Overview of AIS
A system that performs data collection, transformation, and reporting.
What is an information system?
The comprehensive process of identifying, categorizing, prioritizing, and responding to a company's risks.
What is Enterprise Risk Management?
A term that describes the attitude of management toward integrity and ethical behavior.
What is the control environment?
A request to obtain goods from an authorized source created by the inventory control department.
What is a purchase requisition?
A source document that is used to bill a B2B customer who purchases on a line of credit.
What is a sales invoice?
It performs the same functions as an information system, but is specific to accounting and financial data.
What is an AIS?
A type of risk matrix that uses different colors to represent values of data in a map or diagram format
What is a heat map?
The scenario where two or more employees work together to evade an internal control.
What is collusion?
An accounting journal that contains a record of a company's payments in chronological order.
What is a cash disbursements journal?
What is a shipping notice?
A group of related business events designed to accomplish strategic objectives.
What is a business process?
A matrix that includes both likelihood and impact of various risks.
What is a risk matrix?
A controls-based approach to risk management that is widely accepted as the authoritative guidance on internal controls and SOX compliance.
What is the COSO Integrated Control - Integrated Framework?
A document used to request a supplier to sell and deliver the products in the quantities and for the prices specified.
What is a purchase order?
A document sent by the buyer along with payment that indicates which invoices are being paid.
What is a remittance advice?
A process of using technology to transform raw data into useful information.
What is data analytics?
A statement that identifies an issue and a possible outcome.
What is a risk statement?
Data analytics technology that creates detective controls that automatically identify red flags for risks.
What is continuous monitoring?
A document that shows descriptions and quantities of goods received from vendors.
What is a receiving report?
A recommended practice that allocates responsibilities for receiving payments, depositing payments, and recording payments to different personnel.
What is separation of duties?
Quantifiable metrics used to measure and evaluate the success of an organization based on its objectives.
What are key performance indicators (KPIs)?
The remaining risk posed by a process or activity once a plan to respond to the risk is in place.
What is residual risk?
An example of this type of control would be a firewall that prevents unauthorized access to the organization's computer network.
What is a preventative control?
A type of fraud in which employees intentionally separate a single purchase into two or more purchase orders to stay within a single authorization limit.
What is a split purchase order?
A type of fraud that occurs when revenues and profits are intentionally inflated by recognizing revenue from unnecessary sales in the current period.
What is channel stuffing?