CPAUS-ISC · ISC: Information Systems and Controls·UnitCPAUS-ISC · Unit 01Access: Premium
Unit 1: Information Systems and Data Management
Prepare for Unit 1: Information Systems and Data Management with practice questions covering 8 topics. Part of ISC: Information Systems and Controls — build your knowledge and track your progress with GoCPAus.
What’s in it.
8 topics- Topic 01
IT Governance and Strategy
15 questions - Topic 02
Enterprise Resource Planning (ERP) Systems
15 questions - Topic 03
Database Management
15 questions - Topic 04
Data Analytics and Business Intelligence
15 questions - Topic 05
Emerging Technologies
15 questions - Topic 06
Systems Development Life Cycle (SDLC)
15 questions - Topic 07
Change Management Controls
15 questions - Topic 08
IT Operations
15 questions
Sample questions
3 of manyA few questions from this unit, with the answer and a full explanation. The complete bank is available when you start practising.
Which ERP module records all financial transactions and maintains the chart of accounts?
- The Financial Reporting module
- The Treasury module
- The General Ledger (GL) moduleCorrect answer
- The Accounts Payable (AP) module
ExplanationThe General Ledger module is the central financial record-keeping component of an ERP system. It records all financial transactions and maintains the chart of accounts, which is the framework for classifying all financial activity. Other modules (AP, AR, procurement, payroll, etc.) post transactions to the general ledger, which serves as the ultimate source for financial statement preparation. Understanding which module sources which financial data is important for identifying where control risks arise.
In an ERP environment, what does 'role-based access control' mean, and why is it important for segregation of duties?
- Access is granted temporarily for the duration of each transaction and revoked automatically when the transaction is complete
- All users receive the same role but different access levels based on their job grade, ensuring consistent controls across the organisation
- Users are assigned roles that bundle specific transaction types and data; role design determines whether incompatible functions are combined, so properly engineered roles enforce SoD automaticallyCorrect answer
- The ERP system monitors user behaviour and dynamically adjusts roles based on risk scores assigned to each user
ExplanationIn an ERP system, access is managed through roles: a role is a bundle of transaction types (in SAP, these are transaction codes) that a user can execute. SoD in an ERP depends entirely on role design — if incompatible functions (e.g., create vendor + approve payment) are bundled in the same role or assigned to the same user through multiple roles, the system will allow the conflicting activities without objection. The ERP enforces whatever access has been configured; it does not detect SoD conflicts unless specialised GRC tools are used.
The ETL process has three stages. In which stage do data quality activities such as cleansing, standardisation, and deduplication occur?
- The Transform stageCorrect answer
- The Staging stage, when data is temporarily held before processing
- The Validate stage, which occurs after loading to verify data quality
- The Reconcile stage, which compares source and target record counts
ExplanationThe Transform stage is where data quality activities occur. Raw data extracted from source systems is cleaned, standardised, deduplicated, enriched, and validated during transformation. The Extract stage simply retrieves raw data from source systems in their native format. The Load stage moves transformed data into the warehouse. Data quality work cannot be deferred to the Load stage because poor-quality data loaded into the warehouse corrupts the analytical environment.