SEARCH
🇬🇧
MEM
O
RY
.COM
4.37.48
Guest
Log In
Homepage
0
0
0
0
0
Create Course
Courses
Last Played
Dashboard
Notifications
Classrooms
Folders
Exams
Custom Exams
Help
Leaderboard
Shop
Awards
Forum
Friends
Subjects
Dark mode
User ID: 999999
Version: 4.37.48
www.memory.com
You are in browse mode. You must login to use
MEM
O
RY
Log in to start
Index
»
CMA Part 1 - Section E
»
Chapter 1
»
Level 2
level: Level 2
Questions and Answers List
level questions: Level 2
Question
Answer
Computerized audit technique which mixes fictitious data together with real and valid data in master file to be processed within the system
Integrated test facility
Computerized audit technique which use real data but processed through separate audit program / test program
Parallel simulation
Computerized audit technique which embedding audit routines within a program to analyzed transaction data
Embedded Audit Routines
Computerized audit technique which modify program to tag specific transactions and save all their processing steps in an extended record
Extended records
Computerized audit technique which print outs the content of selected memory areas when executed
Snapshot
Computerized audit techniques which provides detailed audit trail of all the instructions executed by a program
Tracing
Computerized audit technique which use special software to monitor the execution of a program.
Mapping
occurs when two different applications or transactions have a lock on data that is needed by the other application or transaction
Deadly embrace (deadlock)
a single part of a system, which, if it fails, will result in the unavailability of the entire system
Single point failure
allows users to log in to all of the different systems in the organization (accounting, email, shipping and so forth) with the same username and password.
Single level sign-on
Is the combination of people, policies, procedures, and processes that help ensure that an entity is effectively and efficiently directs its activities toward meeting the objective of its stakeholders
Governance
Designed to prevent payments of corporate funds which are contrary to public policy, e.g. bribery of foreign officials / political party / candidate for pollical office (government related)
Foreign Corrupt Practices Act (FCPA)
Response to numerous financial reporting scandals involving large public companies
Sarbanes-Oxley Act
the process whereby management identifies the organization’s vulnerabilities
Risk assessment
the continuous process of designing and operating internal controls that mitigate risks identified during risk assessment
Risk management
Who is responsible for establishing and maintaining the system of internal control?
Senior management
Internal audit is being headed by
Chief audit executive (CAE)
To whom does the CAE directly reports to?
CEO
Also means alternative controls
Compensatory (mitigative) controls
Also means second layer controls
Complementary controls
Computer-assisted audit techniques which evaluates only input and output with manual intervention
Auditing around the computer
Computer-Assisted Audit techniques which uses the computer to test the processing logic and control within the systems e.g. Integrated audit facility
Auditing through the computer
combines multiple physical disk drive components into a single logical unit for the purpose of data redundancy, performance, or both
RAID – Redundant array of independent discs
sending data to an intermediate storage that is accessible by the peripheral device when needed
Spooling
Security attack uses password cracking software to try large numbers of letter and number combinations to access a network
Brute force
identity misrepresentation in cyberspace
Spoofing
use of software to eavesdrop on information sent by a user to the host computer of a website
Sniffing
A testing which identifies weakness in the IT infrastructure
Vulnerability testing
A testing which test how well the system tolerates real-world style attacks patterns
Penetration Testing
A recovery center which imitates the company's data center
Hot site
A recovery center which as a limited hardware such as communication and networking equipment
Warm site
A recovery center which lack most infrastructure but readily available for quick installation of hardware
Cold site
What document does the GL department receive during sales to receivable cycle?
Daily income summary
What document does the GL department receive during cash receipts cycle
Remittance listing
What document does the GL department receive during Purchase to Payable cycle
Daily PO summary
What document does the GL department receive during cash payment cycle
Check register
What document does the GL department receive during payroll cycle
Payroll register
This document shows the total number of hours worked
Employee clock card
This document shows the total number of hours worked per job
Job time ticket
a formal document that defines internal audit's purpose, authority, responsibility and position within an organization
internal audit charter
With whom does audit committee/CAE reports directly?
CAE – CEO, Audit Committee, Board of Directors Audit Committee – BOD as member of the board
Which corporations are subject to accounting requirements of FCPA
All corporation (domestic or not) whose securities are registered pursuant to the SEC act of 1934
Which corporations engaged in interstate commerce are prohibited by FCPA of bribery of foreign officials?
Domestic
Who specifically attest to the effectiveness of controls
CAE and CFO
Who approves charter of IAA
management and the board
used to search application source programs for code that is not used in the version of the program that is in use by the production system
Mapping programs
is a potential encryption standard licensed to hardware and software vendors
RSA (Rivest, Shamir, and Adelman)
a backup operational mode used to make systems more fault-tolerant
Failover
