Question 1

Explain why certain duties that are deemed incompatible in a manual system may be combined in an automated environment? Give an example.

Accepted Answer

In an automated environment it would be

Question 2

An IT auditor expresses an opinion on the fairness of the financial statements.

Accepted Answer

A) True 
 B)False

Question 3

Which is the most critical segregation of duties in the centralized computer services function?

Accepted Answer

A)  systems development from data processing 
B)  data operations from data librarian 
C)  data preparation from data control 
D)  data control from data librarian 
A)  systems development from data processing 
B)  data operations from data librarian 
C)  data preparation from data control 
D)  data control from data librarian

Question 4

Assurance services is an emerging field that goes beyond the auditor's traditional attestation function.

Accepted Answer

A) True 
 B)False

Question 5

Which of the following is true?

Accepted Answer

A)  In the CBIS environment, auditors gather evidence relating only to the contents of databases, not the reliability of the computer system. 
B)  Conducting an audit is a systematic and logical process that applies to all forms of information systems. 
C)  Substantive tests establish whether internal controls are functioning properly. 
D)  IT auditors prepare the audit report if the system is computerized. 
A)  In the CBIS environment, auditors gather evidence relating only to the contents of databases, not the reliability of the computer system. 
B)  Conducting an audit is a systematic and logical process that applies to all forms of information systems. 
C)  Substantive tests establish whether internal controls are functioning properly. 
D)  IT auditors prepare the audit report if the system is computerized.

Question 6

What is program fraud?

Accepted Answer

Program fraud involves making

Question 7

A strong internal control system will reduce the amount of substantive testing that must be performed.

Accepted Answer

A) True 
 B)False

Question 8

Prior to SOX,external auditors were required to be familiar with the client organization's internal controls,but not test them.Explain.

Accepted Answer

Auditors had the option of not relying o

Question 9

As a form of computer fraud,what is eavesdropping?

Accepted Answer

Eavesdropping involv

Question 10

Control risk is

Accepted Answer

A)  the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated 
B)  associated with the unique characteristics of the business or industry of the client 
C)  the likelihood that the control structure is flawed because controls are either absent or inadequate to prevent or detect errors in the accounts 
D)  the risk that auditors are willing to take that errors not detected or prevented by the control structure will also not be detected by the auditor 
A)  the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated 
B)  associated with the unique characteristics of the business or industry of the client 
C)  the likelihood that the control structure is flawed because controls are either absent or inadequate to prevent or detect errors in the accounts 
D)  the risk that auditors are willing to take that errors not detected or prevented by the control structure will also not be detected by the auditor

Question 11

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

Accepted Answer

A) True 
 B)False

Question 12

What primary IT functions must be separated in a centralized firm?

Accepted Answer

separate systems development f

Question 13

The following are examples of commodity assets except

Accepted Answer

A)  network management 
B)  systems operations 
C)  systems development 
D)  server maintenance 
A)  network management 
B)  systems operations 
C)  systems development 
D)  server maintenance

Question 14

__________________________ are intentional mistakes while __________________________ are unintentional mistakes.

Accepted Answer

Irregulari

Question 15

What is an auditor looking for when testing computer center controls?

Accepted Answer

When testing computer center controls,th

Question 16

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Accepted Answer

A)  inspection of the second site backup 
B)  analysis of the fire detection system at the primary site 
C)  review of the critical applications list 
D)  composition of the disaster recovery team 
A)  inspection of the second site backup 
B)  analysis of the fire detection system at the primary site 
C)  review of the critical applications list 
D)  composition of the disaster recovery team

Question 17

Typically,internal auditors perform all of the following tasks except

Accepted Answer

A)  IT audits 
B)  evaluation of operational efficiency 
C)  review of compliance with legal obligations 
D)  internal auditors perform all of the above tasks 
A)  IT audits 
B)  evaluation of operational efficiency 
C)  review of compliance with legal obligations 
D)  internal auditors perform all of the above tasks

Question 18

Why is inadequate documentation a chronic problem?

Accepted Answer

Poor-quality systems documentation is a

Question 19

All of the following tests of controls will provide evidence about the physical security of the computer center except

Accepted Answer

A)  review of fire marshal records 
B)  review of the test of the backup power supply 
C)  verification of the second site backup location 
D)  observation of procedures surrounding visitor access to the computer center 
A)  review of fire marshal records 
B)  review of the test of the backup power supply 
C)  verification of the second site backup location 
D)  observation of procedures surrounding visitor access to the computer center

Question 20

What is IT Governance?

Accepted Answer

IT governance is a broad concept relatin

Explain why certain duties that are deemed incompatible in a manual system may be combined in an automated environment? Give an example.

An IT auditor expresses an opinion on the fairness of the financial statements.

Which is the most critical segregation of duties in the centralized computer services function?

Assurance services is an emerging field that goes beyond the auditor's traditional attestation function.

Which of the following is true?

What is program fraud?

A strong internal control system will reduce the amount of substantive testing that must be performed.

Prior to SOX,external auditors were required to be familiar with the client organization's internal controls,but not test them.Explain.

As a form of computer fraud,what is eavesdropping?

Control risk is

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

What primary IT functions must be separated in a centralized firm?

The following are examples of commodity assets except

are intentional mistakes while are unintentional mistakes.

What is an auditor looking for when testing computer center controls?

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Typically,internal auditors perform all of the following tasks except

Why is inadequate documentation a chronic problem?

All of the following tests of controls will provide evidence about the physical security of the computer center except

What is IT Governance?

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Security and Access

IT Controls : Systems Development Program Changes and Application Controls

Filters

Exam 15: IT Controls : Sarbanes-Oxley and IT Governance

Explain why certain duties that are deemed incompatible in a manual system may be combined in an automated environment? Give an example.

An IT auditor expresses an opinion on the fairness of the financial statements.

Which is the most critical segregation of duties in the centralized computer services function?

Assurance services is an emerging field that goes beyond the auditor's traditional attestation function.

Which of the following is true?

What is program fraud?

A strong internal control system will reduce the amount of substantive testing that must be performed.

Prior to SOX,external auditors were required to be familiar with the client organization's internal controls,but not test them.Explain.

As a form of computer fraud,what is eavesdropping?

Control risk is

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

What primary IT functions must be separated in a centralized firm?

The following are examples of commodity assets except

__________________________ are intentional mistakes while __________________________ are unintentional mistakes.

What is an auditor looking for when testing computer center controls?

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Typically,internal auditors perform all of the following tasks except

Why is inadequate documentation a chronic problem?

All of the following tests of controls will provide evidence about the physical security of the computer center except

What is IT Governance?

The Information System: An Accountant’s Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

General Ledger, Financial Reporting, and Management Reporting Systems

Database Management Systems

The REA Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls : Security and Access

IT Controls : Systems Development Program Changes and Application Controls

Filters

are intentional mistakes while are unintentional mistakes.