NOTE: Halfed-ass draft (to edit to

proper formatting)
del Valle, Eliseah Jemela BSA 4A Date: September, 27, 2021
ACCTG432

1. There are two types of professional services: attest and advisory. Attest services
involve a professional issuing a written communication that assesses the
reliability of a written assertion provided by another party. Advisory services
involve a professional developing findings, conclusions, and recommendations
that a client can use for decision-making.

2. A CPA firm's assessment of a company's fees depends on the strength of its

internal controls. The firm's reliance on the work of internal auditors is determined
by the organization's structure and who the auditor’s report to. If the internal
auditor does not report directly to the board of directors, their position may be
compromised. This could lead to the CPA firm putting less reliance on the
internal auditor's work, and as a result, charge the company higher fees.

3. Audits consist of three phases: planning, conducting, and reporting. In the

planning phase, auditors conduct interviews and need strong oral communication
skills. In the conducting phase, auditors need to be able to communicate
effectively with the client's employees. In the reporting phase, strong written
communication skills are essential.

4. One of the key differences between auditing an IT environment as opposed to a

manual system is the way in which evidence is gathered. In a manual system,
auditors would gather evidence through physical documentation and interviews
with relevant personnel. However, in an IT environment, the data needed to
conduct audit tests is stored in computer files. This means that auditors need to
use specialized software to extract the relevant information from the files.

5. The separation of duties is a vital part of IT security, as it helps to reduce the risk
of malicious breaches and protect the confidentiality, availability, and integrity of
information. However, segregating functions in an IT environment is pointless, as
only humans can compromise integrity, not programs.

6. Information technology (IT) environments are complex and ever-changing,

making supervision more crucial than ever. One of the challenges for IT
 management is finding and keeping qualified employees, as well as evaluating
their skills and competencies. Additionally, managers must be mindful of the
ethical and moral principles governing their IT employees. It has been observed
that those in the data processing industry often enjoy the challenge of
circumventing controls, so adequate and detailed supervision is essential.

7. The IT environment affects the firm's obligation to maintain adequate accounting

records. The data in an IT environment is saved and stored electronically, and no
physical documents exist. This makes the audit trail not available for
accountants. The firm must keep good records of their operation meticulously so
that the accountants can easily comprehend the information.

8. Human behavior is one of the potential threats to the integrity of computer

systems. This is because humans are susceptible to making errors or committing
fraud. If an employee has access to a company's computer system and knows
how the system works, they can make unauthorized changes that could harm the
company's operations.

9. An inadequate segregation of duties is a problem in the personal computer

environment because it exposes the company to risks if an employee has access
to many programs that process incompatible transactions. This may compromise
the employee's integrity and lead to fraud or other malicious activity.

10. Flat file data management environments typically feature a single-user approach,
in which each user has their own data files that are structured and organized to
meet their individual needs. This ownership concept means that users are
responsible for their own data, rather than sharing it with others. This can be a
benefit, as it gives users more control over their data, but it can also be a
disadvantage if users require access to data that is only located in another user's
file.

11. A schema is a collection of database objects, including tables, views, indexes,

and so on. A subschema is a subset of a schema that includes only those objects
that a given user has access to. Every schema has one or more subschemas.

12. Subschema is the user's section of the entire database. It is risky to allow
programmers to create user subschemas and assign access authority to users
because it may jeopardize the concept of authorization. When programmers are
not allowed to assign access authority to users, they sometimes use unethical
techniques to try to intercept requests from users to the DBA. This hinders the
DBA's ability to grant user access authority.
13. The role of database administrator (DBA) is important for several reasons. First,
the DBA is responsible for managing the database resource. This includes tasks
such as database planning, design, implementation, operation, and maintenance.
Second, the DBA is responsible for ensuring that the database grows and
changes as needed. This might involve adding new users, expanding the size of
the database, or making changes to the structure of the database. Finally, the
DBA is often the point of contact for users who have questions or problems with
the database.

14. When a company has fewer staff members than there are incompatible tasks,
that company should rely more heavily on specific authority. This will help to
compensate for the lack of segregation of duties, and will require enhanced and
heightened supervision and more management approvals of decisions.