Chapter 6: Review Questions Solutions ( Accounting Information Systems)

In: Business and Management

Submitted By Dedan
Words 714
Pages 3
ACCT 305 Accounting Information Systems

Chapter 6 Review Questions 1. Several Unique problems and risks associated with computerized information networks are unauthorized access, use, disclosure, disruption, modification, or destruction 2. Elements included in an ISMS system such as hardware, databases, procedures, and reports. 3. Development of ISMS requires application of the life cycle approach for system maintenance purposes. 4. Risk Management is the identification, assessment, and prioritization of risks. 5. Quantitative Approach - each loss exposure is computed as the product of the cost of an individual loss times the likelihood of its occurrence.
Qualitative Approach – lists out the system’s vulnerabilities and threats and subjectively ranks them in order of their contribution to the company’s total loss exposures. 6. Types of threats that affect information systems a) Active threats include information systems fraud and computer sabotage. b) Passive threats include system faults, as well as natural disasters (e.g., earthquakes, floods, fires, and hurricanes). 7. Characteristics of white-collar criminal 8. Types of individuals pose a threat to an information system a) Computer and information systems personnel: are often given a wide range of access privileges to sensitive data and programs. b) Users: are given narrow access, but can still find ways to commit fraud. c) Intruders and attackers: are given no access, but are highly capable. 9. Types of intruders:- i. White hat hackers legitimately probe systems for weaknesses to help with security. ii. Black hat hackers attack systems for illegitimate reasons. iii. Grey hat hackers are white hat hackers who skirt the edges of the law. 10. Six methods that an individual might use to penetrate a computer…...

Similar Documents

Accounting Information System Chapter 1

...of Accounting Information Systems Chapter 1 The Information System: An Accountant’s Perspective 3 Introduction to Transaction Processing 31 Ethics, Fraud, and Internal Control 91 Chapter 2 I Chapter 3 1 CHAPTER The Information System: An Accountant’s Perspective nlike many other accounting subjects, such as intermediate accounting, accounting information systems (AIS) lacks a well-defined body of knowledge. Much controversy exists among college faculty as to what should and should not be covered in the AIS course. To some extent, however, the controversy is being resolved through legislation. The Sarbanes-Oxley Act (SOX) of 2002 established new corporate governance regulations and standards for public companies registered with the Securities and Exchange Commission (SEC). This wide-sweeping legislation impacts public companies, their management, and their auditors. Of particular importance to AIS students is the impact of SOX on internal control standards and related auditing procedures. Whereas SOX does not define the entire content of the AIS course, it does identify critical areas of study that need to be included for accountants. These topics and more are covered in the chapters of this text. The purpose of this chapter is to place the subject of AIS in perspective for accountants. Toward this end, the chapter is divided into three major sections, each dealing with a different aspect of information systems. The first section explores the information......

Words: 13048 - Pages: 53

Pricinples of Information Security, Chapter 5 Review Questions

...organization s information assets begins by creating or validating an existing security blueprint for the implementation of needed security controls to protect the information assets.  A framework is the outline from which a more detailed blueprint evolves.  The blueprint is the basis for the design, selection, and implementation of all subsequent security policies, education and training programs, and technologies.  The blueprint provides scaleable, upgradeable, and comprehensive security for the coming years.  The blueprint is used to plan the tasks to be accomplished and the order in which to proceed. What is information security governance? Governance is “the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that the enterprise’s resources are used responsibly.”1 Governance describes the entire process of governing, or controlling, the processes used by a group to accomplish some objective. Just like governments, corporations and other organizations have guiding documents—corporate charters or partnership agreements—as well as appointed or elected leaders or officers, and planning and operating procedures. These elements in combination provide corporate governance. Each operating unit within an organization also has controlling customs, processes, committees, and practices. The......

Words: 4589 - Pages: 19

Accounting Information System Ch06 Solution

...Accounting Information Systems CHAPTER 6 CONTROL AND ACCOUNTING INFORMATION SYSTEMS SUGGESTED ANSWERS TO DISCUSSION QUESTIONS 6.1 a. The "internal environment" refers to the tone or culture of a company and helps determine how risk consciousness employees are. It is the foundation for all other ERM components, providing discipline and structure. It is essentially the same thing as the control environment in the internal control framework. The internal environment also refers to management's attitude toward internal control, and how that attitude is reflected in the organization's control policies and procedures. At Springer's, several deficiencies in the control environment are apparent 1. Management authority is concentrated in three family members, so there are few, if any, checks and balances on their behavior. In addition, several other relatives and friends of the family are on the payroll. Since the company has a "near monopoly" on the business in the Bozeman area, there are few competitive constraints that might otherwise restrain prices, wages, and other business practices. Lines of authority and responsibility are loosely defined within the company, which would make it difficult to identify who might be responsible for any particular problem or decision. Management may have engaged in "creative accounting" to make its financial performance look better, which suggests a management philosophy that could encourage unethical behavior among......

Words: 6258 - Pages: 26

Chapter 2 Review Questions Solutions

...Chapter 2 Review Questions Solutions 1. Describe and compare the six sources of software. The six sources of software identified in the textbook are: (1) information technology services firms, (2) packaged software providers, (3) vendors of enterprise solution software, (4) application service providers and managed service providers, (5) open-source software, and (6) in-house development. IT services firms help companies develop custom information systems for internal use; they develop, host, and run applications for customers; or they provide other services. An IT services firm may be chosen if the system can’t be developed internally or requires customer support. Packaged software providers are companies that produce software exclusively, like Microsoft or Intuit, and are preferable if the task needing the system is generic. Vendors of enterprise solution software create a system that is composed of a series of integrated modules. Each module supports a business function, such as accounting, or human resources. ERP systems may be appropriate if a complete system is required that can cross functional boundaries. A more intense option for larger, more customizable solutions are Managed service providers who can provide more services than application service providers. ASPs and MSPs may be appropriate when instant access to an application is desired, and in the case of ASPs, when the task is generic. Open-source software is a type of software that is developed......

Words: 897 - Pages: 4

Inf 336 - Chapter 6 - Review Questions

...Chapter 6 Review Questions Andrea Ley Berenz INF 336 Prof. Lori Deere August 2, 2013 Chapter 6 Review Questions * Describe the differences between needs identification and defining commercial equivalents and discuss why it is preferable to separate into two stages. The first two steps of the acquisition process are essential to meeting the needs of the company properly. Needs identification is where a purchase begins and when the what, the how much and the when something is needed is determined. When this is done, figuring out the options available to fulfill that need and making sure that it is described in a way that potential suppliers will understand, or defining the commercial equivalent, takes place. I believe that the textbook describes it best: “Many options exist for fastening two pieces of wood together. Using a nail is only one option. Grooving the two pieces of wood using a staple, bolt or screw, or glue are others. Specifying the need first and then identifying the variety of options to meet the need leave the door open to lower cost and better, more innovative, solutions.” (Johnson, Lendeers & Flynn, 2011) These two steps are best tackled separately as making sure that the need is correctly explained will ensure the correct solution is found and that the option chosen is the right fit for the company. * Interpret the value to the organization when early supplier involvement (ESI) is implemented effectively. “Early supply......

Words: 647 - Pages: 3

Chapter 6 Review Questions

...Miguel Berrios July 28, 2013 Chapter 6 Review Questions 1. How does the WBS differ from the project network? The WBS differs from the project network in several ways. The WBS is hierarchical while the project network is sequential. The work packages of the WBS are identified independently of other work packages, have definite start and finish points, require specific resources, include technical specifications and have cost estimates. Networks provide the project schedule by identifying dependencies, sequencing, and timing of activities. 2. How are WBS and project networks linked? Project networks are developed from the WBS. Work packages from the WBS are used to build the activities found in the project network. The network uses the time estimates from the WBS to generate dates for the project. Integration of the WBS and project network is crucial to effective project management. 3. Why bother creating a WBS? Why not go straight to a project network and forget the WBS? Project networks depend on the WBS because work packages from the WBS are used to develop the project network. A network activity can include one or more work packages but all activity time estimates are derived from the task times in the work package. Unlike the project network, the WBS defines all the elements of the project in a hierarchical framework and establishes their relationships to project deliverables. 4. Why is slack important to the project......

Words: 541 - Pages: 3

Chapter 6 Review Questions

...add a symbol/special character to the password. 3. One of your employees is unable to gain access to the network because she left her smart card at home. Keeping in mind that your network has fairly high security guidelines, which of the following choices is the most secure solution for this situation? A: d. Create a temporary smart card for her with a certificate that expires at the close of the business day. 4. You are the main administrator for an enterprise environment consisting of four domains in separate locations. Your network is becoming increasingly difficult to manage due to the number of users in separate geographic locations. Each location has people who are willing to learn to maintain their part of the network. In addition, as departments grow, you want each department to have control over their user accounts and resources. The CEO has asked you to come up with a plan to set up decentralized administration. What will you include in your plan? A: Delegation of control to each admin of each sub-domain, Standardized naming system for OU’s computers, and users. 5. Which tool must you use to move a user object from one domain to another domain? A: c. Movetree 6. You are attempting to use the Run As program to open Active Directory Users And Computers, but you receive an error message and are unable to do this. What should you check? A: d. Check to make sure the Secondary Logon service is running. 7. What must you have in......

Words: 425 - Pages: 2

Accounting Information System Chapter 3

...Report on Book Chapter Series in Chapter 3 Transaction Processing EAST WEST UNIVERSITY Course Title: Accounting Information System Course Code: ACT 430 Sec: 01 Submitted to Nikhil Chandra Shil Department of Business Administration East West University Submitted by Name | ID | Md. Saiful Islam | 2011-1-10-293 | Md. Sariful Islam | 2011-1-10-286 | Saad Abduallah | 2011-1-10-362 | Sakil Ahamed Dip MD.Khanzarul Islam | 2011-3-10-149 2011-1-10-428 | Date of Submission: 25th November, 2014 November 25, 2014 Nikhil Chandra Shil Bachelor of Business Administration East West University Subject: Submission of report on Accounting Information System in chapter 3. Dear Sir, We would like to take this opportunity to thank you for the guidance and support you have provided us during this course of this report. Without your help, this report would have been impossible to complete. To prepare the report we collected what we believe to be most relevant information to make our report as analytical and reliable as possible. We have concentrated our best effort to achieve the objectives of the report and hope that our endeavor will serve the purpose. The practical knowledge and experience gathered during report preparation will immeasurably help in our future professional life. We request you to excuse us for any mistake that may occur in the report......

Words: 9514 - Pages: 39

Chapter 2 Review Questions Principles of Information Security

...1. Information security is more of a management issue because it is up to management to decide what end users should have access to and what they should not. Also technology can only do what it is told to do but if management sets up training to teach end users about the threats of say opening an unknown email then the company is safer. 2. Without data an organization loses its record of transactions and/or its ability to deliver value to its customers. Page 42 Principles of Information Security 3. Both general and It management 4. It has created more and the reason why is it is much easier to spread viruses, worms, etc. now that the can get from system to system without having to attach to a physical disc. 5. Information extortion occurs when an attacker or trusted insider steals information from a computer system and demands compensation for its return or for an agreement not to disclose it. Page 60 Principles of Information Security. An example would be if someone would steal the latest album from a well-known artist before its release date and demanded to be paid or it would be released onto the internet. 6. Employees are one of the biggest threats for several reasons the can accidently allow someone access to the system by installing a back door or it is possible for them to become angry with the company and just hand out IP to rival companies. It is also possible that they could accidently delete valuable data from the system that has no backup. 7. Make sure......

Words: 908 - Pages: 4

Accounting Information System Questions

...of custom menus and so you recommend using KDE, which does. 11 2. Once in a while after your system has been improperly shut down, such as during a power outage, it reboots into the command line. After you log in, what command can you use to start XWindow and your desktop? a. gui b. xwin c. startx d. run gui 3. You want to delete several old files in your home directory.Which of the following is a good tool to use for this purpose in GNOME? a. Nautilus b. System Tray c. My Computer d. GNUFile 4. Which of the following is a good tool to use for finding and deleting files in KDE? (Choose all that apply.) a. KFiler b. Kabinet c. Knop d. Konqueror 5. Which of the following areWindow Managers that can be used with XWindow? (Choose all that apply.) a. fvwm b. sawfish c. kwm d. Window Maker 6. A new inventory specialist in your company inherited a computer that has KDE installed, but the operating system boots into the command line instead of starting KDE automatically.What can the inventory specialist do to have her computer go into KDE automatically at startup? a. Press Ctrl+g while the system is booting. b. Press Alt+g while the system is booting. c. Change the .bashrc file to contain the ./KDE command. d. Edit the /etc/inittab file to have the line id:5:initdefault:. 7. Which of the following would you find in the Kicker in KDE by default? (Choose all that apply.) a. applets b. system monitor button c. network connect launcher d. K Menu 8. The colleague at the desk next to......

Words: 1397 - Pages: 6

Chapter 6 Review Questions one is certain of their purpose. What steps can be taken to ensure a way for others to know the purpose of a script? C. Require that script writers place comment lines inside the scripts using the # symbol to begin each command line. 2. Which of the following shells enable the use of scripts? (Choose all that apply.) A. Bash B. csh D. zsh 3. You frequently use the command ls-a and want to save time by just entering l to do the same thing. Which of the following commands enables you to set your system to view hidden files by only entering l? D. alias l= "ls -a" 4. You have written a script, but when you run it there is an error. Which of the following commands can you use to debug your script? (Choose all that apply.) B. sh -v D. sh –x 5. You have written a shell program that creates four temporary files. Which of the following commands can you use to remove these files when the script has completed its work? A. trap 6. Which of the following commands work well for menus used in a script? (Choose all that apply.) B. case 7. You are currently in the soruce directory, which is the new directory you have just created for storying and running your scripts. You want to make certain that the source directory is in your default path. Which of the following commands enable you to view the current default path settings? D. echo $PATH 8. You have created a script for use by your entire department in a commonly accessed......

Words: 356 - Pages: 2

Chapter 1—Introduction to Accounting Information Systems

...Chapter 1—Introduction to Accounting Information Systems TRUE/FALSE 1. The three themes of the text are operating systems, e-business, and internal control. ANS: F 2. In an assurance service the accountant will provide the original information used for decision making. ANS: F 3. Financial care for the elderly has been identified by the AICPA as a potential assurance service. ANS: T 4. Wireless technologies was identified as one of the ten most important 2006 technological challenges and opportunities facing CPAs. ANS: T 5. Knowledge of Microsoft Access was identified as one of the ten most important 2006 technological challenges and opportunities facing CPAs. ANS: F 6. Enterprise systems provide complete integration of an organization’s business events and information processing systems. ANS: T 7. An information system consists of an integrated set of computer-based and manual components established to provide information to users. ANS: T 8. Internal control is a process that provides complete assurance that the organization is meeting its objectives, such as efficiency and effectiveness of operations and reliable reporting. ANS: F 9. The Sarbanes-Oxley Act of 2002 has dramatically changed the daily work of financial accountants and auditors. ANS: T 10. According to the Sarbanes-Oxley Act of 2002, management must identify, document, and evaluate significant internal controls. ANS: T 11. According to......

Words: 3539 - Pages: 15

Pricinples of Information Security, Chapter 3 Review Questions

...Week 2, Chapter 3 Name: ------------------------------------------------- Review Questions p. 114 Assignment 3          1. What is the difference between law and ethics? Laws are formally adopted rules for acceptable behavior in modern society. Ethics are socially acceptable behaviors. The key difference between laws and ethics is that laws carry the authority of a governing body, and ethics do not. Ethics in turn are based on cultural mores: the fixed moral attitudes or customs of a particular group. Some ethical standards are universal. For example, murder, theft, assault, and arson are actions that deviate from ethical and legal codes throughout the world. 2. What is civil law, and what does it accomplish? Civil law comprises a wide variety of laws that govern a nation or state and deal with the relationships and conflicts between organizational entities and people. 3. What are the primary examples of public law? criminal, administrative, and constitutional law 4. Which law amended the Computer Fraud and Abuse Act of 1986, and what did it change? the National Information Infrastructure Protection Act of 1996, which modified several sections of the amended the Computer Fraud and Abuse Act of 1986 and increased the penalties for selected crimes. The punishment for offenses prosecuted under this statute varies from fines to imprisonment up to 20 years, or both. The severity of the penalty depends on the value of the information obtained and...

Words: 1517 - Pages: 7

Accounting Information System Chapter 1

...CHAPTER 1 ACCOUNTING INFORMATION SYSTEMS: AN OVERVIEW SUGGESTED ANSWERS TO DISCUSSION QUESTIONS 1.1 The value of information is the difference between the benefits realized from using that information and the costs of producing it. Would you, or any organization, ever produce information if its expected costs exceeded its benefits? If so, provide some examples. If not, why not? Most organizations produce information only if its value exceeds its cost. However, there are two situations where information may be produced even if its cost exceeds its value. a. It is often difficult to estimate accurately the value of information and the cost of producing it. Therefore, organizations may produce information that they expect will produce benefits in excess of its costs, only to be disappointed after the fact. b. Production of the information may be mandated by either a government agency or a private organization. Examples include the tax reports required by the IRS and disclosure requirements for financial reporting. 1.2 Can the characteristics of useful information listed in Table 1-1 be met simultaneously? Or does achieving one mean sacrificing another? Several of the criteria in Table 1.1 can be met simultaneously. For example, more timely information is also likely to be more relevant. Verifiable information is likely to be more reliable. However, achieving one objective may require sacrificing another. For example, ensuring that information is more......

Words: 137115 - Pages: 549

Chapter Review Question Solutions

...Chapter 3 ANSWERS TO QUESTIONS Q3­1 A primary objective of financial reporting is to provide information that is useful to present and potential investors and creditors and other users in making rational investment, credit, and similar decisions. An accounting system is the means by which a company records and stores the financial and managerial information from its transactions so that it can retrieve and report the information in an accounting statement. A double­entry system standardizes the method that a company uses to record changes in its accounts resulting from various transactions or events. For each transaction or event that a company records, the dollar amount of the debits entered in all the related accounts must be equal to the total dollar amount of the credits. These debit or credit entries affect two or more accounts in the assets, liabilities, and stockholders' equity (including the temporary accounts). All normal accounts on the left side of the accounting equation (assets) are increased by debits and decreased by credits whereas accounts on the right side of the equation (liabilities and stockholders' equity) are increased by credits and decreased by debits. A permanent account is an account whose balance at the end of the accounting period is carried forward into the next accounting period. Examples: Cash, Accounts Payable, Capital Stock. A temporary account is an account that is used temporarily to determine the change in retained earnings that occurred......

Words: 25366 - Pages: 102

Sheila On 7 - Film Favorit | #57. Savaş İlânı | Nuevas Series