Question 1

a)What is test data processing? b)How is it done? c)What are the sources that an auditor can use to generate test data?

Accepted Answer

a)Test data processing is a technique us

Question 2

The auditor uses ________ to continuously monitor the system and collect audit evidence while live data are processed.

Accepted Answer

A) test data processing 
B) parallel simulation 
C) concurrent audit techniques 
D) analysis of program logic 
A) test data processing 
B) parallel simulation 
C) concurrent audit techniques 
D) analysis of program logic

Question 3

There is a direct relationship between inherent risk and detection risk.

Accepted Answer

A) True 
 B)False

Question 4

Why do all audits follow a sequence of events that can be divided into four stages,and what are the four stages?

Accepted Answer

The auditor's function generally remains

Question 5

Embedded audit molecules can be used to continually monitor the system and collect audit evidence.

Accepted Answer

A) True 
 B)False

Question 6

Describe the concept of materiality and provide an example.

Accepted Answer

Materiality is the amount of an error,fr

Question 7

The ________ stage of the auditing process involves (among other things)the auditors observing the operating activities and having discussions with employees.

Accepted Answer

A) audit planning 
B) collection of audit evidence 
C) communication of audit results 
D) evaluation of audit evidence 
A) audit planning 
B) collection of audit evidence 
C) communication of audit results 
D) evaluation of audit evidence

Question 8

What role should an auditor play in system development?

Accepted Answer

A) an independent reviewer only 
B) a developer of internal controls 
C) an advisor and developer of internal control specifications 
D) A and B above 
A) an independent reviewer only 
B) a developer of internal controls 
C) an advisor and developer of internal control specifications 
D) A and B above

Question 9

Auditors have the ability to change control risk.

Accepted Answer

A) True 
 B)False

Question 10

A(n)________ audit is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives.

Accepted Answer

A) operational or management 
B) financial 
C) information systems 
D) internal control 
A) operational or management 
B) financial 
C) information systems 
D) internal control

Question 11

Which of the choices below best describes a risk-based audit approach?

Accepted Answer

A) A four-step approach to internal control evaluation. 
B) A three-step approach to internal control evaluation. 
C) A four-step approach to financial statement review and recommendations. 
D) A three-step approach to financial statement review and recommendations. 
A) A four-step approach to internal control evaluation. 
B) A three-step approach to internal control evaluation. 
C) A four-step approach to financial statement review and recommendations. 
D) A three-step approach to financial statement review and recommendations.

Question 12

The information systems audit objective that pertains to protect computer equipment,programs,communications,and data from unauthorized access,modification,or destruction is known as

Accepted Answer

A) overall security. 
B) program development. 
C) program modifications. 
D) processing. 
A) overall security. 
B) program development. 
C) program modifications. 
D) processing.

Question 13

How is a financial audit different from an information systems audit?

Accepted Answer

Financial audits examine the reliability

Question 14

You are the head of the IT department at Panther Designs,Inc.A systems review reveals that your firm has poor control procedures for preventing inadvertent programming errors.However,you are not concerned because you feel Panther Designs has strong compensating controls.What control likely exists to give you this confidence?

Accepted Answer

A) The internal audit department processes test data at Panther Designs. 
B) Panther Designs pays its employees well, decreasing the likelihood of errors. 
C) Panther Designs only hires competent programmers, decreasing the likelihood of errors. 
D) All of Panther Design's IT applications are less than 2 years old. 
A) The internal audit department processes test data at Panther Designs. 
B) Panther Designs pays its employees well, decreasing the likelihood of errors. 
C) Panther Designs only hires competent programmers, decreasing the likelihood of errors. 
D) All of Panther Design's IT applications are less than 2 years old.

Question 15

The evidence collection stage of an operational audit includes all the following activities except

Accepted Answer

A) reviewing operational policies. 
B) establishing audit objectives. 
C) testing the accuracy of operating information. 
D) testing controls. 
A) reviewing operational policies. 
B) establishing audit objectives. 
C) testing the accuracy of operating information. 
D) testing controls.

Question 16

Briefly describe tests that can be used to detect unauthorized program modifications.

Accepted Answer

Review procedures for requesting,approvi

Question 17

Which of the following is not one way CAATS could be used?

Accepted Answer

A) To merge files. 
B) To test files for specific risks. 
C) To process electronic transactions. 
D) To query data files to retrieve records meeting specified criteria. 
A) To merge files. 
B) To test files for specific risks. 
C) To process electronic transactions. 
D) To query data files to retrieve records meeting specified criteria.

Question 18

An organization that has an antiquated accounting information system has more ________ risk than an organization that has a more advanced system.

Accepted Answer

A) control 
B) detection 
C) inherent 
D) investing 
A) control 
B) detection 
C) inherent 
D) investing

Question 19

The ________ to auditing provides auditors with a clear understanding of possible errors and irregularities and the related risks and exposures.

Accepted Answer

A) risk-based approach 
B) risk-adjusted approach 
C) financial audit approach 
D) information systems approach 
A) risk-based approach 
B) risk-adjusted approach 
C) financial audit approach 
D) information systems approach

Question 20

Identify the company below that CAATS would likely provide the most value.

Accepted Answer

A) A local car dealership. 
B) A local floral shop. 
C) A large grocery store that uses an ERP system. 
D) A medium-sized restaurant chain with restaurants in many cities. 
A) A local car dealership. 
B) A local floral shop. 
C) A large grocery store that uses an ERP system. 
D) A medium-sized restaurant chain with restaurants in many cities.

Exam 11: Auditing Computer-Based Information Systems

a)What is test data processing? b)How is it done? c)What are the sources that an auditor can use to generate test data?

The auditor uses ________ to continuously monitor the system and collect audit evidence while live data are processed.

There is a direct relationship between inherent risk and detection risk.

Why do all audits follow a sequence of events that can be divided into four stages,and what are the four stages?

Embedded audit molecules can be used to continually monitor the system and collect audit evidence.

Describe the concept of materiality and provide an example.

The ________ stage of the auditing process involves (among other things)the auditors observing the operating activities and having discussions with employees.

What role should an auditor play in system development?

Auditors have the ability to change control risk.

A(n)________ audit is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives.

Which of the choices below best describes a risk-based audit approach?

The information systems audit objective that pertains to protect computer equipment,programs,communications,and data from unauthorized access,modification,or destruction is known as

How is a financial audit different from an information systems audit?

The evidence collection stage of an operational audit includes all the following activities except

Briefly describe tests that can be used to detect unauthorized program modifications.

Which of the following is not one way CAATS could be used?

An organization that has an antiquated accounting information system has more ________ risk than an organization that has a more advanced system.

The ________ to auditing provides auditors with a clear understanding of possible errors and irregularities and the related risks and exposures.

Identify the company below that CAATS would likely provide the most value.

Conceptual Foundations of Accounting Information Systems

Overview of Transaction Processing and Enterprise Resource Planning Systems

Systems Documentation Techniques

Relational Databases

Computer Fraud

Computer Fraud and Abuse Techniques

Control and Accounting Information Systems

Controls for Information Security

Confidentiality and Privacy Controls

Processing Integrity and Availability Controls

The Revenue Cycle: Sales to Cash Collections

The Expenditure Cycle: Purchasing to Cash Disbursements

The Production Cycle

The Human Resources Management and Payroll Cycle

General Ledger and Reporting System

Database Design Using the Rea Data Model

Implementing an Rea Model in a Relational Database

Special Topics in Rea Modeling

Introduction to Systems Development and Systems Analysis

Ais Development Strategies

Systems Design, implementation, and Operation

Filters