Risks and Internal Controls in ICT

Questions and Answers

What is a Local Area Network (LAN)?

• Computers connected in different locations.
• Computers connected over the internet.
• Computers connected in one location. (correct)
• A type of software used for communication.

What type of software is Microsoft Windows classified as?

• System software (correct)
• Utility software
• Network software
• Application software

Which of the following best defines transaction files?

• Files that manage network communications.
• Files associated only with application software.
• Files used to record transaction details. (correct)
• Files that store permanent customer data.

What is a key characteristic of a Wide Area Network (WAN)?

It connects computers across different locations. (D)

What distinguishes real-time processing from batch processing systems?

Real-time processing occurs immediately as transactions happen. (D)

What is one of the main purposes of implementing internal controls in a computerized environment?

To enhance the monitoring of operational processes. (C)

What is a common impact of Information and Communication Technology (ICT) in modern businesses?

It changes how businesses interact with clients. (D)

What do master files primarily store?

Permanent data such as customer details. (A)

What is one of the key advantages of good IT governance practices?

Enhanced risk management (D)

Which technology is associated with the concept of the Fourth Industrial Revolution?

Artificial intelligence (D)

What does the King IV principle emphasize regarding IT governance?

IT should play roles in operational and strategic levels (B)

What risk may arise from a lack of sound IT governance?

Loss of information (A)

What technological trend allows for online transacting and decentralized networks?

Cloud computing (A)

Which of the following is NOT identified as a component of internal controls?

Information security (D)

What is a characteristic of distributed networks in the IT landscape?

Decentralization and end-user focus (D)

Which of the following technologies is primarily involved in image processing?

Fingerprint scanning (D)

What is the first step in the flow of transactions in a computerized accounting system?

Capture data on the manual source document (B)

Which of the following statements best describes the processing stage in a computerized accounting system?

It relies on checks, comparisons, and calculations by the computer. (C)

What is stored in master files within a computerized accounting system?

Standing data and totals (A)

What role do source documents play in a computerized accounting system?

They initiate the transaction capturing process. (C)

Which of the following describes the purpose of processing controls in a computerized accounting system?

To perform checks and calculations on processed data. (A)

After the process stage, what is the next step in the flow of transactions?

Output of financial statements (C)

What is the primary function of a source document in the computerized accounting process?

To provide an original manual record of data (D)

Which type of data is typically stored in transaction files?

Underlying details of specific transactions (C)

What is the primary purpose of business continuity controls?

To prevent system interruptions and ensure continuity of operations (D)

Which of the following is NOT a type of data communication control?

Regular software updates (C)

What is considered a preventative control to address non-physical dangers?

Logical access controls (A)

Which option describes a key component of detective and corrective controls?

Formulating a disaster recovery plan (B)

What role does maintaining logs and registers of software/hardware usage play?

It aids in scheduling for effective use (B)

Which factor is essential in limiting the impact of data interruptions?

Frequent testing of backups (B)

What is the purpose of implementing antivirus and malware programs in a security framework?

To protect systems from malicious attacks (A)

Which of the following best describes application controls?

Controls specifically related to the processing of business transactions (A)

What is an immediate method to correct an error made during data capture?

Logical programmed controls (D)

What should happen if an error is identified on the original source document?

The rejected transaction must be deleted by the system (A)

What is a consequence of failing processing controls?

Data being lost or duplicated (A)

Which of the following is NOT a control to be implemented during processing?

Regular user training sessions (B)

What type of control involves the distribution of data from stored to viewed formats?

Output controls (C)

What is the purpose of control totals in batch control?

To ensure accuracy in calculated totals against batch totals (B)

In the error correction process, what should be done regarding the rejected transaction?

Review and correct the transaction (A)

Which of the following processes helps maintain the integrity of data while being processed?

Processing controls (A)

Study Notes

Introduction to Risks and Internal Controls

• ICT is crucial in modern businesses, influencing operations, client interaction, and process control.
• Implementation of internal controls is necessary to manage associated risks.
• The chapter discusses basic technology and ICT principles relevant to a computerized environment.

Evolution of Information Technology

• Historically, personal computers operated standalone with manual processes and printed documents.
• Modern IT utilizes networks for computer connections, replacing many manual controls with automated systems.
• Key trends include decentralized networks, mobile technology, open-source software, and cloud computing.
• The Fourth Industrial Revolution features technologies like AI, machine learning, Big Data, robotics, and blockchain.

Information System Governance

• Governed by King IV’s principle 12, which emphasizes IT governance, risk management, and internal controls.
• Effective IT governance enhances risk management and compliance with legal obligations.
• Risks of poor IT governance include data loss and inappropriate IT use.

Internal Controls Components

• The board is responsible for establishing a control environment and overseeing IT governance.
• Five key components:
  • People: All individuals interacting with Computer Information Systems (CIS).
  • Procedures: Guidelines for data collection, storage, and processing.
  • Data: Accurate storage and management of data in hardware.

Computerized Accounting System Operation

• Key steps in transaction processing:
  • Capture Data: Done through source documents.
  • Input Source Document: Into the accounting system.
  • Process Transactions: Using journals and ledgers to maintain accurate records.
  • Report Generation: Producing financial statements based on processed data.

Security Controls in Computerized Systems

• Library Function: Assigning a data librarian for data management.
• Data Communication Controls: Utilize measures like encryption, firewalls, and antivirus programs.
• Regular software updates are essential for maintaining security.

Business Continuity Controls

• Prevent disruptions and ensure continuous processing of business operations.
• Types of controls include:
  • Preventative Controls: Protect against unauthorized access and physical dangers (e.g., fire alarms).
  • Detective and Corrective Controls: Involves data backups and disaster recovery plans to mitigate risks.

Operating and System Maintenance Controls

• Standards for managing IT resources include effective scheduling, maintenance, and user practice policies.
• Maintenance of logs and registers for software/hardware usage reviewed by management.

Application Controls in Computerized Processes

• Focus on input, processing, and output controls:
  • Input Controls: Error correction during data capture and management of rejected transactions.
  • Processing Controls: Ensure data integrity with minimal user intervention; critical to prevent data errors or losses.
  • Output Controls: Manage the distribution and format of data for proper accessibility (e.g., hard-copy or digital).

Overall Control Mechanisms

• User-Related Controls: Ensure correct program usage and data handling.
• Processing Control Mechanisms: Involve completeness tests and exception monitoring to maintain processing accuracy.
• Effective application controls are crucial to reduce errors in computerized business transactions.

Description

This quiz covers essential concepts related to risks and internal controls in Information and Communication Technology (ICT). It explores the evolution of information technology, highlighting significant trends and the importance of governance in managing risks. Understand how modern technologies impact operations and control processes.