Exam 7: Controlling Information Systems: Introduction to Enterprise Risk Management and Internal Control

The section of Sarbanes Oxley that sets forth criminal penalties applicable to CEOs and CFOs of up to $5 million and up to 20 years imprisonment if they knowingly or willfully certify false or misleading information contained in periodic reports:

A fraud is a deliberate act or untruth intended to obtain unfair or unlawful gain.

This framework was issued in 1996 (and updated in 2007) by the Information Systems Audit and Control Association because of the influence of IT over information systems, financial reporting and auditing.

The control goal that seeks to provide protection against loss, destruction, disclosure, copying, sale, or other misuse of an organization's resources is called ________________________________________.

A computer abuse technique called a ____ involves a virus that replicates itself on disks, in memory, or across networks.

A manager of a manufacturing plant alters production reports to provide the corporate office with an inflated perception of the plant's cost effectiveness in an effort to keep the inefficient plant from being closed.This action would be classified as a(n):

The ERM framework addresses four categories of management objectives.Which category addresses the effective and efficient use of resources?

A deliberate act or untruth intended to obtain unfair or unlawful gain is a(n)

The control goal called ________________________________________ strives to ensure that a given operational process is fulfilling the purpose for which it was intended.

___________________________________ is a process by which organizations select objectives, establish processes to achieve objectives, and monitor performance.

____________________ is a deliberate act or untruth intended to obtain unfair or unlawful gain.

The effect of an event's occurrence is:

Control plans that relate to a multitude of goals and processes are called:

Which of the following is not a requirement of SOX Section 404?

As a result of an inadequate design, a production process yields an abnormally high amount of raw material scrapped.Which control goal is being violated?

The control goal called efficiency of operations strives to assure that a given operations system is fulfilling the purpose(s) for which it was intended.

Management is responsible for establishing and maintaining an adequate system of internal control

_________________________ are business process objectives that an internal control system is designed to achieve.

Ensuring the security of resources is the control goal that seeks to provide protection against loss, destruction, disclosure, copying, sale, or other misuse of an organization's resources.

An invalid item is an object or event that is not authorized, never occurred, or is otherwise not genuine.