Principles Of Auditing & Other Assurance Services
21st Edition
ISBN: 9781259916984
Author: WHITTINGTON, Ray, Pany, Kurt
Publisher: Mcgraw-hill Education,
expand_more
expand_more
format_list_bulleted
Question
Chapter 8, Problem 29KOQ
To determine
Identify the appropriate answer related to the control to prevent the o prevent unauthorized access to sensitive programs in user operated computers system.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Controls over data management systems fall into two categories: access controls and backup controls. In the shared database environment, access control risks include corruption, theft, misuse, and destruction of data. These threats originate from both unauthorized intruders and authorized users who exceed their access privileges. Which of the following options is not part of controls over data management systems?
a. Employees that sharing the same computers need restriction for access to specific directories, programs, and data files by using multilevel password control.b. To recover data from disaster, organizations must implement policies and procedures and routinely provide backup copies of critical files.c. Database Administrator works closely with users and systems designers has primary responsibility for user view design and works closely with users and systems designers.d. Access to confidential data must be properly managed. Inference controls prevent users from inferring,…
Which of the following would reduce the effectiveness of internal control in an accountinginformation system?a. The computer librarian maintains custody of computer program instructions and detailed lists.b. Computer operators have access to operator instructions and detailed program lists.c. The control group is solely responsible for the distribution of all computer output.d. Computer programmers write and debug programs that perform routines designed by thesystems analyst.
Explain how internal control can be enhanced through the proper installation of Information Technology
Identify the risks for accounting systems that rely heavily on IT functions.
Distinguish between general controls and application controls and give examples at least five
Which duties should be segregated in a computer department?
Describe the typical duties of computer personnel.
What aspects of documentation, file security and retention control procedures are unique to computer systems?
What are the responsibilities of the database administrator (DBA) function?
Compare the risks associated with network environment to those associated with centralized IT functions.
Chapter 8 Solutions
Principles Of Auditing & Other Assurance Services
Ch. 8 - List and describe the major components of an...Ch. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Distinguish general control activities from...Ch. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - What is the difference between an Internet-based...Ch. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 21RQCh. 8 - Prob. 22QRACh. 8 - Prob. 23QRACh. 8 - Prob. 24QRACh. 8 - Prob. 25QRACh. 8 - Prob. 26QRACh. 8 - Prob. 27QRACh. 8 - Prob. 28QRACh. 8 - Prob. 29AOQCh. 8 - Prob. 29BOQCh. 8 - Prob. 29COQCh. 8 - Prob. 29DOQCh. 8 - When an online real-time (OLRT) IT processing...Ch. 8 - Prob. 29FOQCh. 8 - Prob. 29GOQCh. 8 - Prob. 29HOQCh. 8 - Prob. 29IOQCh. 8 - Prob. 29JOQCh. 8 - Prob. 29KOQCh. 8 - Prob. 29LOQCh. 8 - Prob. 30OQCh. 8 - Prob. 31OQCh. 8 - For each definition (or partial definition) in the...Ch. 8 - Prob. 33PCh. 8 - Prob. 34PCh. 8 - Prob. 35PCh. 8 - Prob. 36PCh. 8 - Prob. 37PCh. 8 - Prob. 38ITC
Knowledge Booster
Similar questions
- Many large companies use an electronic data interchange (EDI) to communicate with key customers and suppliers. Explain the benefits and risks involved when companies use EDI. Explain one way that the use of EDI affects internal controls and the auditor's testing.arrow_forwardIncreasing use of sophisticated EDP systems has produced significant changes in the accounting environment. Some of these changes are the following: documents that are used to enter information into the computer may exist for only a short time or only in computer-readable form. In some computer systems, input documents may not exist at all, because information is entered directly into the system. Computer processing uniformly subjects like transactions to the same processing instructions. Many internal control procedures, once performed by separate individuals in manual systems, may be combined in systems that use computer processing. The potential for individuals to gain unauthorized access to data or assets may be greater in computerized accounting systems than in manual systems. Required: For each of the changes, discuss the impact on the internal control system and the independent audit.arrow_forwardIs the following a potential control weakness? A computer network and personal computers support Marco accounting and inventory management systems. Personal computers are located in the offices and warehouse and a central server handles all accounting and inventory files. Printers are located in areas where employees need printed documents and other records routinely. The computer is used to control and process most transactions, to print documents, prepare accounting records, and prepare periodic financial statements. Marco uses commercial software recommended by their auditor. To date, they have had only the usual startup problems. They have used it for two years and have upgraded it once. Briefly explain the potential mistatement and recommended correction.arrow_forward
- Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (c) A criminal remotely accessed a sensitive database using the authentication credentials (user ID and strong password) of an IT manager. At the time the attack occurred, the IT manager was logged into the system at his workstation at company headquarters.arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (i)To facilitate working from home, an employee installed a modem on his office workstation. An attacker successfully penetrated the company’s system by dialing into that modem.arrow_forwardThe flowchart labeled Problem 14 depicts the responsibilities of an accounting clerk in a small company. Required Identify any control problems in the system. What sorts of fraud are possible in this system?arrow_forward
- Lamar LLC is in the process of updating its revenues and receivables systems with the implementation of new accounting software. James Loden, Inc. is an independent information technology consultant who is assisting Tamar with the project. James has developed the following checklist containing internal control points that the company should consider in this new implementation: Will all data entry clerks and accounting personnel have their own PCs with log‐in IDs and password protection?arrow_forwardThe ABC Company is switching from its legacy centralizedsystem to a fully distributed system. Underthe new model, all employees will work from PCsconnected to a local area network. a. Outline a plan of action to ensure that the propercontrols over hardware, software, data, people,procedures, and documentation are in place.b. Discuss any risks the company may face if thedevised plan is not implemented.arrow_forwarda. Allows multiple users to access the system at the same time. b. Enables the tracking of all transactions. Enterprise resource planning systems Identifies suspicious transactions or likely mistakes such as wrong account numbers or duplicate transactions. Audit trail Network-compatible Entry-level software Large-scale computer systems that integrate all aspects of the organization including accounting, sales, human resource management, and manufacturing. d. Internal control System for companies with revenues of less than $5 million and up to 20 employees. e. > >arrow_forward
- 3. Which of the following is not a computer facility control? (a) Place the data processing center where unauthorized individuals cannot gain entry to the facility. (b) Limit access to the data processing center all employees of the company. (c) Buy insurance to protect against loss of equipment in the computer facility. (d) Use advanced technology to identify individuals who are authorized access to the data processing center. 4.For internal control over computer program changes, a policy should be established requiring that: (a) All proposed changes be approved by a responsible individual and logged. (b) The programmer designing the change should be responsible for ensuring that the revised program is adequately tested. (c) All program changes be supervised by the information system control group. (d) To facilitate operational performance, superseded portions of programs should not be deleted from the program run manual.arrow_forward3. Which of the following is not a computer facility control? (a) Place the data processing center where unauthorized individuals cannot gain entry to the facility. (b) Limit access to the data processing center all employees of the company. (c) Buy insurance to protect against loss of equipment in the computer facility. (d) Use advanced technology to identify individuals who are authorized access to the data processing center. 4.For internal control over computer program changes, a policy should be established requiring that: (a) All proposed changes be approved by a responsible individual and logged. (b) The programmer designing the change should be responsible for ensuring that the revised program is adequately tested. (c) All program changes be supervised by the information system control group. (d) To facilitate operational performance, superseded portions of programs should not be deleted from the program run manual. 5. Auditing "around the computer": (a) Assumes that accurate…arrow_forwardLamar LLC is in the process of updating its revenues and receivables systems with the implementation of new accounting software. James Loden, Inc. is an independent information technology consultant who is assisting Tamar with the project. James has developed the following checklist containing internal control points that the company should consider in this new implementation: Will customer orders be received via the Internet? Are all collections from customers received in the form of checks? Are product quantities monitored regularly?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Accounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L