Accounting Information Technology and Business SolutionsChapter 5.docx
- 文档编号:10318119
- 上传时间:2023-02-10
- 格式:DOCX
- 页数:38
- 大小:39.51KB
Accounting Information Technology and Business SolutionsChapter 5.docx
《Accounting Information Technology and Business SolutionsChapter 5.docx》由会员分享,可在线阅读,更多相关《Accounting Information Technology and Business SolutionsChapter 5.docx(38页珍藏版)》请在冰豆网上搜索。
AccountingInformationTechnologyandBusinessSolutionsChapter5
ReviewQuestions
R1.Whatismeantbyasystemofinternalcontrols?
Internalcontrolsareasetofrules,policies,andproceduresanorganizationimplementstoprovidereasonableassurancethat
(1)itsfinancialreportsarereliable,
(2)itsoperationsareeffectiveandefficient,and(3)itsactivitiescomplywithapplicablelawsandregulations.
R2.Distinguishbetweenrisk,exposure,andthreat.
Risk,aswithmanywordsintheEnglishlanguage,hasmultiplemeaningssowemustbecarefultodefinehowweareusingit.Ariskisanyexposuretothechanceofinjuryorloss.(Somepeopleusethetermriskinamorenarrowsensetodescribetheprobabilityofalossoccurring.)Threatisanotherwordsomepeopleusetodescribethesesituationsbecausetheyrepresentaprobableevil,violence,orlosstotheentity.Therearesomanypotentialrisksthatitmayseemoverwhelmingtotrytocontrolallofthem.Soweshouldonlyworryaboutthemostsignificantrisks.Thesignificanceofariskisdeterminedby(a)itsimpactontheorganization,and(b)thelikelihoodofitoccurring.Exposureisawordsomepeopleusetodescribethepotentialimpactontheentity.
R3.Describetherelationshipbetweenrisk,opportunity,andobjectives.
Opportunityandriskgohandinhand.Youcan’thaveanopportunitywithoutsomeriskandwitheveryriskthereissomepotentialopportunity.People’sobjectivesandthestatedobjectivesoftheorganizationimpactbothrisksandopportunities.Conservativeobjectivesthatcanbeeasilyachievedrequirelessrisk.Moreaggressiveobjectivescreategreaterriskasmoredifficultandcomplexactivitiesarepursuedtoachievethem.Changecreatesopportunities.Theworldisconstantlychangingandchangeisoftenviewedinanegativelightbecauseitupsetsthestatusquo.Thepeoplewhoarethemostsuccessfularethosewhoareabletoanticipatechange,recognizetheopportunitiesassociatedwithit,andadaptveryquickly.Insummary,changecreatesmanynewopportunities.Theopportunitiesanorganizationseeksareguidedbyitsobjectives.Butwitheveryopportunitythereissomeelementofrisk.Weseektomanagetheserisksbyasystemofcontrols.
R4.Howdoyoudeterminethematerialityofrisk?
Materialityofriskisafunctionof:
1.Thesizeofthepotentiallossanditsimpactonachievingtheorganization’sobjectives.
2.Thelikelihoodoftheloss.
Aseitherthelikelihoodorsizeofthelossincreases,thematerialityoftheriskalsoincreases.Thehigherthemateriality,thegreatertheneedformanagingtherisk.Inmanysituationstheseevaluationscanonlybemeasuredinrough,order-of-magnitudeamounts.
R5.Shouldweattempttocontrolallrisks?
Explain.
Therearesomanypotentialrisksthatitimpossibletocontrolallofthem.Weshouldonlyworryaboutthemostsignificantrisks.Thesignificanceofariskisdeterminedby(a)itsimpactontheorganization,and(b)thelikelihoodofitoccurring.Organizationswilltypicallylivewithlowmaterialityrisksbecausethecostofcontrollingallriskfarexceedsthepotentialbenefit.Managementmaychosetoignorerisksthathavealowimpactandalowlikelihoodofoccurrence.Risksthathaveahighimpactandahighlikelihoodofoccurrencemustbecarefullycontrolled.Thekeyisidentifyingandcontrollingthemostmaterialrisksinamannersuchthatthebenefitsofcontrollingtherisksexceedthecostsofthecontrols.
R6.Shouldanorganizationimplementasmanycontrolproceduresaspossible?
Explain.
Justbecauseacontrolexiststominimizeariskdoesnotmeanitshouldbeimplemented.Allcontrolshaveacost.Additionalcontrolsshouldbeimplementedonlyiftheaddedbenefitfromhavingthecontrolexceedsthecostofimplementingandmaintainingthecontrol.Thekeyisidentifyingandcontrollingthemostmaterialrisksinamannersuchthatthebenefitsofcontrollingtherisksexceedthecostsofthecontrols.
R7.Describeseparationofdutiesandresponsibilities.
SeparationofDutiesrequiresworkassignmentstobestructuredsuchthattheworkofoneindividualcheckstheworkofanotherindividual.Themostimportantactivitiestoseparateareauthorization,recordkeeping,andcustodyofassetstopreventemployeesfromperformingfunctionsthatcouldresultinundetectedbusinessandinformationprocessingerrorsorirregularities.
R8.Describephysicalcontrols.
Physicalcontrolsincludesecurityovertheassetsthemselves,limitingaccesstotheassetstoonlyauthorizedpeople,andperiodicallyreconcilingthequantitiesonhandwiththequantitiesrecordedintheorganization’srecords.Assetssuchascash,investmentsinstocksandbonds,andotherliquidassetsshouldbekeptinalockedfacilityandthekeystothefacilityshouldbecarefullycontrolled.Inventoryshouldbekeptinaseparateroomwithacontrolledaccess.Properauthorizationshouldberequiredforaccesstocomputerprogramsanddatafiles.Thepeoplewhoaregivencustodyoftheassetsareheldresponsibleforthemandtheyareaccountableforanyshortagesbetweenthequantitiesonhandandtheamountsrecordedintheaccountingrecords.
R9.Contrastgeneralandapplicationcontrols.
Generalcontrolsfocusontheenvironmentsurroundingthecomputersystem—itsdevelopment,operation,andmaintenance.Includedwithinthiscategoryofcontrolsareseparationofdutiesandresponsibilitieswithinthedataprocessingfunctionsandcontrolsovercomputerpersonnel,computeroperatingactivities,systemsdevelopmentprocesses,andcomputerresourcesandtheirutilization.
Applicationcontrolsfocusontransactionsastheyflowthroughtheinput,process,andoutputstagesofaspecificcomputerapplication.Anexampleofaninputcontroliswhenwedevelopatotalofallthesalesinvoicesforadayandcomparetheamountwithasimilartotalpreparedbythecomputerastheinvoicesareenteredforprocessing.Ifthetwototalsareequal,weassumetheinvoiceswerecorrectlyenteredintothecomputer.Similaramountscouldbedevelopedasthecomputerprocessesinvoicesandasreportsarepreparedtoverifythattheprocesswasperformedaccuratelyandthatthereportsarealsoaccurate.
R10.Whoisultimatelyresponsibleforinternalcontrolswithinanorganization?
Managementisultimatelyresponsibleforanorganization’sinternalcontrols.Accountinginformationprofessionals(includingauditors)shouldprovidesupporttomanagement.
R11.Listthenineconceptsthatunderlieanupdatedcontrolphilosophy.
ControlConcept#1:
Accountantsmustbecomecontrolconsultantsovertheentirerangeofbusinessriskswitharealtime,proactivecontrolphilosophythatfocusesfirstonpreventingbusinessrisks,thenondetectingandcorrectingerrorsandirregularities.
ControlConcept#2:
UsemodernITtoachievetheobjectivesofrecording,maintaining,andreportinginformationthatisaccurate,complete,andtimelyby:
∙Evaluatingtherisksassociatedwithcurrentbusinessandinformationprocesses.
∙Designingspecificcontrolprocedurestomanagetherisks.
ControlConcept#3:
Tailorcontrolprocedurestothebusinessprocessinordertoimprovethequalityoftheinternalcontrolsystemwhileenhancingorganizationaleffectiveness.
ControlConcept#4:
AccountantsmustbecomefamiliarwithITcapabilitiesandrisksandrecognizetheopportunitiesITprovidestoprevent,detect,andcorrecterrorsandirregularitiesasdecisionsaremade,operatingactivitiesoccur,andinformationprocessesareexecuted.
ControlConcept#5:
Processesthatmakeextensiveuseofpaperinputsandoutputsandvisiblerecordsofintermediateprocessesarenotlessriskythanmorecomplex,highlyintegratedsystems.Highlyintegratedsystemscanbelessriskyprovidedtheyareproperlyconstructedwiththerightcontrolsbuiltintothem.
ControlConcept#6:
Anelectronicaudittrailcanbeaseffectiveas,ormoreeffectivethan,apaperbasedaudittrail.Theaudittrailinanintegrated,eventbasedsystemisoftenshorterandlesscomplexthanatraditionalpaperbasedaudittrail.
ControlConcept#7:
Beactivelyinvolvedduringthedesignanddevelopmentstagesofanewormodifiedinformationsystemtohelpidentifyandimplementcontrolsintothesystem.
ControlConcept#8:
Greateruseofinformationtechnologyprovidestheopportunityfornewservicesthatverifytheadequacyofinternalcontrolswithintheinformationsystemandtheaccuracyofqueriesinextractingdesiredinformation.
ControlConcept#9:
SmallorganizationscanhavestronginternalcontrolsystemsbyintegratingcontrolsintotheinformationsystemandusingITtomonitorandcontrolthebusinessandinformationprocesses.
R12.Listanddescribethefiveinterrelatedcomponentsofaninternalcontrolsystem.
1.ControlEnvironment.Controlenvironmentsetsthetoneoftheorganization,whichinfluencesthecontrolconsciousnessofitspeople.Thisfoundationprovidesdisciplineandstructureuponwhichallothercomponentsofinternalcontrolarebuilt.Thecontrolenvironmentincludesintegrityandethicalbehaviorofthepeople,theircommitmenttocompetence,theboardofdirectorsandauditcommitteeparticipation,management’sphilosophyandoperatingstyle,organizationstructure,assignmentofauthorityandresponsibility,andhumanresourcepoliciesandpractices.
2.RiskAssessment.Riskassessmentidentifiesandanalyzestherelevantrisksassociatedwiththeorganizationachievingitsobjectives.Riskassessmentformsthebasisfordeterminingwhatrisksneedtobecontrolledandthecontrolsrequiredtomanagethem.
3.ControlActivities.Controlactivitiesarethepoliciesandprocedurestheorganiza
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Accounting Information Technology and Business Solutions Chapter
![提示](https://static.bdocx.com/images/bang_tan.gif)
链接地址:https://www.bdocx.com/doc/10318119.html