Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 5: IT in the New World of Corporate Governance Reforms

Full screen (f)
exit full mode
Question
Only publicly traded companies in the United States are subject to rules of financial disclosure.
Use Space or
up arrow
down arrow
to flip the card.
Question
Surveys show that most firms have underestimated the costs of SOX compliance.
Question
SOX requires external auditors to independently attest to the effectiveness of internal financial controls, negating the need for an annual evaluation of internal controls and procedures for financial reporting.
Question
Prior to 2002, IT has been heavily affected by regulatory matters.
Question
Because of SOX's emphasis on control documentation, the technical skills required of IT staff are more important than written skills for complying with SOX requirements.
Question
Different regulations affect business units differently, but all regulations have an impact IT.
Question
The act designed to protect stockholders, employees, and consumers from inaccurate or misleading financial reports is called the:

A) 2001 Patriot Act
B) 1934 Securities and Exchange Act
C) 002 Sarbanes-Oxley Act
D) 2004 REVISED Securities and Exchange Act
Question
Legislators and other regulatory bodies are not very aware of the impact electronic information and systems can have on organizations and the public.
Question
New standards for internal controls have significant implications on how IT is managed and IT costs and productivity.
Question
It is the job of a company's Internal auditors to determine if its controls are "reasonable."
Question
The Security and Exchange Act mandates an annual evaluation of internal controls and procedures for financial reporting.
Question
All organizations are increasingly subject to a growing number of legal acts, regulations, and ethical expectations.
Question
Compliance with regulations involves huge costs for IT, but the costs are more than just monetary.
Question
In the past, most organizations designed their record-keeping systems as they wished with no real regard of regulatory issues.
Question
Surveys show that most firms have overestimated the costs of SOX compliance but the majority of those surveyed planned to increase their compliance budgets in the future.
Question
Since organizations are more dependent on automated information and processes, their IT infrastructures are also more vulnerable to security threats.
Question
Protection of systems and data is the biggest concern for IT but not necessarily other units of a business.
Question
Recent legislation makes CEOs and CFOs explicitly responsible for establishing, evaluating, and monitoring the effectiveness of internal controls over financial reporting and disclosure.
Question
As regulations become more numerous and complex, organizations are finding that only IT-based controls are effective in ensuring compliance.
Question
Compliance with the many new regulations imposed on organizations has led to significant IT costs.
Question
In practice, ________ refers to the structure, roles, procedures, and internal and external relationships that ensure that IT is well managed and can provide the necessary information to run the organization.

A) Business continuity planning
B) IT Governance
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Question
Which of the following IT elements addresses the work that is done to develop or acquire new applications?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) IT strategic planning, competitive advantage, increased costs.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Question
________ is the structure of relationships and processes that enable the enterprise to direct and control IT in order to achieve enterprise goals while balancing risk versus return.

A) Business continuity planning
B) IT Governance
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Question
________ is/are the front line of business support and often are the first to identify problems and risks with systems, operations, and information.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Question
________ oversees existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Question
IT management issues associated with SOX compliance include:

A) increased costs, operational challenges and new opportunities.
B) unforeseen benefits, new opportunities, and operational challenges.
C) competitive advantage, increased costs and new opportunities.
D) increased costs, operational challenges, new opportunities, and unforeseen benefits.
Question
U.S. companies have found that they spent more than ________ on IT investments to meet SOX requirements.

A) $1 billion
B) $2 billion
C) $3 billion
D) $5 billion
E) $5.5 billion
Question
The Sarbanes-Oxley Act strongly recommends that companies follow a framework for internal controls known as:

A) Committee of Sponsoring Organizations of the Treadway Commission
B) Control Objectives for Information and related Technology
C) Information Technology Control Guidelines
D) National Institute of Standards and Technology
Question
Industry-specific legislation issues that IT faces include:

A) software standards.
B) homeland security.
C) access to persons with disabilities.
D) Both B and C
E) Both A and B
Question
Transporting sensitive personal information across organizational and national boundaries could:

A) produce inaccurate or invalid information that could mislead auditors.
B) produce inaccurate or invalid information that could tax officials and inspectors.
C) create a sense if distrust among the public.
D) create a sense of distrust among investors.
E) All of the above
Question
Which of the following IT elements ensure that all work done in IT is properly completed, meets all control standards, and can be demonstrated to do so with reasonable assurance?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) Testing and validation, documentation management, and quality assurance.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Question
To reduce risk, organizations need a planned, integrated, and evolving set of practices for dealing with threat called ________.

A) Business continuity planning
B) Disaster recovery
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Question
Some of the benefits of a properly implemented internal control program include:

A) increased costs, operational challenges, new opportunities, and unforeseen benefits.
B) improved overall IT governance and enhanced understanding of IT by senior executives.
C) effective written documentation of controls and segregation of duties.
D) Both A and C.
E) All of the above.
Question
Two particularly challenging aspects of SOX and privacy legislation are:

A) the segregation of duties and technical documentation of controls.
B) the segregation of duties and restrictions on who has access to data.
C) the written documentation of controls and restrictions on who has access to data.
D) the written documentation of controls and segregation of duties.
E) the technical documentation of controls and who has access to the data.
Question
The single most challenging regulation that IT faces is:

A) capital management.
B) homeland security.
C) access to persons with disabilities.
D) the Sarbanes-Oxley Act.
E) the impact on the environment.
Question
SOX requires all of the following EXCEPT:

A) the CEO and CFO to personally certify internal financial controls.
B) internal auditors to personally certify internal financial controls.
C) external auditors to independently attest to the effectiveness of internal financial controls.
D) financial controls designed to achieve control objectives using established criteria.
E) financial control objectives and related controls are appropriately documented.
Question
Companies doing business with the European Union are not required to respect strict EU privacy standards since their systems operate in the United States.
Question
Which of the following IT elements addresses all data and information produced and/or stored by IT?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) IT strategic planning, competitive advantage, increased costs.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Question
Which of the following areas is one of the most important areas of control?

A) Testing and validation
B) Documentation management
C) Quality assurance
D) Information architecture and data administration
Question
________ is essential to ensure that all staff understand their responsibilities in complying with regulations.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Question
List and describe the (3) elements of daily IT operations that ensure ongoing operations. Indicate whether or not any of these areas are impacted by regulatory changes.
Question
List and describe the two areas of IT most impacted by SOX legislation.
Question
What is a framework? Name and describe the control framework used to comply with SOX requirements.
Question
Why are new and increasingly complex privacy controls and security legislation such a challenge for IT?
Question
List and describe (3) key IT elements affected by regulation. Which is the most critical? Why?
Question
What are the two most challenging aspects of SOX and privacy legislation compliance?
Question
Can morale issues develop among IT staff when IT must comply with SOX regulations? Why or why not?
Question
When properly implemented, what are some of the benefits of a strong internal control program to an organization?
Question
List and describe the basic requirements of the Sarbanes-Oxley Act.
Question
List and describe the (3) IT elements that run existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/50
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 5: IT in the New World of Corporate Governance Reforms
1
Only publicly traded companies in the United States are subject to rules of financial disclosure.
False
2
Surveys show that most firms have underestimated the costs of SOX compliance.
True
3
SOX requires external auditors to independently attest to the effectiveness of internal financial controls, negating the need for an annual evaluation of internal controls and procedures for financial reporting.
False
4
Prior to 2002, IT has been heavily affected by regulatory matters.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
5
Because of SOX's emphasis on control documentation, the technical skills required of IT staff are more important than written skills for complying with SOX requirements.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
6
Different regulations affect business units differently, but all regulations have an impact IT.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
7
The act designed to protect stockholders, employees, and consumers from inaccurate or misleading financial reports is called the:

A) 2001 Patriot Act
B) 1934 Securities and Exchange Act
C) 002 Sarbanes-Oxley Act
D) 2004 REVISED Securities and Exchange Act
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
8
Legislators and other regulatory bodies are not very aware of the impact electronic information and systems can have on organizations and the public.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
9
New standards for internal controls have significant implications on how IT is managed and IT costs and productivity.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
10
It is the job of a company's Internal auditors to determine if its controls are "reasonable."
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
11
The Security and Exchange Act mandates an annual evaluation of internal controls and procedures for financial reporting.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
12
All organizations are increasingly subject to a growing number of legal acts, regulations, and ethical expectations.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
13
Compliance with regulations involves huge costs for IT, but the costs are more than just monetary.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
14
In the past, most organizations designed their record-keeping systems as they wished with no real regard of regulatory issues.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
15
Surveys show that most firms have overestimated the costs of SOX compliance but the majority of those surveyed planned to increase their compliance budgets in the future.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
16
Since organizations are more dependent on automated information and processes, their IT infrastructures are also more vulnerable to security threats.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
17
Protection of systems and data is the biggest concern for IT but not necessarily other units of a business.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
18
Recent legislation makes CEOs and CFOs explicitly responsible for establishing, evaluating, and monitoring the effectiveness of internal controls over financial reporting and disclosure.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
19
As regulations become more numerous and complex, organizations are finding that only IT-based controls are effective in ensuring compliance.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
20
Compliance with the many new regulations imposed on organizations has led to significant IT costs.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
21
In practice, ________ refers to the structure, roles, procedures, and internal and external relationships that ensure that IT is well managed and can provide the necessary information to run the organization.

A) Business continuity planning
B) IT Governance
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
22
Which of the following IT elements addresses the work that is done to develop or acquire new applications?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) IT strategic planning, competitive advantage, increased costs.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
23
________ is the structure of relationships and processes that enable the enterprise to direct and control IT in order to achieve enterprise goals while balancing risk versus return.

A) Business continuity planning
B) IT Governance
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
24
________ is/are the front line of business support and often are the first to identify problems and risks with systems, operations, and information.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
25
________ oversees existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
26
IT management issues associated with SOX compliance include:

A) increased costs, operational challenges and new opportunities.
B) unforeseen benefits, new opportunities, and operational challenges.
C) competitive advantage, increased costs and new opportunities.
D) increased costs, operational challenges, new opportunities, and unforeseen benefits.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
27
U.S. companies have found that they spent more than ________ on IT investments to meet SOX requirements.

A) $1 billion
B) $2 billion
C) $3 billion
D) $5 billion
E) $5.5 billion
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
28
The Sarbanes-Oxley Act strongly recommends that companies follow a framework for internal controls known as:

A) Committee of Sponsoring Organizations of the Treadway Commission
B) Control Objectives for Information and related Technology
C) Information Technology Control Guidelines
D) National Institute of Standards and Technology
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
29
Industry-specific legislation issues that IT faces include:

A) software standards.
B) homeland security.
C) access to persons with disabilities.
D) Both B and C
E) Both A and B
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
30
Transporting sensitive personal information across organizational and national boundaries could:

A) produce inaccurate or invalid information that could mislead auditors.
B) produce inaccurate or invalid information that could tax officials and inspectors.
C) create a sense if distrust among the public.
D) create a sense of distrust among investors.
E) All of the above
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
31
Which of the following IT elements ensure that all work done in IT is properly completed, meets all control standards, and can be demonstrated to do so with reasonable assurance?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) Testing and validation, documentation management, and quality assurance.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
32
To reduce risk, organizations need a planned, integrated, and evolving set of practices for dealing with threat called ________.

A) Business continuity planning
B) Disaster recovery
C) Security architecture
D) Physical and virtual access
E) IT strategic planning
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
33
Some of the benefits of a properly implemented internal control program include:

A) increased costs, operational challenges, new opportunities, and unforeseen benefits.
B) improved overall IT governance and enhanced understanding of IT by senior executives.
C) effective written documentation of controls and segregation of duties.
D) Both A and C.
E) All of the above.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
34
Two particularly challenging aspects of SOX and privacy legislation are:

A) the segregation of duties and technical documentation of controls.
B) the segregation of duties and restrictions on who has access to data.
C) the written documentation of controls and restrictions on who has access to data.
D) the written documentation of controls and segregation of duties.
E) the technical documentation of controls and who has access to the data.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
35
The single most challenging regulation that IT faces is:

A) capital management.
B) homeland security.
C) access to persons with disabilities.
D) the Sarbanes-Oxley Act.
E) the impact on the environment.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
36
SOX requires all of the following EXCEPT:

A) the CEO and CFO to personally certify internal financial controls.
B) internal auditors to personally certify internal financial controls.
C) external auditors to independently attest to the effectiveness of internal financial controls.
D) financial controls designed to achieve control objectives using established criteria.
E) financial control objectives and related controls are appropriately documented.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
37
Companies doing business with the European Union are not required to respect strict EU privacy standards since their systems operate in the United States.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
38
Which of the following IT elements addresses all data and information produced and/or stored by IT?

A) IT strategic planning, risk assessment, project management.
B) Information architecture, access to data, data administration.
C) IT strategic planning, competitive advantage, increased costs.
D) Risk assessment, new opportunities, IT strategic planning.
E) Competitive advantage, risk assessment, project management.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
39
Which of the following areas is one of the most important areas of control?

A) Testing and validation
B) Documentation management
C) Quality assurance
D) Information architecture and data administration
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
40
________ is essential to ensure that all staff understand their responsibilities in complying with regulations.

A) Operations and infrastructure support
B) Help desks
C) IT governance
D) IT strategic plans
E) Training and awareness
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
41
List and describe the (3) elements of daily IT operations that ensure ongoing operations. Indicate whether or not any of these areas are impacted by regulatory changes.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
42
List and describe the two areas of IT most impacted by SOX legislation.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
43
What is a framework? Name and describe the control framework used to comply with SOX requirements.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
44
Why are new and increasingly complex privacy controls and security legislation such a challenge for IT?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
45
List and describe (3) key IT elements affected by regulation. Which is the most critical? Why?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
46
What are the two most challenging aspects of SOX and privacy legislation compliance?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
47
Can morale issues develop among IT staff when IT must comply with SOX regulations? Why or why not?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
48
When properly implemented, what are some of the benefits of a strong internal control program to an organization?
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
49
List and describe the basic requirements of the Sarbanes-Oxley Act.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
50
List and describe the (3) IT elements that run existing hardware, software, and networks and ensure ongoing operations, as well as those that make needed changes and deal with problems as they occur.
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 50 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree