SUGGESTED ANSWERS TO DISCUSSION QUESTIONS
Contrast the logical and the physical view of data and discuss why separate views are
necessary in database applications. Describe which perspective is most useful for each of th
1. What are the two fundamental components of data structures?
Response: Organization and access method.
2. What are the criteria that influence the selection of the data structure?
Enterprise Resource Planning Systems
1. Define ERP.
Response: ERP systems are multiple module software packages that evolved primarily
from traditional manufacturing resource planning (MRP) systems.
The objective of ERP is to i
1. What document initiates the sales process?
Response: A customer order, usually in the form of a purchase order, initiates the sales process.
2. Distinguish among a packing slip, a shipping notice, and a
Business Ethics, Fraud, and Fraud Detection
1. What is ethics?
Response: Ethics pertains to the principles of conduct that individuals use in making
choices and guiding their behavior in situations that involve the concepts of
System Development and Program Change Activities
1. Distinguish between systems professionals, end users, and stakeholders.
Response: Systems professionals are systems analysts, systems designers, and
programmers; these individu
Security Part II: Auditing Database Systems
1. What is a legacy system?
Response: Legacy systems are large mainframe systems that were implemented from the
late 1960s through the 1980s. Organizations today still make extensive u
Security Part I: Auditing Operating Systems and Networks
1. What are the five control objectives of an operating system?
a. The operating system must protect itself from users.
b. The operating system must protect user
Auditing IT Governance Controls
1. What is IT governance?
Response: IT governance is a relatively new subset of corporate governance that
focuses on the management and assessment of strategic IT resources.
2. What are the object
Auditing and Internal Control
What is the purpose of an IT audit?
Response: The purpose of an IT audit is to provide an independent assessment of some
technology- or systems-related object, such as proper IT implementation, o
Corporate governance and
Tone at the top is a familiar phrase to most of usit means
that the attitudes and actions of the board, executive, and
management have a pervasive impact upon the
Internal controls and control risk
Why bother testing internal controls? We can just look at the
numbers and the supporting documents, cant we? Well, no! In
a large organization with millions of transactions, i
Client risk profile and documentation
How does an auditor decide whether a client is risky or not?
This chapter identifies and talks about the many parts involved
in developing a client risk profile. The audito
Materiality and risk
We have not talked any numbers yet. How does the auditor
assess the financial statements to decide what should be
tested? What is the model used to organize and assess risks
during the audi
What does an auditor examine to provide assurance about the
quality of the financial statements? When has enough information been collected? These are difficult questions, and this
Why can the auditor be sued when a business goes bankrupt?
Isnt it managements responsibility to run the business? In
this chapter, we will explore terminology associated with legal
Professional relationships: The role of ethics
The public accountant (PA) is a professional who works with the
audit committee, board of directors, management, and other
professionals such as la
The public accounting profession
As we saw in Chapter 1, public accountants (PAs) add value to
information by providing assurance. What are the processes
that help ensure that PAs do a good job? What is the diff