Accounting Information Systems 13th
Edition: Chapter 7
With answers
Threat - answer-any potential adverse occurrence
Exposure/Impact - answer-The potential dollar loss from a threat
Internal Controls - answer-are the processes implemented to provide reasonable
assurance that the following objectives are achieved:
-safeguard assets
-maintain records in sufficient detail to report company assets accurately and fairly.
-Provide accurate and reliable info
-prepare financial reports in accordance with established criteria
-promote and improve operational efficiency
-encourage adherence to prescribe managerial policies
-comply with applicable laws and regulations
3 functions internal controls perform - answer-1. Preventive controls: deter problems
before the arise
2.Detective controls: discover problems that are not prevented
3.corrective controls: identify and correct problems as well as correct and recover from
the resulting errors
2 categories internal controls are segregated into - answer-1. general controls: make
sure an organization's control environment is stable and well managed.
2.application controls: prevent, detect, and correct transaction errors and fraud in the
application programs.
Belief system - answer-describes how a company creates value, helps employees
understand MGMT's vision, communicates company core values, and inspires
employees to live by those values
Boundary system - answer-helps employees act ethically by setting boundaries on
employee behavior. Instead of telling employees exactly what to do, they are encouraged
to creatively solve problems and meet customer needs while meeting minimum
performance standards, shunning off-limit activities, and avoiding actions that might
damage their reputation
Diagnostic control system - answer-measures, monitors, and compares actual company
progress to budgets and performance goals. feedback helps management adjust and
fine-tune inputs and processes so future outputs are closely matched goals
, Interactive control system - answer-helps managers to focus subordinates' attention on
key strategic issues and to be more involved in their decisions. are interpreted and
discussed in face to face meetings of superiors, subordinates, and peers.
Foreign Corrupt Practices Act (FCPA) - answer-Prevent companies from bribing foreign
officials to obtain business.
Sarbanes-Oxley Act (SOX) - answer-Applies to publicly held companies and their
auditors and was designed to prevent financial statement fraud, make financial reports
more transparent, protect investors, strengthen internal controls, and punish executives
who perpetrate fraud.
Public Company Accounting Oversight Board (PCAOB) - answer-control the auditing
profession. Sets and enforces auditing, quality control, ethics, independence, and other
auditing standards. It consists of 5 people who are appointed by the SEC.
Control Objectives for Information and Related Technology (COBIT) - answer-
consolidates control standards from many different sources into a single framework that
allows:
1) Management to benchmark security and control practices of IT environments.
2) users to be assured and adequate IT security and controls exist
3)auditors to substantiate their internal control opinions and to advise IT security and
control matters.
COBIT 5 framework - answer-1. Meeting stakeholder needs
2. Covering the enterprise end to end
3.applying a single, integrated framework
4. enabling a holistic approach
5.separating governance from management
Committee of Sponsoring Organization (COSO) - answer-consists of the AICPA, the
institute of internal auditors, the institute of MGMT accountants, and the financial exec
institute
Internal Control-Integrated Framework (IC) - answer-widely accepted as the authority on
internal controls and is incorporated into policies, rules, and regulations used to control
business activities.
Enterprise Risk Management- Integrated Framework (ERM) - answer-the process the
board of directors and management use to set strategy, identify events that may affect
the entity. Assess and manage risk, and provide reasonable assurance that the company
achieves its objectives and goals.
Principals of ERM - answer--Companies are formed to create value for their owners
Edition: Chapter 7
With answers
Threat - answer-any potential adverse occurrence
Exposure/Impact - answer-The potential dollar loss from a threat
Internal Controls - answer-are the processes implemented to provide reasonable
assurance that the following objectives are achieved:
-safeguard assets
-maintain records in sufficient detail to report company assets accurately and fairly.
-Provide accurate and reliable info
-prepare financial reports in accordance with established criteria
-promote and improve operational efficiency
-encourage adherence to prescribe managerial policies
-comply with applicable laws and regulations
3 functions internal controls perform - answer-1. Preventive controls: deter problems
before the arise
2.Detective controls: discover problems that are not prevented
3.corrective controls: identify and correct problems as well as correct and recover from
the resulting errors
2 categories internal controls are segregated into - answer-1. general controls: make
sure an organization's control environment is stable and well managed.
2.application controls: prevent, detect, and correct transaction errors and fraud in the
application programs.
Belief system - answer-describes how a company creates value, helps employees
understand MGMT's vision, communicates company core values, and inspires
employees to live by those values
Boundary system - answer-helps employees act ethically by setting boundaries on
employee behavior. Instead of telling employees exactly what to do, they are encouraged
to creatively solve problems and meet customer needs while meeting minimum
performance standards, shunning off-limit activities, and avoiding actions that might
damage their reputation
Diagnostic control system - answer-measures, monitors, and compares actual company
progress to budgets and performance goals. feedback helps management adjust and
fine-tune inputs and processes so future outputs are closely matched goals
, Interactive control system - answer-helps managers to focus subordinates' attention on
key strategic issues and to be more involved in their decisions. are interpreted and
discussed in face to face meetings of superiors, subordinates, and peers.
Foreign Corrupt Practices Act (FCPA) - answer-Prevent companies from bribing foreign
officials to obtain business.
Sarbanes-Oxley Act (SOX) - answer-Applies to publicly held companies and their
auditors and was designed to prevent financial statement fraud, make financial reports
more transparent, protect investors, strengthen internal controls, and punish executives
who perpetrate fraud.
Public Company Accounting Oversight Board (PCAOB) - answer-control the auditing
profession. Sets and enforces auditing, quality control, ethics, independence, and other
auditing standards. It consists of 5 people who are appointed by the SEC.
Control Objectives for Information and Related Technology (COBIT) - answer-
consolidates control standards from many different sources into a single framework that
allows:
1) Management to benchmark security and control practices of IT environments.
2) users to be assured and adequate IT security and controls exist
3)auditors to substantiate their internal control opinions and to advise IT security and
control matters.
COBIT 5 framework - answer-1. Meeting stakeholder needs
2. Covering the enterprise end to end
3.applying a single, integrated framework
4. enabling a holistic approach
5.separating governance from management
Committee of Sponsoring Organization (COSO) - answer-consists of the AICPA, the
institute of internal auditors, the institute of MGMT accountants, and the financial exec
institute
Internal Control-Integrated Framework (IC) - answer-widely accepted as the authority on
internal controls and is incorporated into policies, rules, and regulations used to control
business activities.
Enterprise Risk Management- Integrated Framework (ERM) - answer-the process the
board of directors and management use to set strategy, identify events that may affect
the entity. Assess and manage risk, and provide reasonable assurance that the company
achieves its objectives and goals.
Principals of ERM - answer--Companies are formed to create value for their owners
