The general ledger setup function in an enterprise resource
package (ERP) allows for setting accounting periods. Access
to this function has been permitted to users in finance, the
warehouse and order entry. The MOST likely reason for such
broad access is the:
A. need to change accounting periods on a regular basis..
B. requirement to post entries for a closed accounting period.
C. lack of policies and procedures for the proper
segregation of duties.
D. need to create/modify the chart of accounts and its
allocations.
- 1 Answers
- 6077 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Setting of accounting periods is one of the critical
activities of the finance function. Granting access to this
function to the personnel in the warehouse and order entry
could be because of a lack of proper policies and procedures
for the adequate segregation of duties. Accounting periods
should not be changed at regular intervals, but established
permanently. The requirement to post entries for a closed
accounting period is a risk. If necessary this should be
done by someone in the finance or accounting area. The need
to create/modify the chart of accounts and its allocations
is the responsibility of the finance department and is not a
function that should be performed by warehouse or order
entry personnel.
| Is This Answer Correct ? | 6 Yes | 1 No |
An IS auditor who is participating in a systems development project should: A. recommend appropriate control mechanisms regardless of cost. B. obtain and read project team meeting minutes to determine the status of the project. C. ensure that adequate and complete documentation exists for all project phases. D. not worry about his/her own ability to meet target dates since work will progress regardless.
A universal serial bus (USB) port: A. connects the network without a network card. B. connects the network with an Ethernet adapter. C. replaces all existing connections. D. connects the monitor.
A goal of processing controls is to ensure that: A. the data are delivered without compromised confidentiality. B. all transactions are authorized. C. accumulated data are accurate and complete through authorized routines. D. only authorized individuals perform sensitive functions.
Which of the following exposures associated with the spooling of sensitive reports for offline printing would an IS auditor consider to be the MOST serious? A. Sensitive data can be read by operators. B. Data can be amended without authorization. C. Unauthorized report copies can be printed. D. Output can be lost in the event of system failure.
Which of the following is a control to detect an unauthorized change in a production environment? A. Denying programmers access to production data. B. Requiring change request to include benefits and costs. C. Periodically comparing control and current object and source programs. D. Establishing procedures for emergency changes.
Which of the following hardware devices relieves the central computer from performing network control, format conversion and message handling tasks? A. Spool B. Cluster controller C. Protocol converter D. Front end processor
Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected
When an organization's network is connected to an external network in an Internet client-server model not under that organization's control, security becomes a concern. In providing adequate security in this environment, which of the following assurance levels is LEAST important? A. Server and client authentication B. Data integrity C. Data recovery D. Data confidentiality
IS auditors, in performing detailed network assessments and access control reviews should FIRST: A. determine the points of entry. B. evaluate users access authorization. C. assess users identification and authorization. D. evaluate the domain-controlling server configuration.
Information requirement definitions, feasibility studies and user requirements are significant considerations when: A. defining and managing service levels. B. identifying IT solutions. C. managing changes. D. assessing internal IT control.
Which of the following development methods uses a prototype that can be updated continually to meet changing user or business requirements? A. Data-oriented development (DOD) B. Object-oriented development (OOD) C. Business process reengineering (BPR) D. Rapid application development (RAD)
In which of the following network configurations would problem resolution be the easiest? A. Bus B. Ring C.Star D. Mesh
Cisco Certifications 
