GEN COMBO LL PRINCIPLES OF AUDITING & OTHER ASSURANCE SERVICES; CONNECT AC
21st Edition
ISBN: 9781260427202
Author: Ray Whittington, Kurt Pany
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 33P
a.
To determine
Explain a database in the information system department of a company.
b.
To determine
Explain one fundamental advantage of the database.
c.
To determine
Explain three security measures to safeguard the database system from improper access through the terminals.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
Listed here are five scenarios. For each scenario, discuss the possible damages that can occur. Suggest a preventive control.a. An intruder taps into a telecommunications device and retrieves the identifying codes and personal identification numbers for ATM cardholders. (The user subsequently codes this information ontoa magnetic coding device and places this strip on a piece of cardboard.)b. Because of occasional noise on a transmission line, electronic messages received are extremely garbled.c. Because of occasional noise on a transmission line, data being transferred is lost or garbled.d. An intruder is temporarily delaying important strategic messages over the telecommunications lines.e. An intruder is altering electronic messages before the user receives them.
Listed here are two scenarios. For each scenario, discuss the possible damages that can occur.Suggest a preventive control.A. An intruder taps into a telecommunications device and retrieves the identifying codes andpersonal identification numbers for ATM cardholders. (The user subsequently codes thisinformation onto a magnetic coding device and places this strip on a blank bank card.)B. Because of occasional noise on a transmission line, electronic messages received are extremelygarbled.Problem # 4 (30
Computer accounting control procedures are referred to as general or application controls. The primary objective of application controls in a computer environment is toa. ensure that the computer system operates efficiently.b. ensure the validity, completeness, and accuracy of financial transactions.c. provide controls over the electronic functioning of the hardware.d. plan for the protection of the facilities and backup for the systems.
Chapter 8 Solutions
GEN COMBO LL PRINCIPLES OF AUDITING & OTHER ASSURANCE SERVICES; CONNECT AC
Ch. 8 - List and describe the major components of an...Ch. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Distinguish general control activities from...Ch. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - What is the difference between an Internet-based...Ch. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 21RQCh. 8 - Prob. 22QRACh. 8 - Prob. 23QRACh. 8 - Prob. 24QRACh. 8 - Prob. 25QRACh. 8 - Prob. 26QRACh. 8 - Prob. 27QRACh. 8 - Prob. 28QRACh. 8 - Prob. 29AOQCh. 8 - Prob. 29BOQCh. 8 - Prob. 29COQCh. 8 - Prob. 29DOQCh. 8 - When an online real-time (OLRT) IT processing...Ch. 8 - Prob. 29FOQCh. 8 - Prob. 29GOQCh. 8 - Prob. 29HOQCh. 8 - Prob. 29IOQCh. 8 - Prob. 29JOQCh. 8 - Prob. 29KOQCh. 8 - Prob. 29LOQCh. 8 - Prob. 30OQCh. 8 - Prob. 31OQCh. 8 - For each definition (or partial definition) in the...Ch. 8 - Prob. 33PCh. 8 - Prob. 34PCh. 8 - Prob. 35PCh. 8 - Prob. 36PCh. 8 - Prob. 37PCh. 8 - Prob. 38ITC
Knowledge Booster
Similar questions
- The ABC Company is switching from its legacy centralizedsystem to a fully distributed system. Underthe new model, all employees will work from PCsconnected to a local area network. a. Outline a plan of action to ensure that the propercontrols over hardware, software, data, people,procedures, and documentation are in place.b. Discuss any risks the company may face if thedevised plan is not implemented.arrow_forwardLamar LLC is in the process of updating its revenues and receivables systems with the implementation of new accounting software. James Loden, Inc. is an independent information technology consultant who is assisting Tamar with the project. James has developed the following checklist containing internal control points that the company should consider in this new implementation: Will customer orders be received via the Internet? Are all collections from customers received in the form of checks? Are product quantities monitored regularly?arrow_forwardYou have been assigned to review the payment system of an enterprise. The finance director suspects that some duplicate payments may have been made. List five control procedures which you would expect to find.arrow_forward
- Leonard Moses is planning to grow its customer base and is in the process of creating an online web-based sales ordering system for customers to purchase products using personal credit cards for payment. At a recent meeting with the internal auditors, it was highlighted that there are risk associated with this system. Identify three risks related to an online sales system that management should consider. For each risk, identify an internal control that could be implemented to reduce that risk.arrow_forwardAs an added measure, a company has set up its network so that computers that currently log in through the central authentication system (CAS) can log in even if the network is unavailable (through a system of stored password information). This move would be most closely associated with which CIIA goals: Confidentiality and Integrity O Integrity and Availability Confidentiality and Accessibility O Confidentiality and Availabilityarrow_forward3. Which of the following is not a computer facility control? (a) Place the data processing center where unauthorized individuals cannot gain entry to the facility. (b) Limit access to the data processing center all employees of the company. (c) Buy insurance to protect against loss of equipment in the computer facility. (d) Use advanced technology to identify individuals who are authorized access to the data processing center. 4.For internal control over computer program changes, a policy should be established requiring that: (a) All proposed changes be approved by a responsible individual and logged. (b) The programmer designing the change should be responsible for ensuring that the revised program is adequately tested. (c) All program changes be supervised by the information system control group. (d) To facilitate operational performance, superseded portions of programs should not be deleted from the program run manual. 5. Auditing "around the computer": (a) Assumes that accurate…arrow_forward
- 3. Which of the following is not a computer facility control? (a) Place the data processing center where unauthorized individuals cannot gain entry to the facility. (b) Limit access to the data processing center all employees of the company. (c) Buy insurance to protect against loss of equipment in the computer facility. (d) Use advanced technology to identify individuals who are authorized access to the data processing center. 4.For internal control over computer program changes, a policy should be established requiring that: (a) All proposed changes be approved by a responsible individual and logged. (b) The programmer designing the change should be responsible for ensuring that the revised program is adequately tested. (c) All program changes be supervised by the information system control group. (d) To facilitate operational performance, superseded portions of programs should not be deleted from the program run manual.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.arrow_forwardExplain how internal control can be enhanced through the proper installation of Information Technology Identify the risks for accounting systems that rely heavily on IT functions. Distinguish between general controls and application controls and give examples at least five Which duties should be segregated in a computer department? Describe the typical duties of computer personnel. What aspects of documentation, file security and retention control procedures are unique to computer systems? What are the responsibilities of the database administrator (DBA) function? Compare the risks associated with network environment to those associated with centralized IT functions.arrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (f) A company purchased the leading “off-the-shelf” e-commerce software for linking its electronic storefront to its inventory database. A customer discovered a way to directly access the database by entering appropriate SQL code.arrow_forwardIdentify risks for potential fraud, stealing, or information exposure by reviewing the general ledger/journal numbers. Consider the following in your response: Determine whether established security procedures are being followed. Examine roles and access to data. Determine if approval paths meet the level of security for the task. Receiving Procedures Goods are delivered directly to the requesting office. The requestor receives the goods and packing slip. After the goods or services have been received the packing slip should be signed indicating receipt of goods and scanned and emailed to accounts payable. Approval Paths: Transactions Involving Purchase Orders Accounts payable receives the appropriate documentation from the pertinent department indicating goods and services have been received. A three-way match of the purchase order, invoice, and receiving document is performed and approved by accounts payable. Once approved by accounts payable, a payment voucher is created in…arrow_forwardMatch the following terms with their definitions. (Use each definition only once.) A (Consider the following definitions.) Term Definition More Info 1. Internal control 2. Control procedures 3. Firewalls a. Two or more people working together to overcome internal controls. 4. Encryption b. Part of internal control that ensures resources are not wasted. 5. Environment c. Requires companies to review internal control and take responsibility for the accuracy and completeness of their financial reports. 6. Information system d. Should be prenumbered to prevent theft and inefficiency. 7. Separation of duties e. Limits access to a local network. 8. Collusion f. Example: The person who opens the bank statement should not also be the person who is reconciling cash. 9. Documents g. Identification of uncertainties that may arise due to a company's products, services or operations. 10. Audits h. Examination of a company's financial statements and accounting system by a trained accounting…arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Accounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,
Auditing: A Risk Based-Approach (MindTap Course L...AccountingISBN:9781337619455Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:Cengage Learning
Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Auditing: A Risk Based-Approach (MindTap Course L...
Accounting
ISBN:9781337619455
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:Cengage Learning
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L