Solution Manual for Accounting Information
Systems, 4th Edition by Vernon Richardson,
Chengyee Chang, Rod Smith
The COBIT 5 Framework - ANS-Describes best practices for the
effective governance and management of IT:
1 Meeting stakeholder needs
2 Covering the enterprise end-to-end
3 Applying a single, integrated framework
4 Enabling a holistic approach
5 Separating governance from management
**Five processes referred to as EDM (evaluate, direct and monitor)
(Governance)
What are the 32 management processes set forth by the COBIT 5? -
ANS-1 Align, plan and organize (APO)
2 Build, acquire, and implement (BAI)
3 Deliver, service and support (DSS)
4 Monitor, evaluate, and assess (MEA)
Committee of Sponsoring Organizations (COSO) - ANS-A private-
sector group consisting of the American Accounting Association,
the AICPA, the Institute of Internal Auditors, the Institute of
Management Accountants, and the Financial Executives Institute
What did COSO issue in 1992? - ANS-Internal Control-Integrated
Framework (IC) which is widely accepted as the authority on
internal controls and is incorporated into policies, rules, and
regulations used to control business activities
,Enterprise Risk Management - Integrated Framework (ERM) - ANS-A
COSO framework that improves the risk management process by
expanding (adds three additional elements) COSO's Internal
Control-Integrated
COSO's Internal Control Model consists of... - ANS-Five
components and 17 Principles
What are the five components of the COSO Internal Control Model?
- ANS-1 Control Environment
2 Risk Assessment
3 Control Activities
4 Information and Communication
5 Monitoring
ERM is the process the board of directors and management use to
set strategy, identify events that may affect the entity, assess and
manage risks, and provide reasonable assurance that the company
achieves its objectives and goals. What are the basic principles
behind ERM? - ANS-1 Companies are formed to create value for
their owners
2 Management must decide how much uncertainty it will accept as
it creates value
3 Uncertainty results in risk
4 Uncertainty results in opportunity
5 The ERM framwork can manage uncertainty as well as create and
preserve value
Internal Environment - ANS-The company culture that is the
foundation for all other ERM components as it influences how
organizations establish strategies and objectives; structure
business activities; and identify, assess, and respond to risk
,Inherent Risk - ANS-the susceptibility of a set of accounts or
transactions to significant control problems in the absence of
internal control
Residual Risk - ANS-The risk that remains after management
implements internal controls or some other response to risk
Management can respond to risk in four ways: - ANS-1 Reduce
2 Accept
3 Share
4 Avoid
Control Activities - ANS-Policies, procedures, and rules that provide
reasonable assurance that control objectives are met and risk
responses are carried out
Segregation of Accounting Duties - ANS-separating the accounting
functions of authorization, custody, and recording to minimize an
employee's ability to commit fraud
The Trust Services Framework organizes IT-related controls into five
principles that jointly contribute to systems reliability: - ANS-1
Security
2 Confidentiality
3 Privacy
4 Processing Integrity
5 Availability
Data - ANS-facts that are collected, recorded, stored, and
processed by an information system
, Information - ANS-data that has been organized and processed to
provide meaning and improve decision making process
Characteristics of Useful Information - ANS-1 Relevant
2 Reliable
3 Complete
4 Timely
5 Understandable
6 Verifiable
7 Accessible
Relevant - ANS-Reduces uncertainty, improves decision making, or
confirms or corrects prior expectations
Reliable - ANS-Free from error or bias; accurately represents
organization events or activities
Complete - ANS-Does not omit important aspects of the events or
activities it measures
Timely - ANS-Provided in time for decision makers to make
decisions
Understandable - ANS-Presented in a useful and intelligible format
Verifiable - ANS-Two independent, knowledgeable people produce
the same information
Accessible - ANS-Available to users when they need it and in a
format they can use
Revenue Cycle - ANS-where goods and services are sold for cash or
a future promise to receive cash
Systems, 4th Edition by Vernon Richardson,
Chengyee Chang, Rod Smith
The COBIT 5 Framework - ANS-Describes best practices for the
effective governance and management of IT:
1 Meeting stakeholder needs
2 Covering the enterprise end-to-end
3 Applying a single, integrated framework
4 Enabling a holistic approach
5 Separating governance from management
**Five processes referred to as EDM (evaluate, direct and monitor)
(Governance)
What are the 32 management processes set forth by the COBIT 5? -
ANS-1 Align, plan and organize (APO)
2 Build, acquire, and implement (BAI)
3 Deliver, service and support (DSS)
4 Monitor, evaluate, and assess (MEA)
Committee of Sponsoring Organizations (COSO) - ANS-A private-
sector group consisting of the American Accounting Association,
the AICPA, the Institute of Internal Auditors, the Institute of
Management Accountants, and the Financial Executives Institute
What did COSO issue in 1992? - ANS-Internal Control-Integrated
Framework (IC) which is widely accepted as the authority on
internal controls and is incorporated into policies, rules, and
regulations used to control business activities
,Enterprise Risk Management - Integrated Framework (ERM) - ANS-A
COSO framework that improves the risk management process by
expanding (adds three additional elements) COSO's Internal
Control-Integrated
COSO's Internal Control Model consists of... - ANS-Five
components and 17 Principles
What are the five components of the COSO Internal Control Model?
- ANS-1 Control Environment
2 Risk Assessment
3 Control Activities
4 Information and Communication
5 Monitoring
ERM is the process the board of directors and management use to
set strategy, identify events that may affect the entity, assess and
manage risks, and provide reasonable assurance that the company
achieves its objectives and goals. What are the basic principles
behind ERM? - ANS-1 Companies are formed to create value for
their owners
2 Management must decide how much uncertainty it will accept as
it creates value
3 Uncertainty results in risk
4 Uncertainty results in opportunity
5 The ERM framwork can manage uncertainty as well as create and
preserve value
Internal Environment - ANS-The company culture that is the
foundation for all other ERM components as it influences how
organizations establish strategies and objectives; structure
business activities; and identify, assess, and respond to risk
,Inherent Risk - ANS-the susceptibility of a set of accounts or
transactions to significant control problems in the absence of
internal control
Residual Risk - ANS-The risk that remains after management
implements internal controls or some other response to risk
Management can respond to risk in four ways: - ANS-1 Reduce
2 Accept
3 Share
4 Avoid
Control Activities - ANS-Policies, procedures, and rules that provide
reasonable assurance that control objectives are met and risk
responses are carried out
Segregation of Accounting Duties - ANS-separating the accounting
functions of authorization, custody, and recording to minimize an
employee's ability to commit fraud
The Trust Services Framework organizes IT-related controls into five
principles that jointly contribute to systems reliability: - ANS-1
Security
2 Confidentiality
3 Privacy
4 Processing Integrity
5 Availability
Data - ANS-facts that are collected, recorded, stored, and
processed by an information system
, Information - ANS-data that has been organized and processed to
provide meaning and improve decision making process
Characteristics of Useful Information - ANS-1 Relevant
2 Reliable
3 Complete
4 Timely
5 Understandable
6 Verifiable
7 Accessible
Relevant - ANS-Reduces uncertainty, improves decision making, or
confirms or corrects prior expectations
Reliable - ANS-Free from error or bias; accurately represents
organization events or activities
Complete - ANS-Does not omit important aspects of the events or
activities it measures
Timely - ANS-Provided in time for decision makers to make
decisions
Understandable - ANS-Presented in a useful and intelligible format
Verifiable - ANS-Two independent, knowledgeable people produce
the same information
Accessible - ANS-Available to users when they need it and in a
format they can use
Revenue Cycle - ANS-where goods and services are sold for cash or
a future promise to receive cash
