1

1IT for Accountants Sample Final Exam Semester 1/2012The exam will compose of 30 multiple choices (approximately 3 questions from each lecture) and 4 essay questionsIt is noted that this sample exam is used to guide the students to prepare for the examPart I: Multiple choice questions1. Who is an internal user of an Accounting Information System? A) Stockholder B) Investor

C) Manager D) Customer2. The transaction processing cycle that is concerned with the events related to the collection of customer payment and issue a customer invoice isA) productionB) revenueC) financialD) expenditure3. What is the supporting business process in the value chain model?A) Inbound sales logisticsB) Outbound sales logisticsC) OperationsD) Human resources4. What is one of the objectives of Internal Control Process?A)Monitoring

B) ComplianceC) Risk assessmentD) Communication5. Which is NOT the phase in the system development projects?A) System analysisB) System implementationC) System programmingD) System design26. What are NOT the elements of internal control process?A. Control environment, Risk assessmentB. Control environment, Control activitiesC. Control activities, Information and CommunicationD. Information and Communication, Operational assessment7. In the preparation of a logical data flow diagram for a payroll system, which of the following symbols could be used to indicate the employee data?A) magnetic disk symbolB) data store symbolC) terminator symbol

D) input/output symbol8. Which technique is NOT used in the system design phase?A. Data flow diagramB. InterviewC. System flowchartingD. Input/output analysis9. Which is correct about flowchart and dataflow diagram?A. Both flowchart and dataflow diagram has a process symbolB. A data store is shown in a flowchart C. Input/output is used in a dataflow diagramD. Decision is used in a dataflow diagram 10. Which is NOT a component of Enterprise Risk Management?A. Internal EnvironmentB. Event IdentificationC. Risk AssessmentD. Quality Assurance11. What are common exposures in an organization?A) Deficient revenueB) Loss of assetsC) Excessive costsD) All of the above312. Management's philosophy and operating style are part of which component of internal control?A) Control activitiesB) Control environmentC) Information and communicationD) Monitoring13. In transaction processing controls, which one refers to “act to uncover errors after they have occurred”?A) PreventativeB) DetectiveC) CorrectiveD) All of the above14. The component of Enterprise Risk Management which composes of the controls designed to provide reasonable assurance that the following control objectives are met is calledA) Control environmentB) Control activitiesC) Monitoring D) Information and Communication15. The component of Enterprise Risk Management which involves the ongoing process of assessing the quality of internal controls over time and taking corrective actions to ensure the control remain effective is called

A) Control environmentB) Control activitiesC) Monitoring D) Information and Communication16. In the context of information security, which term is defined as “ensuring timely and reliable access to and use of information”A) AvailabilityB) ConfidentialityC) IntegrityD) None of the above417. In the context of information security, which term is defined as “guarding against improper information modification or destruction”A) ConfidentialityB) IntegrityC) AvailabilityD) None of the above18. Which is the use of system access control?A) Card-key systemB) Biometric hardware authenticationC) Close-circuit televisionD) User ID and Password19. Which is true about the incremental backup?A) Back up all file in a diskB) Back up only those files that have been modified since the last backupC) Back up only those files that have been deleted since the last backupD) None of the above20. Which is NOT the component of control environment?A) Management philosophy and operating styleB) Board of director and its committeesC) Internal audit functionD) Internal influences21. Which of the followings defined quantitative approach in analyzing vulnerabilities and threats?A) The system’s vulnerabilities and threats are subjectively ranked in order of their contribution to the company’s total loss exposureB) Cost of individual loss multiply likelihood of the financial lossC) Cost of individual loss multiply likelihood of its occurrenceD) Both of A and C22. The last step in the procurement process should beA) preparation of the purchase orderB) vendor paymentC) selection of a vendor

D) invoice verification523. Which procurement document is available in SAP ERP?A. ContractsB. QuatationC. Purchase requisitionD. All of the above 24. Which is NOT the human resource module in SAP ERP?A. Personnel AdministrationB. Personnel PlanningC. Personnel DevelopmentD. All of the above are the human resource module in SAP ERP25. Which system approach is more flexible than the traditional approach but requires constant communication between analyst and users?A. System Development Life CycleB. Agile approachC. Waterfall approachD. Big-Design-Up-Front approach26. From a cost standpoint, the phase of systems development in which the least money is spent compare toany other area is ________. A) systems analysisB) systems designC) systems implementationD) systems planning27. During a stage of survey the present system, which is NOT a source for gathering facts inside an organization?A. InterviewB. QuestionnaireC. ObservationD. Industry journal28. The document that graphically shows the actual and planned times for the majoractivities of a systems implementation project is the A) Gantt chartB) Network diagramC) PERT diagramD) HIPO chart629. Once system design alternatives have been laid out and documented, they must be evaluated. The primary criteria for selecting the alternative for implementation purposes should be A) cost versus benefitsB) simplicity versus complexityC) user acceptance of the alternativeD) feasibility

30. Which is NOT the consideration for data input design? A) relevanceB) AccuracyC) uniformityD) cost-effectivenessPart II: Essay Question (the real exam has 4 essay questions)

Identify and explain four components of Enterprise Risk ManagementEnterprise risk management is a process, effected by an entity’s board of directors, management andother personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity and manage risk to be within its risk appetite,to provide reasonable assurance regarding the achievement of entity objectives.ERM CONSIST OF 8 COMPONENTS

1. Internal Environment2. Objective Setting3. Event Identification4. Risk Assessment5. Risk Response6. Control Activities7. Information and Communication8. Monitoring

CONTROL ENVIRONMENT :Factors included in the control environment are as follows:

The first component of internal control is the control environmentFactors included in the control environment are as follows:

Integrity and ethical values

Commitment to competence

Management philosophy and operating style

Human resource policies and procedures

Organizational structure

Attention and direction provided by the board of directors and its committeesManner of assigning authority and responsibility

Human resource policies and procedures

Risk assessment

The second component of internal control is risk assessment Risk assessment is the process of identifying, analyzing, and managing risks that affect the company’s objectivesControl activitiesThe third component of internal control is control activities

These include accounting controls designed to provide reasonable assurance that the

following control objectives are met:Segregation of duties

Design and use of adequate

documents and records

Access to assets is permitted only in accordance with management’s authorization.Independent checks and reviews are made on the accountability of assets and performanceInformation processing controls are applied to check the proper authorization, accuracy,and completeness of individual transactions.

INFORMATION AND COMUCINCATIONThe fourth component of internal control is information and communication Information refers to theorganization’s accounting system Communication relates to providing a clearunderstanding regarding all policies and procedures relating to controlsWhat is an audit trail?An audit trail is comprised of the documentary evidence of the various control techniques thata transaction was subject to during its processing

MONITORINGThe fifth component of internal control is monitoring It involves the ongoing process of assessing the quality of internal controls over time and taking corrective actions when necessary to ensure the controls remain effective

The COSO report “Guidance on Monitoring Internal Control Systems”

presents a three-phase model for monitoring

1. Establish foundation for monitoring

2. Design and execute monitoring procedures that are based on risk

3. Assess and report the results

2. Discuss all step in a procurement business processProcurement is the business process of selecting a source, ordering, and acquiring goods or services. Obtained internally PURCHASED

.

Draw a CONTEXT dataflow diagram to collect the timesheet and pay the employee.

4. Discuss each stage of System Development Life Cycle

Planning. This phase is the first step of any system's life cycle. It is during this phase that a need to acquire or significantly enhance a system is identified, its feasibility and costs are assessed, and the risks and various project-planning approaches are defined. Roles and responsibilities for the Asset Manager, Sponsor's Representative, System Development Agent (SDA), System Support Agent (SSA), and other parties in SDLC policy are designated during this stage and updated throughout the system's life cycle.

ANALYSIS : This phase begins after the project has been defined and appropriate resources have been committed. The first portion of this phase involves collecting, defining and validating functional, support and training requirements. The second part is developing initial life cycle management plans, including project planning, project management, Configuration Management (CM), support, operations, and training management.

3. Design. During this phase, functional, support and training requirements are translated into preliminary and detailed designs. Decisions are made to address how the system will meet functional requirements. A preliminary (general) system design, emphasizing the functional features of the system, is produced as a high-level guide. Then a final (detailed) system design is produced that

expands the design by specifying all the technical detail needed to develop the system.Implementation. During this phase, the new or enhanced system is installed in the production environment, users are trained, data is converted (as needed), the system is turned over to the sponsor, and business processes are evaluated. This phase includes efforts required to implement, resolve system problems identified during the implementation process, and plan for sustainment.

5. What is internal control? Why it is important in the use of an accounting system?7What is internal control?

Overall, it a process implemented by a company's Board of Directors and Management, designed to provide reasonable assurance regarding objectives in the following areas:

1. Effectiveness and efficiency of operation in the business

2. Reliability of Reporting

3. Compliance with applicable rules, laws, and Regulations governed by GAAP, FASB, and GASP

Accounting systems provides businesses with a uniform way to use a company's data and financial information to strategize in the areas listed above.

There are five key elements of implementing internal control:

1. Environmental control

2. Risk Assessment

3. Control Procedures

4. Monitoring of all of the above - the overall system

The reason these issues are so important is that it ultimately protects the company from fraud and collusion. In addition to criminal injuries, good internal control is necessary to inform the management of abuses or inconsistencies vis a vie over-production, poor production, or inadequate production by both personnel and equipment. For example, manufacturing production controls must be stringently adhered to. If a machine is off by 5% in making a product, the ramifications of this downturn could be a disaster. Simiiarly with people. People in an organization need to know what is expected of them up front. This comes with good controls. It then becomes easier to monitor their commitment, production

and success at their job. Numbers do not only belong in the front office. For a business to run successfully, all employees need to know production numbers, reality of achieving those numbers and can contribute mightily to enable production to increase based on their input.

In short, we could write pages about internal controls. Suffice to say that this is just a snippet of information about running a business. If you are a small business owner, an example of internal controls would be the issuance of a purchase order to your supplier, a receiving ticket created by you when product is received, and matched to an invoice when received. Although internal controls can sound sophisticated and overly-complicated, the bottom line is that you must know your business, understand all facets of your business, and in general ALWAYS control the money. Start with that and then we can go to using GAAP and FASB.