Exam 7: Auditing Information Technology-Based Processes

Claims regarding the condition of the business organization and in terms of its operations, financial results, and compliance with laws and regulations, are referred to as:

Financial statement audits are performed by _________ who have extensive knowledge of generally accepted accounting principles (GAAP) in the US and/or International Financial Reporting Standards (IFRS).

All of the following are examples of security controls except:

Auditing standards address the importance of understanding both the automated and manual procedures that make up an organization's internal controls and consider how misstatements may occur, including all of the following, except:

This type of application control is performed to verify the correctness of information entered into software programs.Auditors are concerned about whether errors are being prevented and detected during this stage of data processing.

This type of audit is performed by independent auditors who are objective and neutral with respect to the company and the information being audited.

One of the most effective ways a client can protect its computer system is to place environmental controls in the computer center.Environmental controls include:

Suppose that during the planning phase of an audit, the auditor determines that weaknesses exist in the client's computerized systems.These weaknesses make the client company susceptible to the risk of an unauthorized break-in.Which type of audit procedures should be emphasized in the remaining phases of this audit?

When PCs are used for accounting instead of mainframes or client-server system, they face a greater risk of loss due to which of the following:

The main difference between substantive testing and controls testing is:

All types of auditors must follow guidelines promoting ethical conduct.For financial statement auditors, the PCAOB/AICPA has established a code of professional conduct, commonly called the Code of Ethics, which consists of two sections.Which of the following correctly states the two sections?

Independent auditors are generally actively involved in each of the following tasks except:

The rule in the PCAOB/AICPA Code of Professional Conduct that is referred to as Responsibilities can be stated as:

Which of the following computer-assisted auditing techniques processes actual client input data (or a copy of the real data) on a controlled program under the auditor's control to periodically test controls in the client's computer system?

Regardless of whether the results are printed or retained electronically, auditors may perform all of the following procedures to test application outputs, except:

The existence of IT-based business processes that result in the details of the transactions being entered directly into the computer system increases the likelihood of the loss or alternation of data due to all of the following, except:

Auditors should perform this type of test to determine the valid use of the company's computer system, according to the authority tables.

This organization issues guidelines for conducting the IT audit.The standards issued address practices related to control and security of the IT system.

Which of the following is not one of the three primary types of audits?

Although there are a number of organizations that provide detailed guidance, it is still necessary for auditors to rely on other direction regarding the types of audit tests to use and the manner in which the conclusions are drawn.These sources of information include: