Web Based Accounting System

1. Web Basic Accounting System
1.1. Web-Based Accounting
A web-based accounting package is a complete accounting system that resides on a web server. Anybody in the world can access that accounting system with a simple browser to set up and run their own company. Instead of paying large sums of money up front for hardware and software, the user pays a smaller monthly rental fee.
Web-based software packages are transforming business. Functions such as accounting, cash-flow management, customer relationship management (CRM), inventory control, and marketing can be performed electronically anytime and anywhere for a low monthly fee. For example, a small business can use ePeachtree, Intacct eledger, or QuickBooks Online to process transactions for as little as $14.99 per month. Intuit offers payroll services on the Web, and a small business can outsource its payroll function for as low as $129 per year. Not only can a business owner view and manage employee compensation via the Internet, but the outsourced services allow employees to access personal information, including earnings, income tax withholdings, retirement plans, and vacation days, without creating an added burden for the company.
In the past, small businesses could not compete head to head with big firms, but low-cost web-based software has leveled the playing field. For example, according to the Small Business Administration, 35% of small businesses with fewer than 10 employees gained 10% to 99% of sales directly or indirectly from their websites. BusinessWeek reported that Subaru of New England, Inc., used to track orders from dealers with pen, paper, and guesswork, and often sent its customers parts that they did not need. Using web-based software to track what dealers need, the company reduced sales returns from 80% to less than 1%.
Reliable and efficient access to information has become a must for business firms to stay competitive. To embrace web-based software and to stay competitive, small businesses must first set up a computer network. With networking technology, staff members or users at any location can share information simultaneously. The fast pace of information technology (IT) advances makes it difficult for accounting professionals to stay current. In “Keeping up with Information Technology” (The CPA Journal, July 2003), the authors reported that many accounting professionals did not perceive themselves as possessing high levels of knowledge about IT. Making matters worse, small businesses often need to deal with IT issues with limited or no staff.
1.2. The Benefits of Web-Based Accounting
1. You Only Need A Browser
To use web-based accounting solutions, you need only a browser on any computer and a connection to the Internet. This makes it very easy to deploy the system throughout your organization. Remote users can even access the system through computers located at the airport or in a cyber cafe. It is the ultimate thin client model and virtually no effort or expense need be incurred to deliver access to everyone in your organization.
2. Lower Up-Front Costs for Software
Customers avoid paying larger up front costs to purchase the software. Large fees for annual upgrades are avoided as well. Instead, the actual cost of the software is spread over time to achieve a better matching of expenditures to the benefits produced by those expenditures.
3. Lower Up-Front Costs for Hardware
Customers avoid paying larger up front costs to purchase and implement a file server and network software. On going costs to add RAM to the file server, replace the server’s hard drives, maintain the systems, etc. are also avoided.
4. Lower Administration Costs
Customers avoid the need to hire an expensive IT professional staff or consultants to maintain the system. Typically systems that run on the higher-end Microsoft SQL server and Oracle databases require an IT professional on staff or on call. Salaries for this caliber professional can range from $75,000 to $125,000 and up. With the web-based model, certified engineers are on staff night and day to maintain your system, and their cost is included in the monthly rental fee.


5. Shorter Implementation Time Frame
The implementation time frame is significantly reduced because the system is already up and running. The customer need only log in and begin entering data. The training requirement will remain the same whether the system is running locally or via the web.
6. Lower Costs for Multiple Locations
In the past, companies with multiple locations were forced purchase expensive solutions such as Citrix or Microsoft Terminal Services Advanced Client to accommodate remote access to the accounting software database. These remote access solutions alone cost $15,000 to $30,000 and higher, which prices these solutions out of reach for many small businesses. With the web-based accounting model, even the smallest of companies can achieve data entry into a single system from multiple locations at affordable prices.
7. Work From Home
This solution is also ideal for small business owners who occasionally want to work from home. Suppose a child is sick and cannot attend school on a given day. Web-based solutions make it easier for the parent to stay home with the sick child, and still access the web-based accounting system to process payments, print reports, input transactions, etc. As another example, a web-based accounting system might make it easier for a working parent to leave the workplace early, for example at 3:00pm, and continue working from home in order to miss the rush hour and to be there when the children gets home from school.
8. High-End Databases
These solutions run on the world’s most robust and secure databases – such as Oracle and Microsoft SQL server, yet these solutions cost as little as $9.95 per user per month. One of the common shortcomings of low-end accounting systems has been that they incorporate weaker database technology that does not scale nearly as well as higher-end databases. Today, all web-based accounting solutions use the same high-end database that power the largest companies in the world. In other words, small businesses need not worry about outgrowing the system’s capacity.
9. No More Backup Worries
With web-based accounting solutions, backups are maintained on a frequent basis which further protects small businesses in the unlikely event of data loss. Studies show that only a small percentage of small businesses perform regular back ups properly and store them off-site. With web-based accounting, the company can still maintain their own local back ups if they want, even though the web-based accounting publisher performs rigorous back up procedures religiously.
10. Up-to-date Application Code
Under this model, web-based accounting solutions apply enhancements and patches to their product on a continuous basis compared to the older method in which customers receive patches and enhancements once or twice a year. The result is that web-based solutions can be more responsive to the customer’s needs and the application itself always reflects the latest version. There is no more need to pay consultants hefty fees to come in and implement system upgrades. This occurs automatically on a timely basis and with no additional cost to you.
2.3 Some Examples of Web-based Accounting
1. Oracle Small Business Suite
2. QuickBooks for the Web
3. Epeachtree
4. Intacct
5. ACCPAC Online
6. MySAP
7. Integral Accounting
8. Peachtree Web Accounting (Combination local & web-based)
9. Microsoft Small Business Manager (Combination local & web-based)
2.4. Implementing Web-based Accounting Systems
The following are easy-to-follow procedures to implement a web-based accounting system that will leverage current IT tools to improve profitability and efficiency.
1. Set up a system network.
To connect local and remote computers for sharing information and resources, Ethernet networking is a good choice for small business local area networks (LAN) because it is inexpensive and reliable. Ethernet networking strikes a good balance between cost and speed, is built into most newer PCs, and can support nearly all popular network protocols. For older computers, installing a network interface card (NIC) is easy, and all major networking manufacturers (e.g., D-Link, Linksys, and Netgear) offer reliable and inexpensive NICs. Fast Ethernet is based on the same protocol as traditional Ethernet, and small businesses can realize significant network performance boosts affordably.
Ethernet networks have practical limits, however. A primary concern is the length of the shared cable. Data can travel on the cable quickly, but signals weaken as they travel. In addition, electrical interference from the surrounding devices may interfere with the signals. This issue places a limitation on the maximum distance between two devices on an Ethernet network. Although distance is seldom an issue for small business networks, if a company has several branch offices with some distance between them, one option is to set up a virtual private network (VPN). Furthermore, if the structure of the office makes it economically unfeasible to run Ethernet cables, a company may prefer to set up a wireless network. (See “Wireless Networks,” The CPA Journal, July 2003.)
Small businesses with 50 employees or less can use Microsoft Small Business Server or Windows XP Professional to function as either a dedicated or a nondedicated server. With Windows XP, the network administrator can manage the access to data, files, printers, and other resources on a small network. If the business lacks qualified IT staff or wants to set up more complicated networks, another option is to hire a consultant or value-added reseller (VAR) to do the wiring and system configuration. Linux is a growing alternative in the server software market. Linux’s low cost, reliability, and high performance make it a promising choice; however, setting up a Linux server may require someone with extensive networking and Linux-specific experience.
A small business must also have the bandwidth capacity that broadband Internet access provides in order to use web-based accounting packages effectively. The process of choosing the right ISP can be complicated, and a company must consider several factors, including price, performance, access numbers (for alternate dial-up service), and technical support/services.
2. Select and subscribe to software.
All four entry-level web-based accounting packages listed in the exhibit offer free trial periods of from 14 to 30 days. Small businesses should make sure that the provider offers all the required features before subscribing to the service.
A small business should select a web-based accounting package based on the company’s information needs and the features offered by the software. For example, QuickBooks Online cannot provide detailed inventory information and thus is not suitable for most retailers. Neither QuickBooks Online nor ePeachtree can handle product costing, but the user can accumulate service or manufacturing costs by project. The sidebar lists several important factors for a small business to consider when selecting web-based accounting software.
3. Customize the accounting system.
Web-based accounting packages are general-purpose software, and a company needs to use and customize only the features required for its business. Working from the predefined chart of accounts, forms, and reports, a small business can set up and customize its accounting system in hours.
4. Prepare system documentation.
Small businesses need to prepare system documentation so that new staff can learn how to use the system. System documentation should provide detailed procedures, including system activation and deactivation, chart of accounts, sales cycle, purchase cycle, employee and payroll cycle, cash receipts, cash disbursements, journal entries, inventory, financial reports and queries, and error corrections. The system designer should copy the predefined forms, screens, and reports and include them within the system documentation.
Good system documentation should be easy to read, make it easy for users to find specific information (i.e., include a table of contents, page numbers, and an index), and be well organized (i.e., by cycles or accounts). The procedures should be complete, in easy-to-follow steps (e.g., showing all relevant forms, screens, and reports). The overall presentation should be professional, and the system documentation should be kept in a safe place.
2.5. The Problems with Web-Based Accounting
There are several problems with web-based accounting as follows:
1. Speed
Dial up access to the internet is not enough. It takes cable, DSL, or business class high-speed internet access to make web-based accounting work at acceptable levels of performance. If you have dial-up access, don't even bother. On April 3, 2002, Mark Cho of Intuit reported to me that Intuit does not even target small businesses with dial up access - they actually tell them that QuickBooks for the Web is not for them. This is a valid concern which is very easily solved - order high speed internet access today. I am usually a very polite person, but when it comes to this particular issue, I have to say that only an idiot would use dial up access anyway.
2. Reliability
Web-based accounting relies 100% on the internet being up and running and available. I can assure you, the internet is not always up and running and available. Ask yourself, how many times has your internet access been down this year? If the internet is down - you are down, and most likely your business is down as well. Ouch! This is a valid concern and there really is no answer other than employing a local/web solution such as Peachtree Web Accounting or Microsoft SBM.
3. Viruses
Because of rampant viruses and media attention, many people fear that they might be at a higher risk to contract a virus if they run their accounting system on a web-based system. There is little basis for this. Yes, viruses are a serious threat. You should be running virus protection software and a firewall device anyway. Theoretically, you are at the same risk level of contracting a virus whether your accounting system is on line or stored locally. The threat of viruses is not a very valid concern in my opinion.
4. Security
Most companies are very concerned about sending their data over the internet. They fear that their data will either be viewed or compromised. The reality is that with 128 bit encryption, sending you data over the internet is probably far safer than whatever you are currently doing now. If you currently keep your data on a file server at the office, the thieves could steal the computer, fire could destroy the computer, unauthorized employees might access the system, janitors or security guards may access to your system at night, back up tapes could be left in non-secure environments, etc. While nothing in this world is 100% safe, security experts agree that web-based accounting results in a more secure solution than most traditional file server based systems. Security is not a very valid concern in my opinion.
5. Weak Reseller Incentives
Web-based accounting has a difficult obstacle to overcome in that the reseller is cut out of the profits when the end user pays a monthly fee directly to the vendor. The result is that the reseller has no incentive to promote the web-based solution, else they cut themselves out of the profit on the sale. To address this issue, many web-based accounting software vendors have created revenue sharing plans to allow the reseller to participate in the revenue. However, this is not enough. For example, when the customers pays $24,000 up front for the cost of the software, the reseller pockets a healthy chunk of that - usually 50%. However, if that same customer pays just $650 a month, it will take a very long time for the reseller to accumulate $12,000 profit on that sale - maybe 3 to 5 years or longer. Most resellers are not in a strong enough financial position to wait that long for their profit.
2.6. Carlton Predicts the Future of Web-based Accounting
The web-based accounting model opens the doors to virtually anybody to jump into the accounting software market. Previously, a company needed not only a product, but also an extensive distribution channel to promote, sell, and support the product. With the web-based model, any company can throw a web-based application on a web server and theoretically reach millions of businesses. Accordingly, I speculate that some non-traditional companies may jump into the web-based accounting game. In the future, you may see free or nearly free web-based solutions offered by companies such as American Express, Time Warner/AOL, Yahoo!, and maybe even UPS. This is a clever marketing gimmick that would allow these companies to get their hooks into small businesses. Than about it.
When NetLedger first came out, I theorized that they had started something that could not be stopped. I expected these new web-based solutions to dramatically change the face of accounting software in the years to come, opening the floodgates to a wide range of changes. For starters, I thought that the new web-based accounting model would ultimately allow higher-end products to effectively target small businesses. For example, ACCPAC on-line is a higher-end product that is readily available to anyone via the Internet. Now that this solutions is in place, the incremental cost of allowing additional small businesses web access to these solutions is very small. For example, a single user could subscribe to 8 ACCPAC Online modules for the monthly rate of just $500, compared to a purchase price of $24,000.
I speculate that in the future, fees for renting web-based accounting systems will be based on the size of the data or on transaction volume a proven pricing model which is currently employed by companies such as Earthlink who offer web site hosting.
I also speculate that in the future, industry-specific versions of the various web-based accounting solutions will emerge. For example, Peachtree may create different versions of their products designed to meet the specific needs of churches, hotels, restaurants, insurance agencies, property management organizations, etc. By deploying these different versions on separate web sites, users need only access the version that most closely meets their needs. The accounting software industry has long desired to create industry specific versions of their products, however the logistical problems related to packaging and maintaining multiple versions of a given product have prevented companies from moving forward with this idea. Because a web-based solution avoids packaging problems completely and makes centralized management of the software code relatively easy, industry specific flavors of various products may finally become a reality.
Another change that we are likely to see in web-based accounting systems is the introduction of embedded hotlinks and banner advertisements. I am not suggesting that this change will be a good one as we are already inundated with advertising everywhere we look. However these changes could produce powerful benefits if implemented correctly. For example, assume you are using a web-based accounting system and the built-in analysis tool observes that your insurance expense is rather high for a company of your size and industry. A pop-up alert box could warn you of the problem and offer a link to the vendor’s web site which instantly quotes you lower insurance rates for the same coverage you are currently receiving. A similar alert may monitor your interest rates and offer refinancing alternatives to you. Other alerts may instantly hotlink you to an employee leasing options, co-marketing opportunities, or sources for discounted supplies. We’ve seen consumers offered free computers, which constantly run advertising banners across the screen, therefore it is not difficult to foresee that ultimately there will be many web-based accounting systems offered for free in exchange for tolerating built-in advertising banners.
Web-based accounting systems may eventually impact the accounting software consultant and reseller community as well because this model circumvents the traditional reseller channel to offer product directly to the consumer. Many vendors are concerned and are taking steps to preserve reseller profits. For example, when Great Plains first launched its’ hosting solution in 1997, resellers were largely left out of the resulting revenue stream and as a result, resellers had no incentive to promote the web-based solution. Great Plains later re-designed the pricing model to allow resellers to share a portion of the monthly rental fee. Still, the implementation and training aspects of an installation engagement has always generated the lion’s share of the reseller’s fees. Web-based systems do not appear to pose much of a threat to this source of revenue.

Ebook

Buku- buku akuntansi ebook :

1. Intermediate Accounting, 12th edition, Kieso, Weygandt, Warfield ( ebook )

2. Ebook Pengantar Akuntansi - Suwardjono

3. Panduan membuat aplikasi akuntansi.

4. Akuntansi Manajemen.

5. Ebook Akuntansi Laporan Keuangan Perusahaan

6. Teori Akuntansi

Contoh Soal Ujian CISA

1. http://mukhsonrofi.wordpress.com/2009/02/04/contoh-soal-ujian-cisa-1/
2. http://amin-kanda.blogspot.com/2009/02/contoh-soal-ujian-cisa-area-1-audit.html
3. http://amin-kanda.blogspot.com/search/label/CISA

Sertifikasi Internasional di Bidang Akuntansi

Sertifikasi-sertifikasi di bidang akuntansi ditujukan untuk mendalami bidang-bidang keahlian khususnya dibidang akuntansi. Hal ini menunjukkan bahwa dengan adanya sertifikasi menandakan bahwa kompetensi dan profesionalisme di bidang akuntansi dengan pengalaman pendidikan dan informasi, dan alat bisnis dapat diterapkan secara langsung di lingkungan organisasi dan bisnis.
Contoh sertifikasi Internasional di bidang akuntansi : CISA (Certified Information System Auditor) yang disponsori oleh Sistem Informasi Audit dan Control Assotion (ISACA), The NACPB Pembukuan Program Sertifikasi dikembangkan oleh Akuntan Publik Bersertifikat (BPA), CIA (Certified Internal Auditor).
Sistem Informasi Certified Auditor (CISA)

Sistem Informasi Certified Auditor (CISA) adalah sertifikasi profesional untuk audit teknologi informasi profesional disponsori oleh Sistem Informasi Audit dan Control Assotion (ISACA). Calon sertifikasi harus memenuhi persyaratan yang ditetapkan oleh ISACA.

Sertifikasi CISA didirikan pada tahun 1978 karena beberapa alasan:
1.Mengembangkan dan memelihara alat yang dapat digunakan untuk mengevaluasi kompetensi seorang individu dalam melaksanakan audit sistem informasi.
2.Menyediakan alat motivasi untuk auditor sistem informasi untuk mempertahankan kemampuan
3.mereka, dan memantau keberhasilan program-program perawatan.
4.Menyediakan kriteria untuk membantu manajemen bantuan dalam seleksi dan pengembangan personil.

Sertifikasi CISA telah diakui dengan akreditasi ANSI . Ini adalah salah satu dari beberapa sertifikasi secara resmi disetujui oleh Departemen Pertahanan Amerika Serikat dalam kategori mereka Teknis Jaminan Informasi .Calon sertifikasi CISA yang harus lulus ujian, setuju untuk mematuhi ISACA Kode Etik Profesional, menyerahkan bukti minimal lima tahun profesional IS audit, kontrol, atau pekerjaan keamanan, dan mematuhi program pendidikan profesional berkelanjutan.
Substitusi dan keringanan pengalaman tersebut dapat diperoleh sebagai berikut:
Maksimal satu tahun pengalaman informasi sistem, atau satu tahun pengalaman audit keuangan atau operasional dapat diganti untuk satu tahun audit sistem informasi, kontrol, atau pengalaman keamanan. 60-120 selesai kuliah jam kredit semester (setara dengan Asosiasi atau gelar Bachelor) dapat diganti untuk satu atau dua tahun, masing-masing, audit sistem informasi, kontrol atau pengalaman keamanan.
Dua tahun sebagai dosen penuh waktu di bidang terkait (misalnya, ilmu komputer, akuntansi, audit sistem informasi) dapat diganti untuk satu tahun audit sistem informasi, kontrol atau pengalaman keamanan.

Pertanyaan dan Penilaian

Ujian ini terdiri dari 200 pertanyaan multiple-choice yang harus dijawab dalam waktu 4 jam. Calon skor dilaporkan sebagai skala mencetak gol. Ujian CISA berisi beberapa pertanyaan yang termasuk untuk tujuan penelitian dan analisis saja. Pertanyaan-pertanyaan ini tidak diidentifikasi secara terpisah dan tidak digunakan untuk menghitung skor akhir Anda.
Skor bersisik adalah konversi skor mentah kandidat di ujian untuk skala umum. ISACA menggunakan dan laporan nilai dalam skala umum 200-800. Misalnya, nilai skala 800 merupakan skor sempurna dengan semua pertanyaan dijawab dengan benar; skala skor 200 adalah nilai terendah mungkin dan menandakan bahwa hanya sejumlah kecil pertanyaan yang dijawab dengan benar , calon harus menerima skor 450 atau lebih tinggi untuk lulus ujian. Skor 450 merupakan standar minimum yang konsisten pengetahuan yang ditetapkan oleh ISACA's CISA Komite Sertifikasi.

Bobot Materi Soal

Pada tahun 2006, ada 6 materi yang akan diujikan:
- Proses IS Audit - 10% dari Ujian
- IT Governance - 15% dari Ujian
- Sistem dan Manajemen Prasarana Siklus Hidup - 16% dari Ujian
- IT Service Delivery dan Support - 14% dari ujian
- Perlindungan Aset Informasi - 31% dari Ujian
- Exam Business Continuity dan Disaster Recovery - 14% dari Ujian

Persyaratan Ujian CISA

Memiliki 3 tahun keamanan TI percobaan terkait bersama dengan gelar sarjana memenuhi syarat untuk ikut ujian.
Anda tidak memiliki persyaratan gelar sarjana, maka Anda harus memiliki 5-tahun keamanan TI atau pengalaman yang relevan.
Pengalaman Anda tidak selalu berasal dari keamanan TI, tetapi harus terkait dengan bidang TI, untuk mendapatkan akreditasi CISA bersertifikat.


Contoh Soal Ujian CISA

1. An IS auditor is reviewing access to an application to determine whether the 10 most recent “new user” forms were correctly authorized. This is an example of?
A.Variable sampling.
B.Substanti vetesting.
C.Complian cetesting.
D.Stop-or-gosampling.

2. The decisions and actions of an IS auditor are MOST likely to affect which of the following risks?
A. Inherent
B. Detection
C. Control
D. Business

3. Overall business risk for a particular threat can be expressed as:
A. A product of the probability and magnitude of the impact if a threat successfull exploits a vulnerability.
B. The magnitude of the impact should a threat source successfully exploit the vulnerability.
C. The likelihood of a given threat source exploiting a given vulnerability.
D. The collective judgment of the risk assessment team.

4. Which of the following is a substantive test?
A. Checking a list of exception reports
B. Ensuring approval for parameter changes
C. Using a statistical sample to inventory the tape library
D. Reviewing password history reports

5. Which of the following is a benefit of a risk-based approach to audit planning? Audit:
A. Scheduling may be performed months in advance.
B. Budgets are more likely to be met by the IS audit staff.
C. Staff will be exposed to a variety of technologies.
D. Resources are allocated to the areas of highest concern.

6. The extent to which data will be collected during an IS audit should be determined based on the:
A. Availability of critical and required information.
B. Auditor’s familiarity with the circumstances.
C. Auditee’s ability to find relevant evidence.
D. Purpose and scope of the audit being done.

7. Which of the following ensures a sender’s authenticity and an e-mail’s confidentiality?
A. Encrypting the hash of the message with the sender’s private key and thereafter encrypting the hash of the message with the receiver’s public key
B. The sender digitally signing the message and thereafter encrypting the hash of the message with the sender’s private key
C. Encrypting the hash of the message with the sender’s private key and thereafter encrypting the message with the receiver’s public key
D. Encrypting the message with the sender’s private key and encrypting the message hash with the receiver’s public key

8. Which of the following is the GREATEST advantage of elliptic curve encryption over RSA encryption?
A. Computation speed
B. Ability to support digital signatures
C. Simpler key distribution
D. Greater strength for a given key length

9. Which of the following controls would provide the GREATEST assurance of database integrity?
A. Audit log procedures
B. Table link/reference checks
C. Query/table access time checks
D. Rollback and rollforward database features

10. A benefit of open system architecture is that it:
A. Facilitates interoperability.
B. facilitates the integration of proprietary components.
C. will be a basis for volume discounts from equipment vendors.
D. allows for the achievement of more economies of scale for equipment.

11. An IS auditor is assigned to perform a post-implementation review of an application system. Which of the following situations may have impaired the independence of the IS auditor? The IS auditor:

A. Implemented a specific control during the development of the application system.
B. Designed an embedded audit module exclusively for auditing the application system.
C. Participated as a member of the application system project team, but did not have operational responsibilities.
D. Provided consulting advice concerning application system best practices.

12. A PRIMARY benefit derived from an organization employing control self-assessment (CSA) techniques is that it:
A. Can identify high-risk areas that might need a detailed review later.
B. Allows IS auditors to independently assess risk.
C. Can be used as a replacement for traditional audits.
D. Allows management to relinquish responsibility for control.

13. With regard to the evidence gathered during a computer forensic investigation, an IS auditor should be MOST concerned with:
A. Analysis.
B. Evaluation.
C. Preservation.
D. Disclosure.

14. Which of the following BEST describes the early stages of an IS audit?
A. Observing key organizational facilities
B. Assessing the IS environment
C. Understanding the business process and environment applicable to the review
D. Reviewing prior IS audit reports

15. During the course of an audit, an IS auditor observes that duties are not properly segregated. Under such a circumstance, the IS auditor should look for:
A. Overlapping controls.
B. Preventive controls.
C. Compensating controls.
D. Logical access controls.

16. Before implementing an IT balanced scorecard, an organization must:
A. Deliver effective and efficient services.
B. Define key performance indicators.
C. Provide business value to IT projects.
D. Control IT expenses.

17. To assist an organization in planning for IT investments, the IS auditor should recommend the use of:
A. Project management tools.
B. An object oriented architecture.
C. Tactical planning.
D. Enterprise architecture.

18. An IS auditor should expect which of the following items to be included in the request for proposal (RFP) when IS is procuring services from an independent service provider (ISP)?

A. References from other customers
B. Service level agreement (SLA) template
C. Maintenance agreement
D. Conversion plan

19. IT governance ensures that an organization aligns its IT strategy with:
A. Enterprise objectives.
B. IT objectives.
C. Audit objectives.
D. Control objectives.

20. An IS auditor should ensure that IT governance performance measures:
A. evaluate the activities of IT oversight committees.
B. provide strategic IT drivers.
C. adhere to regulatory reporting standards and definitions.
D. evaluate the IT department.

21. Which of the following would be included in an IS strategic plan?
A. Specifications for planned hardware purchases
B. Analysis of future business objectives
C. Target dates for development projects
D. Annual budgetary targets for the IS department

22. When reviewing a system development project at the project initiation stage, an IS auditor finds that the project team is following the organization’s quality manual. To meet critical deadlines the project team proposes to fast track the validation and verification processes, commencing some elements before the previous deliverable is complete. Under these circumstances, the IS auditor should:
A.Report this as a critical finding to senior management.
B. Accept that different quality processes can be adopted for each project.
C. Report to IS management the team’s failure to follow quality procedures.
D. Report the risks associated with fast tracking to the project steering committee.

23. Which of the following risks could result from inadequate software baselining?
A. Scope creep
B. Sign-off delays
C. Software integrity violations
D. Inadequate controls

24. Which of the following is critical to the selection and acquisition of the correct operating system software?
A. Competitive bids
B. User department approval
C. Hardware configuration analysis
D. Purchasing department approval

Sumber soal :
1. http://amin-kanda.blogspot.com/2009/02/contoh-soal-ujian-cisa-area-1-audit.html
2. http://mukhsonrofi.wordpress.com/2009/02/04/contoh-soal-ujian-cisa-1/
3. http://amin-kanda.blogspot.com/search/label/CISA

Bergaji Besar dengan Sertifikasi Profesional CISA

Bagi pemegang sertifikat CISA pendapatan yang diterima sampai $98.740 / tahun. Pendapatan ini merupakan hasil survey gaji professional IT tahun 2007 yang dilakukan oleh Certifikation Magazine (CertMag). Survey ini melibatkan 35 ribu professional IT di 195 negara yang bekerja sama dengan Litchfield Research. Menariknya, dalam website CertMag juga bisa dilihat berapa rata2 salary IT profesional pemegang sertifikasi tertentu. Contohnya di Indonesia, pemegang CISA dengan pengalaman 1-4 tahun gaji rata2 per-tahunnya $13.395 (sekitar 120 juta lebih dengan kurs 9 ribu). Kalo pengalamannya 5-7 tahun, gajinya setaun $17.559.
( http://mukhsonrofi.wordpress.com/2008/10/16/bergaji-besar-dengan-sertifikasi-profesional-it/ )





Certified Internal Auditor (CIA)

Satu-satunya organisasi profesi yang menghimpun para auditor internal se dunia adalah The Institute of Internal Auditor (IIA). Masing-masing Negara memiliki perwakilan IIA yang beranggotakan pemegang gelar Certified Internal Auditor (CIA), CIA adalah sertifikasi secara global untuk auditor internal dan masih standar dengan individu-individu yang menunjukkan kompetensi dan profesionalisme di bidang audit internal. CIA ujian tersedia melalui pengujian berbasis komputer melalui online The IIA (The Institute of Internal Auditors). Indonesia juga memiliki yaitu IIA Indonesia Chapter. Setiap tahun IIA mengadakan konferensi internasional yang dihadiri oleh para auditor internal se dunia. Pada tanggal 8-11 Juli 2007, telah diselenggarakan konferensi internasional (International Conference) para auditor internal di Amsterdam, Belanda.
Certified Internal Auditor (CIA) merupakan satu-satunya sertifikasi bidang audit internal yang diakui secara internasional. Gelar CIA saat ini dijadikan sebagai salah satu pengakuan atas integritas, profesionalisme dan kompetensi pemegangnya di bidang audit internal. Pemegang sertifikat CIA akan mendapat pengakuan yang tinggi karena program CIA terkenal memiliki standar pengetahuan, integritas dan profesionalisme yang tinggi pula. Sertifikasi yang dikeluarkan oleh The Institute of Internal Auditors (The IIA) ini diberikan kepada kandidat yang telah lulus dalam 4 (empat) bagian (part) ujian, sbb :
NEW CIA EXAM (Effective as of May 2004)

PART I

The Internal Audit Activity’s Role in Governance, Risk and Control.
A. Comply with the IIA’s Atribute Standard (15 – 25 %). 125 multiple choice questions.
B. Establish a Risk-based Plan to Determine the Priorities of the Internal Audit Activity (15 – 25 %).
C. Understand the Internal Audit Activity’s Role in Organizational Governance (10-20%).
D. Perform Other Internal Audit Roles andResponsibilities (0-10%).
E. Governance, Risk and Control Knowledge Elements (15-25%).
F. Plan Engagements (15-25%)

PART II

Conducting the Internal Audit Engagement
A. Conduct Engagement (25-35%). 125 multiple choice questions.
B. Conduct Spesific Engagement (25-35%).
C. Monitor Engagement Outcome (5-15%).
D. Fraud Knowledge Elements (5-15%).
E. Engagement Tools (15-25%).

PART III

Business Analysis & Information Technology
A. Business Processes (15-25%). 125 multiple choice questions.
B. Financial Accounting & Finance (15-25%).
C. Managerial Accounting (10-20%).
D. Regulatory, Legal & Economics (5-15%).
E. Information Technology – IT (30-40%).

PART IV

Business Management Skills
A. Strategic Management (20-30%). 125 multiple choice questions.
B. Global Business Environtments (15-25%).
C. Organization Behavior (20-30%).
D. Management Skills (20-30%).
E. Negotiating (5-15%).