TUNKU PUTERI INTAN SAFINAZ SCHOOL OF ACCOUNTANCY

BKAS2013 ACCOUNTING INFORMATION SYSTEMS A221 (C & G)

ASSOC. PROF. DR. AKILAH ABDULLAH

TOPIC 2: ETHICS, FRAUD AND INTERNAL CONTROL IN AIS

QUESTION 1

Figure below illustrates the three levels of control in internal control

REQUIRED:

Differentiate between preventive, detective, and corrective control.

QUESTION 2

A. Use the internal control procedures listed below to complete the statements.

Segregation of duties Specific authorization

General authorization Accounting records
Access control Independent verification
Supervision

(i) A clerk reorders 250 items when the inventory falls below 25 items without
consulting his superior. This is an example of __________.

(ii) The internal audit department recalculates payroll for several employees each
pay period. This is an example of __________.

(iii) Locking petty cash in a safe is an example of __________.

(iv) Approving a price reduction because goods are damaged is an example of

__________

(v) Using cameras to monitor the activities of cashiers is an example of __________

(vi) Not permitting the computer programmer to enter the computer operation room is
an example of __________
 (vii) Sequentially numbering all sales invoices is an example of __________

B. State FOUR (4) objectives of internal control in AIS.

C. Explain FOUR (4) control environment components of the Committee of Sponsoring

Organization (COSO) Internal Control framework.

QUESTION 3

General controls pertain to entity-wide concerns such as controls over the data center,
organization databases, systems development, and program maintenance. There are six
categories of general controls. State the SIX (6) categories of general controls and give one
example of control procedure for each category.

QUESTION 4

Fraud has continued to increase with more than 75% companies reported fraud incidents within
the past years. In line with technology advancement, computer crimes are also reported to be
on the rise. Hence, effective internal control could be one of the measures to identify, mitigate,
and manage fraud risks.
~Kroll Global Fraud Report 2015/2016~

REQUIRED:

(a) Differentiate between employee fraud and management fraud.

(b) Information Technology (IT) application controls may take place at three different parts
of the system, namely, input, process, and output.
Describe THREE (3) examples of input control procedures.