Question 1

Which of the following is not an appropriate statement with regard to computer control activities?

Accepted Answer

A)  The duties of application programming, computer operation, and control of data files should be separated. 
B)  Computer operators should maintain control of all software programs. 
C)  Specific passwords should be required to access online files. 
D)  Computer programmers should be periodically rotated across different applications. 
A)  The duties of application programming, computer operation, and control of data files should be separated. 
B)  Computer operators should maintain control of all software programs. 
C)  Specific passwords should be required to access online files. 
D)  Computer programmers should be periodically rotated across different applications.

Question 2

An example of a program in which the audit team would be most interested in testing automated application controls is a(n)

Accepted Answer

A)  Payroll processing program. 
B)  Operating system program. 
C)  Data management system software. 
D)  Utility program. 
A)  Payroll processing program. 
B)  Operating system program. 
C)  Data management system software. 
D)  Utility program.

Question 3

The evaluation of computer controls with simulated data processed through the client's computer programs is referred to as

Accepted Answer

A)  Parallel simulation. 
B)  Test data. 
C)  Integrated test facility. 
D)  Database. 
A)  Parallel simulation. 
B)  Test data. 
C)  Integrated test facility. 
D)  Database.

Question 4

The effectiveness of general controls is an important consideration for audit teams when assessing control risk on an audit.Which management assertions are primarily affected by general controls?

Accepted Answer

A)  Completeness and accuracy. 
B)  Occurrence and rights and obligations. 
C)  Accuracy and occurrence. 
D)  Completeness and occurrence. 
A)  Completeness and accuracy. 
B)  Occurrence and rights and obligations. 
C)  Accuracy and occurrence. 
D)  Completeness and occurrence.

Question 5

Computer operators should have complete access to programs and application documentation.

Accepted Answer

A) True 
 B)False

Question 6

____________________________ techniques are special audit modules designed and coded into computer programs to allow audit teams to evaluate various stages of transaction processing.

Accepted Answer

The answer of ____________________________ techniques are special audit modules designed...

Question 7

Match each of the following program-embedded techniques (letters A-I)with a description of these techniques (numbers 1-9).Each technique relates to only one description.

Accepted Answer

The answer of Match each of the following program-embedded techniques...

Question 8

Which of the following is true with respect to fraud risk factors in a computerized environment?

Accepted Answer

A)  Employees in a computerized environment are highly skilled. 
B)  Audit teams cannot evaluate the computerized processing system during the year. 
C)  Higher dollar amounts are involved in a computerized environment. 
D)  Employees have increased access to processing systems and computer resources in a computerized environment. 
A)  Employees in a computerized environment are highly skilled. 
B)  Audit teams cannot evaluate the computerized processing system during the year. 
C)  Higher dollar amounts are involved in a computerized environment. 
D)  Employees have increased access to processing systems and computer resources in a computerized environment.

Question 9

Auditing _________________________________________________ refers to the actual evaluation of the hardware and programs to determine the reliability of computer operations and test the operating effectiveness of the related controls.

Accepted Answer

through th

Question 10

Controls used in the management of a computer center to minimize the possibility of using an incorrect file or program are

Accepted Answer

A)  Control totals. 
B)  Record counts. 
C)  Limit checks. 
D)  External labels. 
A)  Control totals. 
B)  Record counts. 
C)  Limit checks. 
D)  External labels.

Question 11

Which of the following is not a category of general controls?

Accepted Answer

A)  Access to programs and data controls. 
B)  Computer operations controls. 
C)  Processing controls. 
D)  Program change controls. 
A)  Access to programs and data controls. 
B)  Computer operations controls. 
C)  Processing controls. 
D)  Program change controls.

Question 12

Input controls are one of the major categories of general controls.

Accepted Answer

A) True 
 B)False

Question 13

When processing controls within the computerized processing system may not leave visible evidence that could be inspected by audit teams,the teams should:

Accepted Answer

A)  Make corroborative inquiries. 
B)  Observe the separation of duties of personnel. 
C)  Review transactions submitted for processing and comparing them to related output. 
D)  Review the run manual. 
A)  Make corroborative inquiries. 
B)  Observe the separation of duties of personnel. 
C)  Review transactions submitted for processing and comparing them to related output. 
D)  Review the run manual.

Question 14

Techniques needed to select specific transactions of audit interest for testing would not include

Accepted Answer

A)  Embedded audit modules. 
B)  Monitoring system activity. 
C)  Snapshot. 
D)  Test data. 
A)  Embedded audit modules. 
B)  Monitoring system activity. 
C)  Snapshot. 
D)  Test data.

Question 15

To test the operating effectiveness of computer controls,audit teams can use each of the following methods except

Accepted Answer

A)  Creating a "dummy entity" and processing simulated transactions along with actual transactions. 
B)  Creating fictitious transactions for processing through the client's computer programs separately from actual client transactions. 
C)  Processing actual client transactions through an auditor-created program. 
D)  Observing the separation of duties of client personnel. 
A)  Creating a "dummy entity" and processing simulated transactions along with actual transactions. 
B)  Creating fictitious transactions for processing through the client's computer programs separately from actual client transactions. 
C)  Processing actual client transactions through an auditor-created program. 
D)  Observing the separation of duties of client personnel.

Question 16

The major phases in the audit team's study of internal control are the same in a computerized processing environment as those in a manual processing environment.

Accepted Answer

A) True 
 B)False

Question 17

Which of the following is not true with respect to the test data approach for evaluating computer controls?

Accepted Answer

A)  The test data are created for a separate entity and are run simultaneously with the client's actual data. 
B)  Only one of each type of error transaction needs to be included in the test data. 
C)  The manual results of processing the test data are compared to the results of processing these data through the client's computerized processing system. 
D)  Audit teams consider potential errors and conditions of interest in generating the test data. 
A)  The test data are created for a separate entity and are run simultaneously with the client's actual data. 
B)  Only one of each type of error transaction needs to be included in the test data. 
C)  The manual results of processing the test data are compared to the results of processing these data through the client's computerized processing system. 
D)  Audit teams consider potential errors and conditions of interest in generating the test data.

Question 18

The most important preventive controls for computer fraud are those that limit access to computers.

Accepted Answer

A) True 
 B)False

Question 19

After obtaining a preliminary understanding of a client's computer controls,audit teams may decide not to perform tests of controls.Which of the following would not be a valid reason for choosing to omit tests of controls?

Accepted Answer

A)  The client's computer controls duplicate manual controls existing elsewhere in the system. 
B)  There appear to be major weaknesses that indicate a high level of control risk. 
C)  The time and dollar costs of testing computer controls exceed the time and dollar savings in substantive procedures. 
D)  The client's controls appear to function at an adequate level to justify a low assessment of control risk. 
A)  The client's computer controls duplicate manual controls existing elsewhere in the system. 
B)  There appear to be major weaknesses that indicate a high level of control risk. 
C)  The time and dollar costs of testing computer controls exceed the time and dollar savings in substantive procedures. 
D)  The client's controls appear to function at an adequate level to justify a low assessment of control risk.

Question 20

Which of the following input controls would not be effective in identifying the erroneous input of numeric fields in a transaction?

Accepted Answer

A)  Batch totals. 
B)  Hash totals. 
C)  Check digits. 
D)  Record counts. 
A)  Batch totals. 
B)  Hash totals. 
C)  Check digits. 
D)  Record counts.

Which of the following is not an appropriate statement with regard to computer control activities?

An example of a program in which the audit team would be most interested in testing automated application controls is a(n)

The evaluation of computer controls with simulated data processed through the client's computer programs is referred to as

The effectiveness of general controls is an important consideration for audit teams when assessing control risk on an audit.Which management assertions are primarily affected by general controls?

Computer operators should have complete access to programs and application documentation.

____________________________ techniques are special audit modules designed and coded into computer programs to allow audit teams to evaluate various stages of transaction processing.

Match each of the following program-embedded techniques (letters A-I)with a description of these techniques (numbers 1-9).Each technique relates to only one description.

Which of the following is true with respect to fraud risk factors in a computerized environment?

Auditing _________________________________________________ refers to the actual evaluation of the hardware and programs to determine the reliability of computer operations and test the operating effectiveness of the related controls.

Controls used in the management of a computer center to minimize the possibility of using an incorrect file or program are

Which of the following is not a category of general controls?

Input controls are one of the major categories of general controls.

When processing controls within the computerized processing system may not leave visible evidence that could be inspected by audit teams,the teams should:

Techniques needed to select specific transactions of audit interest for testing would not include

To test the operating effectiveness of computer controls,audit teams can use each of the following methods except

The major phases in the audit team's study of internal control are the same in a computerized processing environment as those in a manual processing environment.

Which of the following is not true with respect to the test data approach for evaluating computer controls?

The most important preventive controls for computer fraud are those that limit access to computers.

After obtaining a preliminary understanding of a client's computer controls,audit teams may decide not to perform tests of controls.Which of the following would not be a valid reason for choosing to omit tests of controls?

Which of the following input controls would not be effective in identifying the erroneous input of numeric fields in a transaction?

Auditing and Assurance Services

Professional Standards

Engagement Planning

Management Fraud and Audit Risk

Risk Assessment: Internal Control Evaluation

Employee Fraud and the Audit of Cash

Revenue and Collection Cycle

Acquisition and Expenditure Cycle

Production Cycle

Finance and Investment Cycle

Completing the Audit

Reports on Audited Financial Statements

Other Public Accounting Services

Professional Ethics

Legal Liability

Internal Governmental and Fraud Audits

Overview of Sampling

Attributes Sampling

Variables Sampling

Filters

Exam 20: Auditing in a Computerized Environment

Which of the following is not an appropriate statement with regard to computer control activities?

An example of a program in which the audit team would be most interested in testing automated application controls is a(n)

The evaluation of computer controls with simulated data processed through the client's computer programs is referred to as

The effectiveness of general controls is an important consideration for audit teams when assessing control risk on an audit.Which management assertions are primarily affected by general controls?

Computer operators should have complete access to programs and application documentation.

____________________________ techniques are special audit modules designed and coded into computer programs to allow audit teams to evaluate various stages of transaction processing.

Match each of the following program-embedded techniques (letters A-I)with a description of these techniques (numbers 1-9).Each technique relates to only one description.

Which of the following is true with respect to fraud risk factors in a computerized environment?

Auditing _________________________________________________ refers to the actual evaluation of the hardware and programs to determine the reliability of computer operations and test the operating effectiveness of the related controls.

Controls used in the management of a computer center to minimize the possibility of using an incorrect file or program are

Which of the following is not a category of general controls?

Input controls are one of the major categories of general controls.

When processing controls within the computerized processing system may not leave visible evidence that could be inspected by audit teams,the teams should:

Techniques needed to select specific transactions of audit interest for testing would not include

To test the operating effectiveness of computer controls,audit teams can use each of the following methods except

The major phases in the audit team's study of internal control are the same in a computerized processing environment as those in a manual processing environment.

Which of the following is not true with respect to the test data approach for evaluating computer controls?

The most important preventive controls for computer fraud are those that limit access to computers.

After obtaining a preliminary understanding of a client's computer controls,audit teams may decide not to perform tests of controls.Which of the following would not be a valid reason for choosing to omit tests of controls?

Which of the following input controls would not be effective in identifying the erroneous input of numeric fields in a transaction?

Auditing and Assurance Services

Professional Standards

Engagement Planning

Management Fraud and Audit Risk

Risk Assessment: Internal Control Evaluation

Employee Fraud and the Audit of Cash

Revenue and Collection Cycle

Acquisition and Expenditure Cycle

Production Cycle

Finance and Investment Cycle

Completing the Audit

Reports on Audited Financial Statements

Other Public Accounting Services

Professional Ethics

Legal Liability

Internal Governmental and Fraud Audits

Overview of Sampling

Attributes Sampling

Variables Sampling

Filters