Question 1

A database management system:

Accepted Answer

A)  allows quick retrieval of data, but at the cost of inefficient use of file space. 
B)  allows quick retrieval of data, but it needs to update files continually. 
C)  stores data in different files for different purposes, but always knows where they are and how to retrieve them. 
D)  reduces data redundancy. 
A)  allows quick retrieval of data, but at the cost of inefficient use of file space. 
B)  allows quick retrieval of data, but it needs to update files continually. 
C)  stores data in different files for different purposes, but always knows where they are and how to retrieve them. 
D)  reduces data redundancy.

Question 2

Auditing around the computer is acceptable when general controls are strong.

Accepted Answer

A) True 
 B)False

Question 3

Program-oriented CAATs:

Accepted Answer

A)  are useful primarily for substantive procedures. 
B)  allow the auditor to select records for further testing. 
C)  may be applied regardless of the level of assessed control risk in an application. 
D)  none of the above 
A)  are useful primarily for substantive procedures. 
B)  allow the auditor to select records for further testing. 
C)  may be applied regardless of the level of assessed control risk in an application. 
D)  none of the above

Question 4

Which of the following is a function of an embedded audit module approach?

Accepted Answer

A)  Tests data used to test specific controls. 
B)  Analyses the client data. 
C)  Uses software to define the content of data records. 
D)  Inserts an audit module into the client's application system. 
A)  Tests data used to test specific controls. 
B)  Analyses the client data. 
C)  Uses software to define the content of data records. 
D)  Inserts an audit module into the client's application system.

Question 5

A firewall is a system of hardware and software that monitors and controls the flow of e-commerce communications by channelling all network connections through a control gateway.

Accepted Answer

A) True 
 B)False

Question 6

Which of the following output controls is most important?

Accepted Answer

A)  review of the data for reasonableness by someone who knows what the output should look like 
B)  control totals, which are used to verify that the computer's results are correct 
C)  distribution control, which assures that only authorised personnel receive the reports generated by the system 
D)  logic tests, which verify that no mistakes were made in processing 
A)  review of the data for reasonableness by someone who knows what the output should look like 
B)  control totals, which are used to verify that the computer's results are correct 
C)  distribution control, which assures that only authorised personnel receive the reports generated by the system 
D)  logic tests, which verify that no mistakes were made in processing

Question 7

Which of the following is a generalised audit software package?

Accepted Answer

A)  ACL 
B)  MYOB 
C)  Visual Basic 
D)  none of the above 
A)  ACL 
B)  MYOB 
C)  Visual Basic 
D)  none of the above

Question 8

Which one of the following statements is incorrect about network environments?

Accepted Answer

A)  Network-related software often lacks the security features typically available in traditionally centralised systems. 
B)  Many environments lack standardised procedures. 
C)  Responsibility for purchasing equipment usually resides with a centralised IT function. 
D)  Decentralised servers often increase control risk. 
A)  Network-related software often lacks the security features typically available in traditionally centralised systems. 
B)  Many environments lack standardised procedures. 
C)  Responsibility for purchasing equipment usually resides with a centralised IT function. 
D)  Decentralised servers often increase control risk.

Question 9

An auditor who is testing IT controls in a payroll system would most likely use test data that contains conditions such as:

Accepted Answer

A)  deductions not authorised by employees. 
B)  overtime not approved by supervisors. 
C)  time tickets with invalid job numbers. 
D)  payroll cheques with unauthorised signatures. 
A)  deductions not authorised by employees. 
B)  overtime not approved by supervisors. 
C)  time tickets with invalid job numbers. 
D)  payroll cheques with unauthorised signatures.

Question 10

The day-to-day operations of the computer are the responsibility of management.

Accepted Answer

A) True 
 B)False

Question 11

Which one of the following is NOT an application control?

Accepted Answer

A)  processing controls 
B)  hardware controls 
C)  output controls 
D)  input controls 
A)  processing controls 
B)  hardware controls 
C)  output controls 
D)  input controls

Question 12

Generalised audit software is:

Accepted Answer

A)  used when client's software is not compatible with the auditor's. 
B)  a method of verifying the client's data recorded in a machine language. 
C)  often used even when client's data are not computerised. 
D)  all of the above 
A)  used when client's software is not compatible with the auditor's. 
B)  a method of verifying the client's data recorded in a machine language. 
C)  often used even when client's data are not computerised. 
D)  all of the above

Question 13

Which two broad control groupings for IT systems are described by auditing standards?
1)General controls
2)application controls
3)information controls
4)performance controls

Accepted Answer

A)  2 and 3 
B)  3 and 4 
C)  1 and 3 
D)  1 and 2 
A)  2 and 3 
B)  3 and 4 
C)  1 and 3 
D)  1 and 2

Question 14

Which of the following is NOT an example of a test data approach?

Accepted Answer

A)  testing authorisation of transactions 
B)  testing input data to final reports 
C)  testing online passwords 
D)  testing data access controls 
A)  testing authorisation of transactions 
B)  testing input data to final reports 
C)  testing online passwords 
D)  testing data access controls

Question 15

Oversight of the IT function to ensure that all activities are carried out consistently with the IT strategic plan is the responsibility of the:

Accepted Answer

A)  chief information officer. 
B)  data control group. 
C)  librarian. 
D)  computer operators. 
A)  chief information officer. 
B)  data control group. 
C)  librarian. 
D)  computer operators.

Question 16

Discuss the major factors associated with complex IT systems that increase control risk and the likelihood of material misstatements in the financial statements.

Accepted Answer

Factors associated with complex IT syste

Question 17

Which of the following is NOT an example of an application control?

Accepted Answer

A)  There are reasonableness tests reviewing hours worked by employees. 
B)  There are reasonableness tests for the unit selling price of a sale. 
C)  After processing, all sales transactions are reviewed by the sales department. 
D)  An equipment failure causes an error message on the monitor. 
A)  There are reasonableness tests reviewing hours worked by employees. 
B)  There are reasonableness tests for the unit selling price of a sale. 
C)  After processing, all sales transactions are reviewed by the sales department. 
D)  An equipment failure causes an error message on the monitor.

Question 18

Which one of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process?

Accepted Answer

A)  Parallel simulation 
B)  Integrated test facility 
C)  Generalised audit software programming 
D)  Test data approach 
A)  Parallel simulation 
B)  Integrated test facility 
C)  Generalised audit software programming 
D)  Test data approach

Question 19

Generalised audit software can be used to perform many different kinds of tests.Which of these is NOT one of them?

Accepted Answer

A)  comparing creditor statements with accounts payable files 
B)  inquiry of management policy on aged debtors 
C)  random sampling of all other receivables 
D)  totalling the client's accounts receivable balances 
A)  comparing creditor statements with accounts payable files 
B)  inquiry of management policy on aged debtors 
C)  random sampling of all other receivables 
D)  totalling the client's accounts receivable balances

Question 20

Which one of the following is NOT usually part of a contingency plan?

Accepted Answer

A)  regular changing of access codes 
B)  identifying alternative hardware that can be used to process company data 
C)  backing up critical data files 
D)  storing copies of critical software off premises 
A)  regular changing of access codes 
B)  identifying alternative hardware that can be used to process company data 
C)  backing up critical data files 
D)  storing copies of critical software off premises

A database management system:

Auditing around the computer is acceptable when general controls are strong.

Program-oriented CAATs:

Which of the following is a function of an embedded audit module approach?

A firewall is a system of hardware and software that monitors and controls the flow of e-commerce communications by channelling all network connections through a control gateway.

Which of the following output controls is most important?

Which of the following is a generalised audit software package?

Which one of the following statements is incorrect about network environments?

An auditor who is testing IT controls in a payroll system would most likely use test data that contains conditions such as:

The day-to-day operations of the computer are the responsibility of management.

Which one of the following is NOT an application control?

Generalised audit software is:

Which two broad control groupings for IT systems are described by auditing standards? 1)General controls 2)application controls 3)information controls 4)performance controls

Which of the following is NOT an example of a test data approach?

Oversight of the IT function to ensure that all activities are carried out consistently with the IT strategic plan is the responsibility of the:

Discuss the major factors associated with complex IT systems that increase control risk and the likelihood of material misstatements in the financial statements.

Which of the following is NOT an example of an application control?

Which one of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process?

Generalised audit software can be used to perform many different kinds of tests.Which of these is NOT one of them?

Which one of the following is NOT usually part of a contingency plan?

Demand for audit and assurance services

Auditors’ legal environment

Audit quality and ethics

Audit responsibilities and objectives

Audit evidence

Audit planning and documentation

Materiality and risk

Internal control and control risk

Fraud auditing

Overall audit plan and audit program

Audit of the sales and collection cycle: Tests of controls and substantive tests of transactions

Completing tests in the sales and collection cycle: Accounts receivable

Audit sampling

Audit of transaction cycles and financial statement balances I

Audit of transaction cycles and financial statement balances II

Completing the audit

Audit reporting

Other auditing and assurance engagements

Filters

Exam 10: The impact of information technology on the audit process

A database management system:

Auditing around the computer is acceptable when general controls are strong.

Program-oriented CAATs:

Which of the following is a function of an embedded audit module approach?

A firewall is a system of hardware and software that monitors and controls the flow of e-commerce communications by channelling all network connections through a control gateway.

Which of the following output controls is most important?

Which of the following is a generalised audit software package?

Which one of the following statements is incorrect about network environments?

An auditor who is testing IT controls in a payroll system would most likely use test data that contains conditions such as:

The day-to-day operations of the computer are the responsibility of management.

Which one of the following is NOT an application control?

Generalised audit software is:

Which two broad control groupings for IT systems are described by auditing standards? 1)General controls 2)application controls 3)information controls 4)performance controls

Which of the following is NOT an example of a test data approach?

Oversight of the IT function to ensure that all activities are carried out consistently with the IT strategic plan is the responsibility of the:

Discuss the major factors associated with complex IT systems that increase control risk and the likelihood of material misstatements in the financial statements.

Which of the following is NOT an example of an application control?

Which one of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process?

Generalised audit software can be used to perform many different kinds of tests.Which of these is NOT one of them?

Which one of the following is NOT usually part of a contingency plan?

Demand for audit and assurance services

Auditors’ legal environment

Audit quality and ethics

Audit responsibilities and objectives

Audit evidence

Audit planning and documentation

Materiality and risk

Internal control and control risk

Fraud auditing

Overall audit plan and audit program

Audit of the sales and collection cycle: Tests of controls and substantive tests of transactions

Completing tests in the sales and collection cycle: Accounts receivable

Audit sampling

Audit of transaction cycles and financial statement balances I

Audit of transaction cycles and financial statement balances II

Completing the audit

Audit reporting

Other auditing and assurance engagements

Filters