Question 1

The first step in a risk-based audit approach is to

Accepted Answer

A) evaluate the control procedures. 
B) determine the threats facing the AIS. 
C) identify the control procedures that should be in place. 
D) evaluate weaknesses to determine their effect on the audit procedures. 
A) evaluate the control procedures. 
B) determine the threats facing the AIS. 
C) identify the control procedures that should be in place. 
D) evaluate weaknesses to determine their effect on the audit procedures.

Question 2

An auditor sets an embedded audit module to selectively monitor transactions.Selected transactions are then reprocessed independently,and the results are compared with those obtained by the normal system processing.The auditor is using

Accepted Answer

A) an integrated test facility. 
B) the snapshot technique. 
C) a system control audit review file. 
D) continuous and intermittent simulation. 
A) an integrated test facility. 
B) the snapshot technique. 
C) a system control audit review file. 
D) continuous and intermittent simulation.

Question 3

Describe the difference between concurrent audit techniques and embedded audit modules.

Accepted Answer

Auditors use concurrent audit techniques

Question 4

Who generally receives the findings and conclusions of an operational audit?

Accepted Answer

A) The board of directors. 
B) Management. 
C) The external auditor. 
D) The IRS. 
A) The board of directors. 
B) Management. 
C) The external auditor. 
D) The IRS.

Question 5

Which of the following is not one of the types of internal audits?

Accepted Answer

A) A review of the corporate organizational structure and reporting hierarchies. 
B) An examination of procedures for reporting and disposing of hazardous waste. 
C) A review of source documents and general ledger accounts to determine integrity of recorded transactions. 
D) A comparison of estimates and analysis made before purchase of a major capital asset to actual numbers and results achieved. 
A) A review of the corporate organizational structure and reporting hierarchies. 
B) An examination of procedures for reporting and disposing of hazardous waste. 
C) A review of source documents and general ledger accounts to determine integrity of recorded transactions. 
D) A comparison of estimates and analysis made before purchase of a major capital asset to actual numbers and results achieved.

Question 6

Auditors have the ability to change inherent risk.

Accepted Answer

A) True 
 B)False

Question 7

Describe the five commonly used concurrent audit techniques.

Accepted Answer

(1)Integrated test facility - Inserting

Question 8

The ________ audit reviews the general and application controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets.

Accepted Answer

A) financial 
B) information systems 
C) management 
D) internal control 
A) financial 
B) information systems 
C) management 
D) internal control

Question 9

The scope of a(n)________ audit encompasses all aspects of systems management.

Accepted Answer

A) operational 
B) information systems 
C) financial 
D) internal control 
A) operational 
B) information systems 
C) financial 
D) internal control

Question 10

Define and give examples of embedded audit modules.

Accepted Answer

Embedded audit modules are segments of p

Question 11

Using embedded audit modules to continuously monitor transactions,collect data on transactions with special audit significance,and store the data to later identify and investigate questionable transactions is an example of

Accepted Answer

A) integrated test facility. 
B) snapshot technique. 
C) system control audit review file. 
D) audit hooks. 
A) integrated test facility. 
B) snapshot technique. 
C) system control audit review file. 
D) audit hooks.

Question 12

An auditor sets an embedded audit module to flag all credit transactions in excess of $5,000.The flag causes the system state to be recorded before and after each transaction is processed.The auditor is using

Accepted Answer

A) audit hooks. 
B) an integrated test facility. 
C) the snapshot technique. 
D) a system control audit review file. 
A) audit hooks. 
B) an integrated test facility. 
C) the snapshot technique. 
D) a system control audit review file.

Question 13

What is not a typical responsibility of an internal auditor?

Accepted Answer

A) Helping management to improve organizational effectiveness. 
B) Assisting in the design and implementation of an AIS. 
C) Preparation of the company's financial statements. 
D) Implementing and monitoring of internal controls. 
A) Helping management to improve organizational effectiveness. 
B) Assisting in the design and implementation of an AIS. 
C) Preparation of the company's financial statements. 
D) Implementing and monitoring of internal controls.

Question 14

The possibility that a material error will occur even though auditors are following audit procedures and using good judgment is referred to as

Accepted Answer

A) control risk. 
B) detection risk. 
C) inherent risk. 
D) investigating risk. 
A) control risk. 
B) detection risk. 
C) inherent risk. 
D) investigating risk.

Question 15

Inserting a dummy entity in a company's system;processing test transactions to update that will not affect actual records is an example of

Accepted Answer

A) integrated test facility. 
B) snapshot technique. 
C) system control audit review file. 
D) audit hooks. 
A) integrated test facility. 
B) snapshot technique. 
C) system control audit review file. 
D) audit hooks.

Question 16

Which of the following is not an information systems audit test of controls?

Accepted Answer

A) Observe computer-site access procedures. 
B) Investigate how unauthorized access attempts are handled. 
C) Review logical access policies and procedures. 
D) Examine the results of disaster recovery plan simulations. 
A) Observe computer-site access procedures. 
B) Investigate how unauthorized access attempts are handled. 
C) Review logical access policies and procedures. 
D) Examine the results of disaster recovery plan simulations.

Question 17

A type of software that auditors can use to analyze program logic and detect unexecuted program code is

Accepted Answer

A) an audit log. 
B) a mapping program. 
C) a scanning routine. 
D) program tracing. 
A) an audit log. 
B) a mapping program. 
C) a scanning routine. 
D) program tracing.

Question 18

One of the advantages of CAATS software is that it can replace the auditor's judgment in specific areas of an audit.

Accepted Answer

A) True 
 B)False

Question 19

The evidence collection stage of an operational audit includes all the following activities except

Accepted Answer

A) reviewing operational policies. 
B) establishing audit objectives. 
C) testing the accuracy of operating information. 
D) testing controls. 
A) reviewing operational policies. 
B) establishing audit objectives. 
C) testing the accuracy of operating information. 
D) testing controls.

Question 20

Audit tests and procedures traditionally have been performed on a sample basis.Do options exist for auditors to test significantly more (or all)transactions?

Accepted Answer

Computer assisted audit techniques (CAAT

Exam 11: Auditing Computer-Based Information Systems

The first step in a risk-based audit approach is to

An auditor sets an embedded audit module to selectively monitor transactions.Selected transactions are then reprocessed independently,and the results are compared with those obtained by the normal system processing.The auditor is using

Describe the difference between concurrent audit techniques and embedded audit modules.

Who generally receives the findings and conclusions of an operational audit?

Which of the following is not one of the types of internal audits?

Auditors have the ability to change inherent risk.

Describe the five commonly used concurrent audit techniques.

The ________ audit reviews the general and application controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets.

The scope of a(n)________ audit encompasses all aspects of systems management.

Define and give examples of embedded audit modules.

Using embedded audit modules to continuously monitor transactions,collect data on transactions with special audit significance,and store the data to later identify and investigate questionable transactions is an example of

An auditor sets an embedded audit module to flag all credit transactions in excess of $5,000.The flag causes the system state to be recorded before and after each transaction is processed.The auditor is using

What is not a typical responsibility of an internal auditor?

The possibility that a material error will occur even though auditors are following audit procedures and using good judgment is referred to as

Inserting a dummy entity in a company's system;processing test transactions to update that will not affect actual records is an example of

Which of the following is not an information systems audit test of controls?

A type of software that auditors can use to analyze program logic and detect unexecuted program code is

One of the advantages of CAATS software is that it can replace the auditor's judgment in specific areas of an audit.

The evidence collection stage of an operational audit includes all the following activities except

Audit tests and procedures traditionally have been performed on a sample basis.Do options exist for auditors to test significantly more (or all)transactions?

Conceptual Foundations of Accounting Information Systems

Overview of Transaction Processing and Enterprise Resource Planning Systems

Systems Documentation Techniques

Relational Databases

Computer Fraud

Computer Fraud and Abuse Techniques

Control and Accounting Information Systems

Controls for Information Security

Confidentiality and Privacy Controls

Processing Integrity and Availability Controls

The Revenue Cycle: Sales to Cash Collections

The Expenditure Cycle: Purchasing to Cash Disbursements

The Production Cycle

The Human Resources Management and Payroll Cycle

General Ledger and Reporting System

Database Design Using the Rea Data Model

Implementing an Rea Model in a Relational Database

Special Topics in Rea Modeling

Introduction to Systems Development and Systems Analysis

Ais Development Strategies

Systems Design, implementation, and Operation

Filters