AIS exam 2 review questions & answers 2024/2025
Which of the following is not an example of one of the basic types of fraud?
A) A salesperson approves a large sales discount on an order from a company owned partially by the salesperson's sister.
B) While straightening the store at the end...
Which of the following is not an example of one of the basic types of fraud?
A) A salesperson approves a large sales discount on an order from a company owned partially by the
salesperson's sister.
B) While straightening the store at the end of the day, a shoe store employee finds and keeps an
expensive pair of sunglasses left by a customer.
C) A purchasing agent places a large order at higher-than-normal unit prices with a vendor that gave the
agent tickets to several football games.
D) An executive devised and implemented a plan to accelerate revenue recognition on a long-term
contract, which will allow the company to forestall filing for bankruptcy. The executive does not own any
stock, stock options or grants, and will not receive a bonus or perk because of the overstated revenue. -
ANSWERSWhile straightening the store at the end of the day, a shoe store employee finds and keeps an
expensive pair of sunglasses left by a customer.
Which of the following is least likely to result in computer fraud?
A) releasing data to unauthorized users
B) storing backup tapes in a location where they can be quickly accessed
C) allowing computer operators full access to the computer room
D) allowing computer users to test software upgrades - ANSWERSallowing computer operators full
access to the computer room
Which of the following preventive controls are necessary to provide adequate security for social
engineering threats?
A) host and application hardening B) encryption
C) awareness training D) controlling remote access - ANSWERSawareness training
,4 Which of the following is not a management characteristic that increases pressure to commit
fraudulent financial reporting?
A) close relationship with the current audit engagement partner and manager
B) pay for performance incentives based on short-term performance measures
C) high management and employee turnover
D) highly optimistic earnings projections - ANSWERSclose relationship with the current audit
engagement partner and manager
In 2007, a major U.S. financial institution hired a security firm to attempt to compromise its computer
network. A week later, the firm reported that it had successfully entered the system without apparent
detection and presented an analysis of the vulnerabilities that had been found. This is an example of a -
ANSWERSdetective control
Noseybook is a social networking site that boasts over a million registered users and a quarterly
membership growth rate in the double digits. As a consequence, the size of the information technology
department has been growing very rapidly, with many new hires. Each employee is provided with a
name badge with a photo and embedded computer chip that is used to gain entry to the facility. This is
an example of a(n) - ANSWERSauthentication control
If an organization asks you to disclose your social security number, but decides to use it for a different
purpose than the one stated in the organization's privacy policies, the organization has likely violated
which of the Generally Accepted Privacy Principles?
A) Collection
B) Access
C) Security
D) Quality - ANSWERSCollection
________ is/are an example of a detective control.
A) Physical access controls
, B) Encryption
C) Emergency response teams
D) Log analysis - ANSWERSLog Analysis
All of the following are basic purposes of internal control except
A. Eliminating fraud
B. Ensuring reliable financial statements
C. Promoting Operating Efficiency
D. Safeguarding assets - ANSWERSA. Eliminating fraud: cannot eliminate all fraud
Which of the following legally requires management to assess a company's internal control annually?
Foreign Corrupt Practices Act
Brown's risk taxonomy
COSO Internal control framework
Sarbanes-Oxley Act - ANSWERSSarbanes-Oxley Act requires management to assess a company's internal
control annually.
Which of the following reports are issued quarterly?
10-K
8-K
Section 302 Disclosure Control Reports
Section 404 Internal Control over Financial Reporting Reports - ANSWERSSection 302 Disclosure Control
Reports
Management of All public companies listed in the U.S. are required to have SOX 302 disclosure control
reports.
T/F - ANSWERSTrue
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Bensuda. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
