Video: Risk Associated with IT - Practice Questions

In this lesson, Nick Palazzolo, CPA, takes a deep dive into the realm of IT-related risks and controls, unraveling the mysteries behind preventative, detective, and corrective measures. He walks through a series of practice questions, showing how to identify different types of IT controls, such as firewalls and password changes, and their roles in securing systems. Nick also dissects the intricacies of various information systems, clarifying how each supports business operations and decision-making processes. He emphasizes the importance of enterprise resource planning systems for fostering collaboration and streamlining processes within an organization. Lastly, Nick explores the classifications of security controls, shedding light on how physical items like smoke detectors and ID badges contribute to a firm’s security, and defines the interactive nature of decision support systems. Join Nick in strengthening your grasp on IT controls and preparing for questions you may encounter on this topic.

"Examprep.ai helped me pass all 4 CPA exams on the first try. I highly recommend. I especially like the feedback and ratings the software provides so I know where to focus my time."

Daniel H., CPA

"I can't recommend ExamPrep.ai enough. Nick's lessons turned concepts I struggled with into strengths. I was able to pass FAR right before other exams expired!"

Andrew K, CPA

"I just want to say thank you for the great lesson videos. I couldn't stay awake through lectures of another course. After watching all your FAR lessons I was finally able to pass!"

Alyssa M., CPA Candidate

Video Transcript

Instructor: Nick Palazzolo

Nick Palazzolo is head instructor of ExamPrep.ai CPA Review. Nick's teaching style is engaging & upbeat, combining practical Big 4 tax & assurance expertise with years of 1-on-1 coaching. His lessons are concise and emphasize what you need to know to pass. Whether you're a recent grad or working full-time, we’re confident you can conquer your CPA exams with Nick’s review.

Cite this lesson

Link to this page

[[ citeExample ]]

Copy to clipboard

Copy URL to clipboard

Copy HTML to clipboard

Let's run through some questions on risks associated with IT. IT related controls can be preventative, detective, or corrective. We've seen this and we can have a firewall, which is preventative. We can have a system that tells us if we've had an attack on us, which is detective, or corrective. We could have a system in our computer that corrects an error, corrects an attack, which of the following is an example of a preventative control. So which of these should prevent or try to prevent some sort of risk, some sort of attack on our computer systems? So first we've got a system requirement to change a user password every month. I would say that sounds pretty preventative, right? If we have to change our password every month, that's going to help the company prevent any hackers or anyone from getting access to your password and gaining access to the system. Sounds pretty preventative to me, keep reading. System alert when a phishing scam is found. Well, when it's found, it's already happened, so this would be detective. Not gonna be letter B because that's detective. A backdoor entryway for an IT specialist to reboot a firm system. This sounds corrective to me because if you need to reboot a system, presumably something has happened already, and you're correcting that issue. You're correcting that error. You're going in as the IT specialist, right? Presumably you have authorization to do so, and you're going to correct an issue. And since letter A seems to be a solid preventative control, I'm going to cross off letter D, leaving us with our final answer of a system requirement to change a user password every month. A client would like to implement a management information system that integrates all functional areas within

Unlock the full video transcript and subtitles support with a free account!

Get more from this lesson

Create an account 7-day free trial. No credit card required.

Information Systems

Module: 3 Concepts, 33 Videos

Understanding IT Overview and Objectives

3:00

IT Governance

11:52

Electronic Data Interchange

2:16

Business Information Systems