Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Exam 17: IT Controls Part III: Systems Development, program Changes, and Application Controls

arrow
Exam 1: The Information System: an Accountants Perspective95 Questionsadd course
Exam 2: Introduction to Transaction Processing113 Questionsadd course
Exam 3: Ethics,fraud,and Internal Control158 Questionsadd course
Exam 4: The Revenue Cycle118 Questionsadd course
Exam 5: The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures107 Questionsadd course
Exam 6: The Expenditure Cycle Part Ii: Payroll Processing and Fixed Asset Procedures92 Questionsadd course
Exam 7: The Conversion Cycle100 Questionsadd course
Exam 8: General Ledger,financial Reporting,and Management Reporting Systems93 Questionsadd course
Exam 9: Database Management Systems105 Questionsadd course
Exam 10: The Rea Approach to Business Process Modeling75 Questionsadd course
Exam 11: Enterprise Resource Planning Systems96 Questionsadd course
Exam 12: Electronic Commerce Systems111 Questionsadd course
Exam 13: Managing the Systems Development Life Cycle92 Questionsadd course
Exam 14: Construct,deliver,and Maintain Systems Projects93 Questionsadd course
Exam 15: IT Controls Part I: Sarbanes-Oxley and It Governance128 Questionsadd course
Exam 16: IT Controls Part II: Security and Access94 Questionsadd course
Exam 17: IT Controls Part III: Systems Development, program Changes, and Application Controls67 Questionsadd course
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags
search iconSearch Question
flashcardsStudy Flashcards
Select questions type
  • Essay
  • Multiple Choice
  • Short Answer
  • True False
  • Matching
  • Select Tags

Explain how application version numbers can be used as a audit toll for assessing program change controls.

Free
(Essay)
4.8/5
(42)
Question 1
Correct Answer:
Verified

The SPLMS assigns a version number automatically to each program stored on the SPL.When programs are first placed in the libraries (at implementation),they are assigned version number zero.With each modification to the program,the version number is increased by one.This feature,when combined with audit trail reports,provides a basis for detecting unauthorized changes to the application program.An unauthorized change is signaled by a version number on the production load module that cannot be reconciled to the number of authorized changes.For example,if 10 changes were authorized but the production program is Version 11,then two possible control violations may have happened: (1)an authorized change occurred,which for some reason went undocumented,or (2)an unauthorized change was made,which incremented the version number.

The base case system evaluation is a variation of the test data method.

Free
(True/False)
4.8/5
(32)
Question 2
Correct Answer:
Verified

True

Use of the integrated test facility poses no threat to organizational data files.

Free
(True/False)
4.8/5
(40)
Question 3
Correct Answer:
Verified

False

Describe a test of controls that would provide evidence that only authorized program maintenance is occurring.

(Essay)
4.9/5
(35)
Question 4

Programs in their compiled state are very susceptible to the threat of unauthorized modification.

(True/False)
4.8/5
(39)
Question 5

The results of a parallel simulation are compared to the results of a production run in order to judge the quality of the application processes and controls.

(True/False)
4.8/5
(53)
Question 6

The programmer's authority table will specify the libraries a programmer may access.

(True/False)
4.9/5
(38)
Question 7

When using the test data method,the presence of multiple error messages indicates a flaw in the preparation of test transactions.

(True/False)
4.8/5
(37)
Question 8

Tracing is a method used to verify the logical operations executed by a computer application.

(True/False)
4.8/5
(38)
Question 9

Which statement is not true?

(Multiple Choice)
4.8/5
(29)
Question 10

The technical design activities translate a set of detailed technical specifications for a system into user specifications.

(True/False)
4.7/5
(41)
Question 11

What is meant by auditing around the computer versus auditing through the computer? Why is this so important?

(Essay)
4.8/5
(31)
Question 12

What are the audit's objectives relating to systems development?

(Essay)
4.9/5
(38)
Question 13

What is the purpose of the auditor's review of SDLC documentation?

(Essay)
4.8/5
(42)
Question 14

The black box approach to testing computer program controls is also known as auditing around the computer.

(True/False)
4.8/5
(36)
Question 15

Contrast the black box approach to IT auditing and the through-the-computer audit approach.Which is preferred?

(Essay)
5.0/5
(35)
Question 16

Describe and contrast the test data method with the integrated test facility.

(Essay)
5.0/5
(37)
Question 17

Generalized audit software packages perform all of the following tasks except

(Multiple Choice)
4.8/5
(31)
Question 18

Contrast embedded audit modules with generalized audit software.

(Essay)
4.8/5
(35)
Question 19

New system development activity controls must focus on the authorization,development,and implementation of new systems and its maintenance.Discuss at least five control activities that are found in an effective system development life cycle.

(Essay)
4.8/5
(45)
Question 20
Showing 1 - 20 of 67
close modal

Filters

  • Essay(0)
  • Multiple Choice(0)
  • Short Answer(0)
  • True False(0)
  • Matching(0)