Professional Documents
Culture Documents
Duration : 3 hours
INSTRUCTION(S) TO CANDIDATES
APPROVED BY:
SECTION A: MULTIPLE CHOICE QUESTIONS
3. All of the following are internal control procedures that should be in place in the
conversion cycle EXCEPT
a. calculation and analysis of direct material and direct labor variances
b. retention of excess materials by work centers
c. physical count of inventory items on hand
d. limited access to raw material and finished goods inventories
6. Which steps in the Financial Accounting Process are in the correct sequence?
a. record the transaction, post to the ledger, prepare the adjusted trial balance,
enter adjusting entries, prepare financial statements
b. record the transaction, prepare the unadjusted trial balance, record
adjusting journal entries, record closing entries, prepare financial
statements
c. record the transaction, post to the ledger, record adjusting entries, prepare
the unadjusted trial balance, prepare financial statements
d. record the transaction, post to the ledger, prepare the adjusted trial balance,
prepare financial statements, record closing entries
2
7. Risk exposures in the General Ledger and Financial Reporting Systems include
all of the following EXCEPT
a. loss of the audit trail
b. unauthorized access to the general ledger
c. loss of physical assets
d. general ledger account out of balance with the subsidiary account
3
14. Which of the following statements is correct? The client-server model
a. is best suited to the token-ring topology because the random-access
method used by this model detects data collisions.
b. distributes both data and processing tasks to the server’s node.
c. is most effective used with a bus topology.
d. is more efficient than the bus or ring topologies.
17. Which statement is NOT correct? The audit trail in a computerized environment
a. consists of records that are stored sequentially in an audit file
b. traces transactions from their source to their final disposition
c. is a function of the quality and integrity of the application programs
d. may take the form of pointers, indexes, and embedded keys
18. The best control over access to data files in a personal computer environment is
a. passwords
b. removable hard drives
c. daily backups
d. independent verification
19. All of the following are designed to control exposures from subversive threats
EXCEPT
a. firewalls
b. one-time passwords
c. field interrogation
d. data encryption
4
20. Firewalls are
a. special materials used to insulate computer facilities
b. a system that enforces access control between two networks
c. special software used to screen Internet access
d. none of the above
[Total: 20 marks]
(a) Compare and contrast between the treatment of inventories in the traditional
manufacturing environment and the treatment of inventories in the world-class
manufacturing environment.
[4 marks]
(b) Elaborate on the key segregation of duties that should exist in the traditional
manufacturing environment.
[4 marks]
(c) The production planning department sends the work order to the work centre. At the
work centre the move ticket, job ticket, material requisitions and work order are
prepared respectively. The move ticket, job ticket and work order are sent to cost
accounting. The material requisition is sent to inventory control where the material
inventory records will be updated and later sent to cost accounting. Based on the
move ticket, job ticket, work order and material inventory records, the journal
voucher is then prepared and sent to the general ledger department. The cost
accounting department will subsequently compute the labour variance, material
variance and manufacturing overhead variance. This information will be collated
into a management report and submitted to the factory management.
Required:
i) Prepare a flowchart from the above narrative.
[4 marks]
ii) Identify two internal control weaknesses.
[2 marks]
iii) Identify the risks posed by these internal control weaknesses.
[2 marks]
[Total: 16 marks]
Question 2
(a) Data coding schemes are based on various coding techniques. Briefly define and
give an example of the following coding techniques:
i) Sequential codes
ii) Block codes
iii) Group codes
[7 marks]
5
(b) Identify and describe factors that must be considered before a coding scheme can be
designed and implemented for an organization.
[3 marks]
(c) The following diagram represents the warehouse layout for a company that keeps its
inventories in three warehouses. Design a coding scheme that will efficiently show
the exact location of the inventories. Briefly explain the coding scheme that you
have designed for the company.
[6 marks]
WAREHOUSE LAYOUT
* Three warehouse locations – Warehouses 1, 2 and 3. Each warehouse is
organized by aisles.
Aisle A
Aisle B
Aisle C
Aisle D
Aisle E
7
6
5
4
3
2
1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
[Total: 16 marks]
6
Question 3
(b) There are two basic types of management reports – programmed and ad hoc.
Describe each and give examples.
[4 marks]
[Total: 9 marks]
Question 4
(b) Your company is planning to implement an ERP system. Some managers in the
company favour the “big bang” approach. Others are advocating a “phased-in”
approach. The CEO has asked you, the Internal Audit Manager, to explain the
advantages and disadvantages of each approach and to make a recommendation on
which approach the company should take.
[6 marks]
(c) “SAP, the leading ERP system, uses user role as a way to improve internal control”.
Elaborate further on this statement.
[4 marks]
[Total: 14 marks]
Question 5
(a) Would the presence or absence of seals of assurance, such as TRUSTE and
WebTrust, influence your willingness as individual consumer to engage in electronic
commerce with that company? Why or why not? Would your answer differ if you
were a business owner, rather than individual consumer?
[4 marks]
(b) How could your university bookstore use the Internet to improve customer
interactions with students, faculties and staffs?
[4 marks]
[Total: 12 marks]
7
Question 6
(a) Equity Life Insurance Company is headquartered in Shah Alam, Selangor. The
company is very large, so it operates an enormous mainframe computer system.
Recently, someone broke the window of the main computer room by throwing
stones and caused a small fire in the room. Fortunately no injuries were reported
since it happened late at night. However, the central processing unit and three major
disk drives were damaged.
Is what happened in any way the company’s fault? What should the company do to
prevent similar incident from occurring again in the future?
[5 marks]
(c) Discuss some of the risks from subversive threats and how they can be controlled.
[4 marks]
(d) Output controls ensure that output is not lost, misdirected, or corrupted and that
privacy is not violated. What are some output exposures or situations where output
is at risk?
[2 marks]
[Total: 13 marks]