Auditing and Assurance Services (16th Edition)
16th Edition
ISBN: 9780134065823
Author: Alvin A. Arens, Randal J. Elder, Mark S. Beasley, Chris E. Hogan
Publisher: PEARSON
expand_more
expand_more
format_list_bulleted
Question
Chapter 11, Problem 19RQ
To determine
State three risks associated with online sales system, also list internal control that could used to reduce the risks.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
Identify at least three risks that auditors need to consider for companies that process web-based sales transactions, including credit card payments.
Which preventive, detective, and/or corrective controls would best mitigate the following threat, and why?
(f) A company purchased the leading “off-the-shelf” e-commerce software for linking its electronic storefront to its inventory database. A customer discovered a way to directly access the database by entering appropriate SQL code.
Using the following table as a guide, describe for each function (see Figure 11.1):
A risk (an event or action that will cause the organization to fail to meet its goals/objectives).
A control/process or use of technology that will address the risk.
Function
Risks
Controls and Technology
Marketing
Finance
Billing
AR (debit)
Sales (credit)
Collections
Cash (debit)
AR (credit)
Chapter 11 Solutions
Auditing and Assurance Services (16th Edition)
Ch. 11 - Prob. 1RQCh. 11 - Prob. 2RQCh. 11 - Prob. 3RQCh. 11 - Prob. 4RQCh. 11 - Prob. 5RQCh. 11 - Prob. 6RQCh. 11 - Prob. 7RQCh. 11 - Prob. 8RQCh. 11 - Prob. 9RQCh. 11 - Prob. 10RQ
Ch. 11 - Prob. 11RQCh. 11 - Prob. 12RQCh. 11 - Prob. 13RQCh. 11 - Prob. 14RQCh. 11 - Prob. 15RQCh. 11 - Prob. 16RQCh. 11 - Prob. 17RQCh. 11 - Prob. 18RQCh. 11 - Prob. 19RQCh. 11 - Prob. 20.1MCQCh. 11 - Actions, policies, and procedures that reflect the...Ch. 11 - Prob. 20.3MCQCh. 11 - Prob. 21.1MCQCh. 11 - Prob. 21.2MCQCh. 11 - Prob. 21.3MCQCh. 11 - Which of the following correctly describes an...Ch. 11 - Prob. 22.2MCQCh. 11 - Prob. 22.3MCQCh. 11 - Following are descriptions of ten internal...Ch. 11 - Prob. 24DQPCh. 11 - The following are misstatements that have occurred...Ch. 11 - Prob. 26DQPCh. 11 - Prob. 27DQPCh. 11 - Prob. 28DQPCh. 11 - Prob. 29DQPCh. 11 - Prob. 30DQPCh. 11 - Prob. 32C
Knowledge Booster
Similar questions
- An internal auditor is examining the effectiveness of procedures management established to protect customer data from cyberattacks and whether those procedures are cost effective. This is an example of an operational audit. Question options: True Falsearrow_forwardWhich of the following is an example of an input control? a.making sure report that are distributed to the proper people b.monitoring the work of data entry clerks. c. Collecting accurate statistics of historical transactions while gathering data. d. Performing a check-digit test on a customer acount number e.Having anothr person review the design of a business formarrow_forwardAn auditor would be most likely to assess control risk at the maximum level in an electronic environment with automated system-generated information when:Select one: a. Fixed asset transactions are few in number, but large in dollar amount. b. Payables are based on many transactions and large in dollar amount. c. Accounts receivable records are based on many transactions and are large in dollar amount. d. Sales orders are initiated using predetermined, automated decision rules.arrow_forward
- The computer processing portion of a sales order system is represented by the flowchart. Answer the following questions.a. What type of data processing system is this? Explain, and be specific.b. The auditor suggests that this system can be greatly simplified by changing to direct access files. Explain the major operational changes that would occur in the system if this were done.c. The auditor warns of control implications from this change that must be considered. Explain the nature of the control implications.d. Sketch a flowchart (the computerized portion only) of the proposed new system. Use correct symbols and label the diagram.arrow_forwardUnderstanding what constitutes fraud and understanding the framework are a part of developing an internal control program. The fraud triangle is a framework that is used to understand and explain what the motivation could be when a person decides to commit fraud. Thinking about the fraud cases that you are aware of, how would the fraud triangle explain fraudulent behavior?arrow_forwardInternal controls are critical for any organization's risk of fraudulent activity. Additionally, new technology assists accountants in minimizing fraud. Demonstrate how an advanced technology transaction processing system may help any organization minimize fraudulent activity.arrow_forward
- uppose your company has an e-commerce Website for selling different types of goods and services. Discuss the followings:i)Ethical concerns associated with storing and analyzing user data?ii) How would you use intrusion detection system to control security threats that face this website?arrow_forward1. Explain how client internal controls can be improved through the proper installation of IT. 2. Distinguish between random error resulting from manual processing and systematic error resulting from IT processing and give an example of each category of error. 3. Explain what is meant by auditing around the computer, and describe what must be present for this approach to be effective in the audit of a client that uses IT to process accounting information. 4. An audit client is in the process of creating an online Web-based sales ordering system for customers to purchase products using personal credit cards for payment. Identify three risks related to an online sales system that management should consider. For each risk, identify an internal control that could be implemented to reduce that risk. 00000000000arrow_forwardWhich preventive, detective, and/or corrective controls would best mitigate the following threat, and why? (e)A company’s programming staff wrote custom code for the shopping cart feature on its website. The code contained a vulnerability that could be exploited when the customer typed in the ship-to address.arrow_forward
- .Internal Controls and RiskReview the following description of the purchasing and AP procedures for a company and answer the questions at the end.The purchasing agent receives an inventory status report on his computer terminal from the inventory control application, which identifies the items that need to be reordered. The agent selects the suppliers and enters this information into the computer terminal to create a digital purchase order. He then prints and sends a copy of the PO to the supplier.When the goods are received directly into the warehouse, the warehouse manager counts and inspects them. The manager then creates a digital receiving report and updates the inventory subsidiary ledger from the warehouse terminal.A few days later, the supplier sends an invoice to the AP clerk who reconciles it with the digital copy of the receiving report. From her computer terminal, the clerk records the purchase in the purchases journal and records the liability by adding a record to the AP…arrow_forwardMany large companies use an electronic data interchange (EDI) to communicate with key customers and suppliers. Explain the benefits and risks involved when companies use EDI. Explain one way that the use of EDI affects internal controls and the auditor's testing.arrow_forwardDiscuss some of the security issues related to e-business and recommend control activities. Why should the product and financial stability of the companies that are on your short list pf AIS be investigated?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Auditing: A Risk Based-Approach (MindTap Course L...AccountingISBN:9781337619455Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:Cengage LearningAccounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,Pkg Acc Infor Systems MS VISIO CDFinanceISBN:9781133935940Author:Ulric J. GelinasPublisher:CENGAGE L
- Auditing: A Risk Based-Approach to Conducting a Q...AccountingISBN:9781305080577Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:South-Western College Pub
Auditing: A Risk Based-Approach (MindTap Course L...
Accounting
ISBN:9781337619455
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:Cengage Learning
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,
Pkg Acc Infor Systems MS VISIO CD
Finance
ISBN:9781133935940
Author:Ulric J. Gelinas
Publisher:CENGAGE L
Auditing: A Risk Based-Approach to Conducting a Q...
Accounting
ISBN:9781305080577
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:South-Western College Pub