTS: 1
Page 27 of 28
ANS: A PTS: 1
Page 28 of 28