Question 1

All of the following are recommended features of a fire protection system for a computer center except

Accepted Answer

A) clearly marked exits 
B) an elaborate water sprinkler system 
C) manual fire extinguishers in strategic locations 
D) automatic and manual alarms in strategic locations 
A) clearly marked exits 
B) an elaborate water sprinkler system 
C) manual fire extinguishers in strategic locations 
D) automatic and manual alarms in strategic locations

Question 2

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Accepted Answer

A) inspection of the second site backup 
B) analysis of the fire detection system at the primary site 
C) review of the critical applications list 
D) composition of the disaster recovery team 
A) inspection of the second site backup 
B) analysis of the fire detection system at the primary site 
C) review of the critical applications list 
D) composition of the disaster recovery team

Question 3

Define operations fraud.

Accepted Answer

Operations fraud is the misuse

Question 4

An IT auditor expresses an opinion on the fairness of the financial statements.

Accepted Answer

A) True 
 B)False

Question 5

Name three forms of computer fraud.

Accepted Answer

Computer fraud includes:
the theft,misus

Question 6

What are commodity IT assets?

Accepted Answer

Commodity IT assets are not unique to a

Question 7

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Accepted Answer

The characteristics of computer centers

Question 8

Control risk is

Accepted Answer

A) the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated 
B) associated with the unique characteristics of the business or industry of the client 
C) the likelihood that the control structure is flawed because controls are either absent or inadequate to prevent or detect errors in the accounts 
D) the risk that errors not detected or prevented by the control structure will also not be detected by the auditor 
A) the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated 
B) associated with the unique characteristics of the business or industry of the client 
C) the likelihood that the control structure is flawed because controls are either absent or inadequate to prevent or detect errors in the accounts 
D) the risk that errors not detected or prevented by the control structure will also not be detected by the auditor

Question 9

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

Accepted Answer

A) True 
 B)False

Question 10

Computer fraud is easiest at the data collection stage.Why?

Accepted Answer

Computer fraud is easiest at the data co

Question 11

Some systems professionals have unrestricted access to the organization's programs and data.

Accepted Answer

A) True 
 B)False

Question 12

The most common access point for perpetrating computer fraud is at the data collection stage.

Accepted Answer

A) True 
 B)False

Question 13

All of the following tests of controls will provide evidence about the physical security of the computer center except

Accepted Answer

A) review of fire marshal records 
B) review of the test of the backup power supply 
C) verification of the second site backup location 
D) observation of procedures surrounding visitor access to the computer center 
A) review of fire marshal records 
B) review of the test of the backup power supply 
C) verification of the second site backup location 
D) observation of procedures surrounding visitor access to the computer center

Question 14

Commodity IT assets are easily acquired in the marketplace and should be outsourced under the core competency theory.

Accepted Answer

A) True 
 B)False

Question 15

Which statement is not correct?

Accepted Answer

A) Auditors gather evidence using tests of controls and substantive tests. 
B) The most important element in determining the level of materiality is the mathematical formula. 
C) Auditors express an opinion in their audit report. 
D) Auditors compare evidence to established criteria. 
A) Auditors gather evidence using tests of controls and substantive tests. 
B) The most important element in determining the level of materiality is the mathematical formula. 
C) Auditors express an opinion in their audit report. 
D) Auditors compare evidence to established criteria.

Question 16

Tests of controls include

Accepted Answer

A) confirming accounts receivable 
B) counting inventory 
C) completing questionnaires 
D) counting cash 
A) confirming accounts receivable 
B) counting inventory 
C) completing questionnaires 
D) counting cash

Question 17

Explain the role of an SSAE 16 report in reviewing internal controls.

Accepted Answer

An SSAE 16 report is the means by which

Question 18

Explain the relationship between internal controls and substantive testing.

Accepted Answer

The stronger the int

Question 19

All of the following are components of audit risk except

Accepted Answer

A) control risk 
B) legal risk 
C) detection risk 
D) inherent risk 
A) control risk 
B) legal risk 
C) detection risk 
D) inherent risk

Question 20

Audit risk is the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated.

Accepted Answer

A) True 
 B)False

All of the following are recommended features of a fire protection system for a computer center except

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Define operations fraud.

An IT auditor expresses an opinion on the fairness of the financial statements.

Name three forms of computer fraud.

What are commodity IT assets?

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Control risk is

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

Computer fraud is easiest at the data collection stage.Why?

Some systems professionals have unrestricted access to the organization's programs and data.

The most common access point for perpetrating computer fraud is at the data collection stage.

All of the following tests of controls will provide evidence about the physical security of the computer center except

Commodity IT assets are easily acquired in the marketplace and should be outsourced under the core competency theory.

Which statement is not correct?

Tests of controls include

Explain the role of an SSAE 16 report in reviewing internal controls.

Explain the relationship between internal controls and substantive testing.

All of the following are components of audit risk except

Audit risk is the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part II: Security and Access

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters

Exam 14: Auditing It Controls Part I: Sarbanes-Oxley and It Governance

All of the following are recommended features of a fire protection system for a computer center except

All of the following tests of controls will provide evidence about the adequacy of the disaster recovery plan except

Define operations fraud.

An IT auditor expresses an opinion on the fairness of the financial statements.

Name three forms of computer fraud.

What are commodity IT assets?

Auditors examine the physical environment of the computer center as part of their audit.Many characteristics of computer centers are of interest to auditors.What are they? Discuss.

Control risk is

Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.

Computer fraud is easiest at the data collection stage.Why?

Some systems professionals have unrestricted access to the organization's programs and data.

The most common access point for perpetrating computer fraud is at the data collection stage.

All of the following tests of controls will provide evidence about the physical security of the computer center except

Commodity IT assets are easily acquired in the marketplace and should be outsourced under the core competency theory.

Which statement is not correct?

Tests of controls include

Explain the role of an SSAE 16 report in reviewing internal controls.

Explain the relationship between internal controls and substantive testing.

All of the following are components of audit risk except

Audit risk is the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics,fraud,and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting,and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Auditing It Controls Part II: Security and Access

Auditing It Controls Part III: Systems Development, program Changes, and Application Auditing

Filters