Question 1

What is an auditor looking for when testing computer center controls?

Accepted Answer

When testing computer center controls,th

Question 2

The major disadvantage of an empty shell solution as a second site backup is

Accepted Answer

A) the host site may be unwilling to disrupt its processing needs to process the critical applications of the disaster stricken company 
B) intense competition for shell resources during a widespread disaster 
C) maintenance of excess hardware capacity 
D) the control of the shell site is an administrative drain on the company 
A) the host site may be unwilling to disrupt its processing needs to process the critical applications of the disaster stricken company 
B) intense competition for shell resources during a widespread disaster 
C) maintenance of excess hardware capacity 
D) the control of the shell site is an administrative drain on the company

Question 3

Segregation of duties in the computer-based information system includes

Accepted Answer

A) separating the programmer from the computer operator 
B) preventing management override 
C) separating the inventory process from the billing process 
D) performing independent verifications by the computer operator 
A) separating the programmer from the computer operator 
B) preventing management override 
C) separating the inventory process from the billing process 
D) performing independent verifications by the computer operator

Question 4

To fulfill the segregation of duties control objective,computer processing functions (like authorization of credit and billing)are separated.

Accepted Answer

A) True 
 B)False

Question 5

Which of the following is true?

Accepted Answer

A) In the CBIS environment, auditors gather evidence relating only to the contents of databases, not the reliability of the computer system. 
B) Conducting an audit is a systematic and logical process that applies to all forms of information systems. 
C) Substantive tests establish whether internal controls are functioning properly. 
D) IT auditors prepare the audit report if the system is computerized. 
A) In the CBIS environment, auditors gather evidence relating only to the contents of databases, not the reliability of the computer system. 
B) Conducting an audit is a systematic and logical process that applies to all forms of information systems. 
C) Substantive tests establish whether internal controls are functioning properly. 
D) IT auditors prepare the audit report if the system is computerized.

Question 6

A qualified opinion on management's assessment of internal controls over the financial reporting system necessitates a qualified opinion on the financial statements.

Accepted Answer

A) True 
 B)False

Question 7

Explain vendor exploitation.

Accepted Answer

Once the client firm has divested itself

Question 8

Give an example of an audit objective and its related audit procedure.

Accepted Answer

Examples include:
Inventories on the bal

Question 9

Define general controls.

Accepted Answer

General controls apply to all systems.Th

Question 10

When planning the audit,information is gathered by all of the following methods except

Accepted Answer

A) completing questionnaires 
B) interviewing management 
C) observing activities 
D) confirming accounts receivable 
A) completing questionnaires 
B) interviewing management 
C) observing activities 
D) confirming accounts receivable

Question 11

Why should the tasks of systems development and maintenance be segregated from operations?

Accepted Answer

The segregation of systems development (

Question 12

The Sarbanes-Oxley Act contains many sections.Which sections are the focus of this chapter?

Accepted Answer

The chapter concentrates on in

Question 13

Describe the components of a disaster recovery plan.

Accepted Answer

Every disaster recovery plan should:
des

Question 14

Both the SEC and the PCAOB recommend management to use the COSO framework for assessing internal control adequacy.

Accepted Answer

A) True 
 B)False

Question 15

Which of the following is not an implication of section 302 of the Sarbanes-Oxley Act?

Accepted Answer

A) Auditors must determine whether changes in internal control have materially affected (or are likely to affect) internal control over financial reporting. 
B) Auditors must interview management regarding significant changes in the design or operation of internal control that occurred since the last audit. 
C) The board of directors must certify quarterly and annually their organization's internal controls over financial reporting. 
D) Management must disclose any material changes in the company's internal controls that have occurred during the most recent fiscal quarter. 
A) Auditors must determine whether changes in internal control have materially affected (or are likely to affect) internal control over financial reporting. 
B) Auditors must interview management regarding significant changes in the design or operation of internal control that occurred since the last audit. 
C) The board of directors must certify quarterly and annually their organization's internal controls over financial reporting. 
D) Management must disclose any material changes in the company's internal controls that have occurred during the most recent fiscal quarter.

Question 16

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

Accepted Answer

A) True 
 B)False

Question 17

Tests of controls determine whether the database contents fairly reflect the organization's transactions.

Accepted Answer

A) True 
 B)False

Question 18

All of the following are examples of specific assets except

Accepted Answer

A) application maintenance 
B) data warehousing 
C) highly skilled employees 
D) server maintenance 
A) application maintenance 
B) data warehousing 
C) highly skilled employees 
D) server maintenance

Question 19

Systems development is separated from data processing activities because failure to do so

Accepted Answer

A) weakens database access security 
B) allows programmers access to make unauthorized changes to applications during execution 
C) results in inadequate documentation 
D) results in master files being inadvertently erased 
A) weakens database access security 
B) allows programmers access to make unauthorized changes to applications during execution 
C) results in inadequate documentation 
D) results in master files being inadvertently erased

Question 20

What is a disaster recovery plan? What are the key features?

Accepted Answer

A disaster recovery plan is a comprehens

What is an auditor looking for when testing computer center controls?

The major disadvantage of an empty shell solution as a second site backup is

Segregation of duties in the computer-based information system includes

To fulfill the segregation of duties control objective,computer processing functions (like authorization of credit and billing)are separated.

Which of the following is true?

A qualified opinion on management's assessment of internal controls over the financial reporting system necessitates a qualified opinion on the financial statements.

Explain vendor exploitation.

Give an example of an audit objective and its related audit procedure.

Define general controls.

When planning the audit,information is gathered by all of the following methods except

Why should the tasks of systems development and maintenance be segregated from operations?

The Sarbanes-Oxley Act contains many sections.Which sections are the focus of this chapter?

Describe the components of a disaster recovery plan.

Both the SEC and the PCAOB recommend management to use the COSO framework for assessing internal control adequacy.

Which of the following is not an implication of section 302 of the Sarbanes-Oxley Act?

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

Tests of controls determine whether the database contents fairly reflect the organization's transactions.

All of the following are examples of specific assets except

Systems development is separated from data processing activities because failure to do so

What is a disaster recovery plan? What are the key features?

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part II: Security and Access

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters

Exam 14: Auditing It Controls Part I: Sarbanes-Oxley and It Governance

What is an auditor looking for when testing computer center controls?

The major disadvantage of an empty shell solution as a second site backup is

Segregation of duties in the computer-based information system includes

To fulfill the segregation of duties control objective,computer processing functions (like authorization of credit and billing)are separated.

Which of the following is true?

A qualified opinion on management's assessment of internal controls over the financial reporting system necessitates a qualified opinion on the financial statements.

Explain vendor exploitation.

Give an example of an audit objective and its related audit procedure.

Define general controls.

When planning the audit,information is gathered by all of the following methods except

Why should the tasks of systems development and maintenance be segregated from operations?

The Sarbanes-Oxley Act contains many sections.Which sections are the focus of this chapter?

Describe the components of a disaster recovery plan.

Both the SEC and the PCAOB recommend management to use the COSO framework for assessing internal control adequacy.

Which of the following is not an implication of section 302 of the Sarbanes-Oxley Act?

A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.

Tests of controls determine whether the database contents fairly reflect the organization's transactions.

All of the following are examples of specific assets except

Systems development is separated from data processing activities because failure to do so

What is a disaster recovery plan? What are the key features?

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part II: Security and Access

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters