Chap014 - Chapter 14, Enterprise System Risks and Controls...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Chapter 14, Enterprise System Risks and Controls True/False Questions 1. A risk is any exposure to the chance of injury or loss. Ans: True 2. An internal control is an activity performed to minimize or eliminate a risk. Ans: True 3. The materiality of a risk is determined solely by its impact on the organization; that is, by the size of the potential loss and its impact on achieving the organization's objectives. Ans: False Response: Materiality of risk is also determined by its likelihood of occurring. 4. Management may choose to ignore risks that have a low impact and a low likelihood of occurrence unless controls to mitigate those risks are costless. Ans: True 5. The control environment sets the tone of the enterprise and can contribute to a high-risk environment. Ans: True 6. The attitudes and actions of top management typically do not affect the climate of an enterprise, because they are rarely onsite. Ans: False Response: The attitudes and actions of top management largely determine the climate of an enterprise. Attitudes and actions of lower level employees typically mirror the attitudes and actions they see in top management. 7. An error is an intentional effort to do something undesirable to an enterprise, while an irregularity is an unintended mistake on the part of an employee. Ans: False Response: An error is an unintended mistake on the part of an employee; an irregularity is an intentional effort to do something undesirable to an enterprise. 274 Dunn/Cherrington/Hollander, Enterprise Information Systems: A Pattern Based Approach, 3e
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Chapter 14, Enterprise System Risks and Controls 8. Corrective controls focus on preventing an error or irregularity. Ans: False Response: Preventive controls focus on error and irregularity prevention. Corrective controls provide compensation to minimize the damage if an error or irregularity occurs. 9. Monitoring is the process of assessing the quality of internal control performance over time. Ans: True 10. Economy risks include those resulting from war, epidemics, financial market changes, terrorist attacks, and natural disasters such as floods, hurricanes, and drought. Ans: True 11. The risk of recording incomplete, inaccurate, or invalid data about a business event is considered a business process risk. Ans: False Response: That is an information process risk. 12. Enterprises should create contingency plans for transferring operations to a backup location in case of business interruptions. Ans: True 13. Lapping is a method of stealing cash in which an employee steals a customer payment and uses funds from a subsequent customer payment to post to the first customer's account, using funds from a third customer payment to post to the second customer's account, and continuing on in that pattern until a valid account is written off as a bad debt, the perpetrator is caught, the perpetrator leaves the firm, or some combination of those three possibilities. Ans: True
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 14

Chap014 - Chapter 14, Enterprise System Risks and Controls...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online