Which of the following describes the system used by a company as a testing approach that

utilises real transactions and files rather than hypothetical ones?

Walk-through.
Processing of test transactions.
Acceptance test.
Parallel conversion test.
Which of the following is least likely to be an accountant’s role in the software development life
cycle?
User
Consultant
Auditor
Programmer
When selecting a new accounting program, we need to perform a feasibility study for the
accounting information systems. Which of the following should be considered in the feasibility
study?
Consider costs; savings; controls; profit improvement and other benefits analysed by application
area.
Provide the preliminary plan for converting existing manual systems and clerical operations.
Provide management with assurance from qualified, independent consultants that the use of a
computer system appeared justified.
Include a report by the internal audit department that evaluated internal control features for each
planned application.
Which of the following is NOT one of the tangible or intangible benefits a company might obtain
from purchasing a new system?
Cost savings.
Improved customer service and productivity.
Improved decision making.
Resistance to change.
Organisations that buy rather than develop accounting information systems must still go through
the systems development life cycle.
True.
False.
Not proven.
All of the above.
Which of the following statements is false?
The psychological profiles of white-collar criminals differ from those of violent criminals.
The psychological profiles of white-collar criminals are significantly different from those of the
general public.
There is little difference between computer fraud perpetrators and other types of white-collar
criminals.
Some computer fraud perpetrators do not view themselves as criminals.
An auditor has just completed a review of an organisation that has a mainframe computer and
two database servers where all production data reside. Which of the following weaknesses would
be considered the MOST serious?
The security officer also serves as the database administrator.
Password controls are not administered over the two database servers.
There is no business continuity plan for the mainframe system's non critical applications.
Most local area networks (LANs) do not back up file-server-fixed disks regularly.
Which of the following is NOT one of the difficulties accountants have experienced in using the
traditional systems development life cycle?
Accounting information systems development projects are backlogged for years.
Changes are usually not possible after requirements have been frozen.
The accounting information system that is developed may not meet their needs.
All are difficulties with the software development cycle.
Once fraud has occurred, an organisation can use, the following in reducing losses sustained
from the fraud?
Insurance.
Regular backup of data and programs.
Contingency plan.
Segregation of duties.
Perpetrators redirect a website’s traffic to a bogus website, usually to gain access to personal and
confidential information of an organisation. What is this computer fraud technique called?
Vishing
Phishing
Pharming
Phreaking
Which of the following provides detailed procedures to resolve the problems resulting from a
flash flood that have completely destroyed a company’s data centre?
Backup plan.
Disaster recovery plan (DRP).
Business continuity plan (BCP).
Archive plan.
Which of the following BEST provides access control to payroll data being processed on a local
server?
Logging access to personal information.
Using separate passwords for sensitive transactions.
Using software that restricts access rules to authorised staff.
Restricting system access to business hours.
Financial statements that need to be stored securely for 10 years or more would most likely be
stored in which type of file?
Backup.
Archive.
Encrypted.
Log.
Which of the following is NOT a benefit derived from outsourcing by an organisation?
It offers a great deal of flexibility because it is relatively easy to change outsourcers.
It can provide access to the expertise and special services provided by outsourcers.
It allows companies to move to a more sophisticated level of computing at a reasonable cost.
It is a cost-effective way to handle the peaks and valleys found in seasonal businesses.
Under what circumstances is it appropriate for an organisation to use prototyping?
When there is little uncertainty about the accounting information system.
When it is clear what users’ needs are.
When the final accounting information system cannot be clearly visualised because the decision
process is still unclear.
When there is a very low likelihood of failure.
Confidentiality in the organisation focuses on protecting ______________.
Personal information collected from customers.
A company’s annual report stored on its website.
Merger and acquisition plans.
All of the above.
An organisation decides to purchase a software package instead of developing it. In such a case,
the design and development phases of a traditional software development life cycle would be
replaced with:
Selection and configuration phases.
Feasibility and requirements phases.
Implementation and testing phases.
Nothing; replacement is not required.
When a complete segregation of duties cannot be achieved in an online system environment,
which of the following accounting functions should be separated from the others?
Origination.
Authorisation.
Recording.
Correction.
A weakness that an attacker can take advantage of to either disable or take control of a system is
called a _____________.
Exploit
Patch
Vulnerability
Attack
Which type of audit involves a review of general and application controls, with a focus on
determining whether there is compliance with policies and adequate safeguarding of assets?
Information systems audit.
Financial audit.
Operational audit.
Compliance audit.