Chapter 09 Data Analytics in Accounting Multiple Choice Questions

1. Which of the following is the best definition of the term big data?
A. Databases measured in terms of zettabytes.
B. Datasets that are too large and complex for businesses’ existing systems utilizing traditional
capabilities.
C. Databases for businesses that generate more than one million electronic transactions per
month.
D. Datasets generated by social media applications such as Facebook, Twitter, Tencent QQ, and
Instagram.

2. How does data analytics play a vital role in today’s business world?
A. By allowing data to be organized into predefined tables and fields.
B. By defining three main categories of classes that help organize a company’s data structure
models.
C. By examining data to generate models for predictions of patterns and trends.
D. By capturing the ever-increasing transaction activity of large companies.

3. The three Vs are considered a defining feature of big data. Which of the following is the best
definition of the term big data?
A. Volition, veracity, & velocity.
B. Variety, visibility, & valuation.
C. Volume, velocity, & variety.
D. Volume, variability, & veracity.

4. As described in the text, which of the following best defines the term data analytics?
A. The ability to analyze data and draw conclusions.
B. The science of reducing extremely large datasets down to more manageable databases that
can be processed using traditional tools.
C. The process of creating meaningful visualizations from extremely large datasets.
D. The science of examining raw data, removing excess noise, and organizing it in order to
draw conclusions for decision making.

5. At its core, data analytics fits into the information value chain in which of the following ways?
A. The process of data analytics aims at transforming raw data into valuable information.
B. Data analytics aims to make an organization’s conversion process more efficient.
C. Data analytics requires organizations to share synced data with upstream and downstream
business partners.
D. The process of data analytics is geared toward providing additional insight into customer
activities and preferences.

6. Raw data often must be scrubbed to remove extraneous data and other noise in order to
become useful. This technique is known as:
A. Process, Scrub, and Import.
B. Extract, Transform, and Load.
C. Evaluate, Depopulate, and Finalize.
D. Filter, Coordinate, and Upload.

1
7. Data analytics professionals estimate that they spend how much of their time cleaning data in
order to perform analysis on it?
A. 10-15%.
B. 20-30%.
C. 50 – 90%.
D. 99+%.

8. Which of the following best summarizes the two key limiting factors for business systems when
dealing with Big Data?
A. Data storage capacity and processing power.
B. Data availability and software tools.
C. Database organization and transaction volume.
D. Analytic skills and software tools.

9. The insight provided through data analytics can help companies in all of the following ways
except:
A. Dictate the policies of external business partners.
B. Create more directed marketing campaigns.
C. Identify future opportunities and risks.
D. Affect internal business processes in order to improve productivity, utilization and growth.

10. Which of the following is the most likely application of data analytics for accountants to develop
expertise in?
A. Directed marketing campaigns.
B. Scientific research.
C. Medical testing.
D. Domain knowledge of business functional areas.

11. Which of the following areas of financial reporting is most suitable for applying data analytics
techniques?
A. Evaluation of estimates and valuations.
B. Variance reporting.
C. Calculating the components of equity.
D. Depreciation.

12. Which of the following best desribes the skill sets used in data analytics?
A. Building data warehouses; Populating data structures; Mining the data.
B. Acquiring/cleansing data; Creating data structures/models; Mining/analyzing data.
C. Developing data structures/models; Acquiring storage capacity; Analyzing the data.
D. Creating data; Building data structures; Piloting data studies.

2
13. Which of the following best describes how external auditors’ interactions with their clients is
likely to change due to the use of data analytics in the audit process?
A. External auditors will spend less time on audits and will not need to spend time with clients
outside the audit.
B. External auditors will spend more time on detailed audit tasks, resulting in longer audit
engagements.
C. External auditors will only interact with their clients virtually.
D. External auditors will stay engaged with clients beyond the audit.

14. Which of the following best describes the AICPA’s Audit Data Standards (ADS)?
A. The base level of testing procedures that should be performed on AIS data.
B. A set of analytic procedures designed to be used with modern ERPs’ large datasets.
C. A set of standards for data files and fields designed to support external audits.
D. The codification of all auditing guidelines pertaining to the data generated by AISs.

15. Which of the following is a set of standards created by the AICPA for data files and fields in
order to support external audits?
A. Extract, Transform & Load (ETL).
B. Online Analytical Processing (OLAP).
C. Audit Control Language (ACL).
D. Audit Data Standards (ADS).

16. Which of the following would not by itself be considered personally identifying information?
A. Date of birth.
B. Social Security Number.
C. Passport number.
D. Driver’s Licence ID.

17. The definition of personally identifying information is important to companies because it helps
identify the types of information that need to be protected. It is also important for which of the
following reasons?
A. It helps identify the associations between data elements required to develop an application’s
class model.
B. It helps identify elements that can be stripped out of datasets in order to reduce data
protection requirements.
C. It helps identify potential data anomalies.
D. It eliminates the need for companies to protect other types of information.

18. Which of the following best describes what is meant by a breach of security?
A. Breaking into a locked room.
B. An unencrypted data transmission.
C. The unauthorized access to or acquisition of data in an electronic format that contains
personal information.
D. Access of personal information on a corporate server.

3
19. Which of the following is not one of the Excel tools described as useful for data analytics?
A. Calculated Field.
B. Tableau.
C. Slicers.
D. Power Pivot.

20. One of the benefits of using Tableau is its ability to connect to a wide variety of data sources.
Once connected to those sources, users can do which of the following?
A. Create calculated fields.
B. Build relationships between data sources.
C. All of the other answers are correct.
D. Create data visualizations.

4
Chapter 10
Reporting Processes and eXtensible Business Reporting Language
(XBRL)
1. Data mining is considered a technique of
A. Data Warehousing
B. Project Management
C. Data Martian
D. Business Intelligence

2. A data warehouse may include:

A. An XBRL style sheet
B. General Economic Information
C. A digital Dashboard
D. An iPad Mini

3. Ford may use business intelligence:

A. To track the cost of parts on its vehicles.
B. To monitor the price of their pilots and flight attendants
C. To analyze indicators of quality issues to pinpoint potential machinery failures in its assembly
plants
D. As inputs for its tax reporting system.

4. A collection of information gathered from an assortment of external and operational (i.e.,

internal) databases to facilitate reporting for decision making and business analysis is called:
A. Business intelligence
B. Data Warehouse
C. Digital Dashboard
D. XBRL

5. The steps in business intelligence include:

A. Gather Information, Analyze Data for Patterns, Make Decision
B. Analyze Data for Patterns, Gather Information, Make Decision
C. Create Data Warehouse, Query Data Warehouse, Make Decision
D. Create Data Warehouse, Analyze Data for Patterns, Make Decision

6. Digital Dashboards track which of the following in a user-friendly way:

A. Airplane speed
B. Critical business failures
C. Critical business processes
D. Critical business projects

5
7. XBRL GL, or XBRL Global Ledger Taxonomy, is different from XBRL US GAAP because it facilitates:
A. Efficient communication between the firm and financial analysts.
B. Efficient communication within a firm.
C. Efficient communication between the firm and its suppliers.
D. Efficient communication between the firm and its customers.

8. XBRL stands for

A. eXtensible Business Reporting Language
B. eXtensible Behavioral Reporting Language
C. eXtensible Book Reporting Language
D. eXtensible Basic Reporting Language

9. In February 2009, the _____________ passed the rule requiring all large domestic publicly traded
firms to begin formatting their financial statements using XBRL.
A. Financial Accounting Standards Board.
B. International Accounting Standards Board.
C. American Institute of Certified Public Accountants.
D. Securities and Exchange Commission.

10. The process of using sophisticated statistical techniques to extract and analyze data from large
databases to discern patterns and trends that were not previously known is called:
A. Data Mart
B. Data Mining
C. Data Warehouse
D. Business Intelligence

11. The tool that defines and describes each key data element (e.g., total assets, accounts, payable,
net income, etc.) in XBRL is called _________:
A. XBRL specification.
B. XBRL taxonomy.
C. XBRL style sheet.
D. XBRL instance document.

12. A computer-based information system that facilitates business decision-making activities is called

a:
A. Data Warehouse
B. Digital Dashboard
C. Decision Support System
D. Data Mart.

6
 13. Which of the following is often used as the main repository of a company’s historical data (i.e.,
its corporate memory)?
E. The operational system.
F. The data warehouse.
G. The XBRL instance document.
H. Its digital dashboard.

14. Before data from multiple sources can be loaded into the data warehouse, which of the
following activities must be performed?
A. The company must obtain explicit permission from all public and private data sources before
their data can be used in the data warehouse.
B. Operational system reports must be run, as the extraction process that loads the data
warehouse
usually deletes the data from the operational system.
C. Data inconsistencies must be removed so that the warehouse has homogeneous data for
analysis and reporting purposes.
D. The operational system must create and file the appropriate XBRL instance document with the
SEC.

15. Data Mining uses which of the following approaches to analyze data and find new patterns and
trends?
A. Data normalization.
B. Data scrubbing.
C. Decision Support Systems.
D. Sophisticated statistical techniques.

16. When using a Data Mining approach for business analysis, it is important to remember which of
the following?
A. All relationships between data items mean that one item has an impact on the other.
B. Data patterns and trends must be obvious before we can consider them in the business
decision
making process.
C. Relationships between data items do not necessarily mean that one causes the other.
D. Data mining should be performed in the operational system, not the data warehouse.

17. Data mining may uncover relationships in which no causality should be implied. In these cases,
which of the following phases would be most appropriate?
A. “A improves B.”
B. “A has an impact on B.”
C. “A is associated with B.”
D. “A enhances B.”

18. Which of the following metrics would be least likely to show up on a Digital Dashboard?
A. Accumulated depreciation for the previous year.
B. Month-to-date sales.

7
 C. Budget variances.
D. Number of accident-free days.

19. When using a Data Mining approach for business analysis, it is important to remember which
of the following?
A. All relationships between data items mean that one item has an impact on the other.
B. Data patterns and trends must be obvious before we can consider them in the business
decision making process.
C. Relationships between data items do not necessarily mean that one causes the other.
D. Data mining should be performed in the operational system, not the data warehouse.

20. Which of the following best describes the use of XBRL style sheets?
A. Style sheets determine which elements may be used when companies submit their XBRL filing.
B. Style sheets are another name for XBRL instance documents.
C. Style sheets allow for presentation of selected data from XBRL documents in a way that
humans can read.
D. Style sheets determine the formatting of numbers and text in the XBRL taxonomy.

Chapter 11 AIS and Internal Controls

Multiple Choice Questions and Answers
1. Which of the following statement is correct regarding internal control?
A. A well-designed internal control environment ensures the achievement of an entity’s control
objectives.
B. An inherent limitation to internal control is the fact that controls can be circumvented by
management override.
C. A well-designed and operated internal control environment should detect collusion perpetrated
by two people.
D. Internal control in a necessary business function and should be designed and operated to detect
errors and fraud.

2. A manufacturing firm identified that it would have difficulty sourcing raw materials locally,
so it decided to relocate its production facilities. According to COSO, this decision represents which
of the following response to the risk?
A. Risk reduction.
B. Prospect theory.
C. Risk sharing.
D. Risk acceptance.

3. Controls in the information technology area are classified into preventive, detective, and
corrective
categories. Which of the following is preventive control?
A. Contingency planning.
B. Hash total.
C. Echo check.

8
 D. Access control software.

4. When considering internal control, an auditor should be aware of reasonable assurance,

which
recognizes that
A. Internal control may be ineffective due to mistakes in judgment and personal carelessness.
B. Adequate safeguards over access to assets and records should permit an entity to maintain
proper accountability.
C. Establishing and maintaining internal control is an important responsibility of management.
D. The cost of an entity’s internal control should not exceed the benefits expected to be
derived.

5. The overall attitude and awareness of a firm’s top management and board of directors
concerning
the importance of internal control is often reflected in its
A. Computer-based controls.
B. System of segregation of duties.
C. Control environment.
D. Safeguards over access to assets.

6. According to AS 5, control risk should be assessed in terms of

A. Specific controls.
B. Types of potential fraud.
C. Financial statement assertions.
D. Control environment factors.

7. An auditor assesses control risk because it

A. is relevant to the auditor’s understanding of the control environment.
B. provides assurance that the auditor’s materiality levels are appropriate.
C. indicates to the auditor where inherent risk may be the greatest.
D. affects the level of detection risk that the auditor may accept .

8. The framework to be used by management in its internal control assessment under

requirements of SOX is the:
A. COSO internal framework.
B. COSO enterprise risk management framework.
C. COBIT framework.
D. All of the above are correct.

9. The internal control provisions of SOX apply to which companies in the United States?
A. All companies.
B. SEC registrants.
C. All issuer (public) companies and nonissuer (nonpublic) companies with more than
$100,000,000 of net worth.
D. All nonissuer companies.

10. Reconciliation of cash accounts may be referred to as what type of control?

A. Detective.

9
 B. Preventive.
C. Adjustive.
D. Non-routine.

11. Sound internal control dictates that immediately upon receiving checks from customers by
mail, a responsible employee should
A. Add the checks to the daily cash summary.
B. Verify that each check is supported by a pre-numbered sales invoice.
C. Prepare a summary listing of checks received.
D. Record the checks in the cash receipts journal.

12. Tracing shipping documents to pre-numbered sales invoices provides evidence that
A. No duplicate shipments or billings occurred.
B. Shipments to customers were properly invoiced.
C. All goods ordered by customers were shipped.
D. All pre-numbered sales invoices were accounted for.

13. A customer intended to order 100 units of a product A, but incorrectly ordered nonexistent
product B. Which of the following controls most likely would detect this error?
A. Validity check
B. Record count
C. Hash total
D. Parity check

14. Which of the following best describes what is meant by corporate governance?
A. The organizational structure and responsibilities of the executive team and board of directors of
a corporation.
B. Regulatory bodies, such as the SEC and PCAOB, that govern the behavior of corporations.
C. The ability of a corporation’s management team to meet earnings forecasts over an
extended period of time..
D. Management’s processes, policies, and ethical approach to safeguarding stakeholder
interests.

15. The Sarbanes-Oxley Act (SOX) was passed as a response to which of the following events?
A. The savings & loan scandals of the 1980s.
B. The bust of dot-com bubble companies such as pets.com and Webvan.
C. Corporate reporting scandals by companies such as WorldCom, Enron, and Tyco.
D. Securities manipulation and insider trading in the 1930s.

16. In a computerized environment, internal controls can be categorized into which of the
following?
A. General controls and application controls.
B. Detective controls and protective controls.
C. Network controls and transaction controls.
D. Preventive controls and mandatory controls.

17. In the event identification component of the COSO ERM framework, management must
classify events into which of the following?
A. Weaknesses and vulnerabilities.
B. Risks and opportunities.

10
 C. Risks and rewards.
D. Controls and vulnerabilities.

18. In addition to focusing on controls, COBIT 5 expands its scope by incorporating which of the
following broad perpsectives?
A. How IT brings value to the firm.
B. How IT can automate specific business processess.
C. IT networking requirements.
D. IT cost reductions.

19. The IT Infrastructure Libarary (ITIL) is considered a de facto standard in which of the
following regions?
A. Asia and Australia.
B. North America.
C. The UK.
D. Europe.

20. The ISO 27000 Series of standards are designed to address which of the following?
A. Corporate governance.
B. Internal controls.
C. Information security issues.
D. IT value.

Chap 12
21. Which of the following statements is incorrect about digital signatures?
A. A digital signature can ensure data integrity.
B. A digital signature also authenticates the document creator.
C. A digital signature is an encrypted message digest.
D. A digital signature is a message digest encrypted using the document creator’s public key.

22. When client’s accounts payable computer system was relocated, the administrator provided
support through a dial-up connection to server. Subsequently, the administrator left the
company. No changes were made to the accounts payable system at that time. Which of the
following situations represents the greatest security risk?
A. User passwords are not required to the in alpha-numeric format.
B. Management procedures for user accounts are not documented.
C. User accounts are not removed upon termination of employees.
D. Security logs are not periodically reviewed for violations.

23. Bacchus, Inc. is a large multinational corporation with various business units around the world.
After a fire destroyed the corporation headquarters and largest manufacturing site, plans for
which of the following would help Bacchus ensure a timely recovery?
A. Daily backup.
B. Network security.
C. Business continuity.

11
 D. Backup power.

24. Which of the following statements about asymmetric-key encryption is correct?

A. When using asymmetric-key encryption method, a total of two keys are necessary in
electronic communication between two parties.
B. Employees in the same company share the same public key.
C. Most companies would like to manage the private keys for their employees.
D. Most companies would like to use a Certificate Authority to manage the public keys of their
employees.
E. Two of the above are correct.

25. Why do Certificate Authority (CA) play an important role in a company’s information security
management?
A. Using a CA is required by SOX in managing information security.
B. Most companies use CA to manage their employees’ public keys.
C. CA creates and maintains both the public and private keys for a company’s employees.
D. None of the above is correct.

26. Why would companies want to use digital signatures when conducting e-business?
A. They are cheap.
B. They are always the same so it can be verified easily.
C. They are more convenient than requiring a real signature.
D. They can authenticate the document sender and maintain data integrity.

27. Asymmetric-key encryption uses which of the following techniques to allow

users to communicate securely?
A. A message digest.
B. A 16-bit encryption key.
C. A public key and a private key.
D. A digital signature.

28. A Public Key Infrastructure (PKI) provides the ability to do which of the
following?
A. Encrypt messages using a private key.
B. Enable debit and credit card transactions.
C. Read plaintext.
D. Issue, maintain, and revoke digital certificates.

29. Which of the following groups is responsible for conducting fraud risk
assessment for an organization?
A. The External Auditor.
B. The Audit Committee.
C. The Internal Audit group.
D. Management.

30. Which of the following statements is most accurate with regard to business
continuity management (BCM) and disaster recovery planning (DRP)?

12
A. DRP is an important component of BCM.
B. BCM and DRP should be considered independently of each other.
C. BCM is an important component of DRP.
D. DRP should be considered as optional, while BCM should be considered
as necessary.

13