Exam 10: Understanding Internal Controls

General controls provide a framework for controlling daily computer operations, minimizing the likelihood of processing errors, and assuring the continuity of operations in the event of a physical disaster of computer failure.

Access controls relate to both the accounting records and the physical assets.

The Foreign Corrupt Practices Act (FCPA) is administered by the:

The external auditor is not required to test the work of internal auditors that pertains to obtaining an understanding.

An effective accounting system should identify and record only the valid transaction of the entity that occurred in the current period, which relates to the:

Essential to both management and auditors is a chain of evidence in the accounting system provided by coding, cross references, and documentation connecting account balances and other summary results with original data. This chain of evidence is referred to as the:

Listed below are eight positions within an IT department coded by the letters A through H. A.IT manager E.Security administrator B.Systems analyst F.Librarian C.Programmer G.Data control group D.Computer operator H.Database administrator REQUIRED: Match the primary responsibilities below with the codes for the positions above. 1.Flowcharts logic of computer programs, develops and documents programs, and debugs programs. 2.Manages security of IT systems, including hardware, security software and monitors access to programs and data, and follows-up on security breaches. 3.Exercises overall control, develops short and long range plans, and approves systems. 4.Designs content and organization of the database and controls access to and use of the database. 5.Evaluates existing systems, designs new systems, outlines the systems, and prepares specifications for programmers. 6.Acts as liaison with user departments and monitors input, processing, and output. 7.Maintains custody of systems documentation, programs, and files. 8.Operates the computer hardware and executes the program according to operating instructions. Answers - Matching 10-2

PCAOB standards require the auditor to evaluate the effectiveness of the audit committee as part of understanding the control environment and monitoring. Which of the following is not a factor the auditor should consider in making this evaluation?

Communication includes making sure that personnel involved in the financial reporting system understand how their activities relate to the work of others inside the organization.

Application controls are designed to provide reasonable assurance that IT records, processes, and reports data properly for specific applications.

Which of the following is not normally a characteristic of batch entry/batch processing in a small system?

Which of the following is an incorrect quotation from the second field work standard?

The accounting records for an asset should normally be maintained by the same individual who controls that asset.

In database management systems, an important documentation control is the data repository.

Which one of the following positions maintains custody of systems documentation, programs, and files?

Which one of the following is not an inherent limitation in an entity's internal controls?

The use of a transaction log is most commonly associated with which of the following data processing methods?

Input controls include controls over:

The rekeying of all or a portion of the input data is an example of a:

Which of the following control program development, program changes, computer operations, and access to programs and data?