Question 1

Identify six controllable activities that distinguish an effective systems development process.

Accepted Answer

Systems authorization activiti

Question 2

What is the purpose of the auditor's review of SDLC documentation?

Accepted Answer

In reviewing the SDLC documentation, the

Question 3

Which statement is not true?

Accepted Answer

A)  An audit objective for systems maintenance is to detect unauthorized access to application databases. 
B)  An audit objective for systems maintenance is to ensure that applications are free from errors. 
C)  An audit objective for systems maintenance is to verify that user requests for maintenance reconcile to program version numbers. 
D)  An audit objective for systems maintenance is to ensure that the production libraries are protected from unauthorized access. 
A)  An audit objective for systems maintenance is to detect unauthorized access to application databases. 
B)  An audit objective for systems maintenance is to ensure that applications are free from errors. 
C)  An audit objective for systems maintenance is to verify that user requests for maintenance reconcile to program version numbers. 
D)  An audit objective for systems maintenance is to ensure that the production libraries are protected from unauthorized access.

Question 4

Which statement is not true? Embedded audit modules

Accepted Answer

A)  can be turned on and off by the auditor. 
B)  reduce operating efficiency. 
C)  may lose their viability in an environment where programs are modified frequently. 
D)  identify transactions to be analyzed using white box tests. 
A)  can be turned on and off by the auditor. 
B)  reduce operating efficiency. 
C)  may lose their viability in an environment where programs are modified frequently. 
D)  identify transactions to be analyzed using white box tests.

Question 5

All systems should be informally approved to ensure economic justification and feasibility.

Accepted Answer

A) True 
 B)False

Question 6

The presence of a SPLMS effectively guarantees program integrity.

Accepted Answer

A) True 
 B)False

Question 7

Source program library controls should prevent and detect unauthorized access to application programs.

Accepted Answer

A) True 
 B)False

Question 8

The base case system evaluation is a variation of the test data method.

Accepted Answer

A) True 
 B)False

Question 9

What is an embedded audit module?

Accepted Answer

EAM techniques use one or more specially

Question 10

Maintenance access to systems increases the risk that logic will be corrupted either by the accident or intent to defraud.

Accepted Answer

A) True 
 B)False

Question 11

What are program version numbers and how are the used?

Accepted Answer

The SPLMS assigns a version number autom

Question 12

Generalized audit software packages are used to assist the auditor in performing substantive tests.

Accepted Answer

A) True 
 B)False

Question 13

Describe a test of controls that would provide evidence that only authorized program maintenance is occurring.

Accepted Answer

reconcile program ve

Question 14

Firms with an independent internal audit staff may conduct tests of the system development life cycle on an ongoing basis.

Accepted Answer

A) True 
 B)False

Question 15

Meaningful test data is relatively easy to create.

Accepted Answer

A) True 
 B)False

Question 16

Use of the integrated test facility poses no threat to organizational data files.

Accepted Answer

A) True 
 B)False

Question 17

All of the following are advantages of the test data technique except

Accepted Answer

A)  auditors need minimal computer expertise to use this method 
B)  this method causes minimal disruption to the firm's operations 
C)  the test data is easily compiled 
D)  the auditor obtains explicit evidence concerning application functions 
A)  auditors need minimal computer expertise to use this method 
B)  this method causes minimal disruption to the firm's operations 
C)  the test data is easily compiled 
D)  the auditor obtains explicit evidence concerning application functions

Question 18

To meet the governance-related expectations of management under SOX, an organization's internal audit department needs to be

Accepted Answer

A)  independent 
B)  objective 
C)  technically qualified 
D)  All of the above are true. 
A)  independent 
B)  objective 
C)  technically qualified 
D)  All of the above are true.

Question 19

All of the following are disadvantages of the test data technique except

Accepted Answer

A)  the test data technique requires extensive computer expertise on the part of the auditor 
B)  the auditor cannot be sure that the application being tested is a copy of the current application used by computer services personnel 
C)  the auditor cannot be sure that the application being tested is the same application used throughout the entire year 
D)  preparation of the test data is time-consuming 
A)  the test data technique requires extensive computer expertise on the part of the auditor 
B)  the auditor cannot be sure that the application being tested is a copy of the current application used by computer services personnel 
C)  the auditor cannot be sure that the application being tested is the same application used throughout the entire year 
D)  preparation of the test data is time-consuming

Question 20

All of the following statements are true about the integrated test facility (ITF) except

Accepted Answer

A)  production reports are affected by ITF transactions 
B)  ITF databases contain "dummy" records integrated with legitimate records 
C)  ITF permits ongoing application auditing 
D)  ITF does not disrupt operations or require the intervention of computer services personnel 
A)  production reports are affected by ITF transactions 
B)  ITF databases contain "dummy" records integrated with legitimate records 
C)  ITF permits ongoing application auditing 
D)  ITF does not disrupt operations or require the intervention of computer services personnel

Identify six controllable activities that distinguish an effective systems development process.

What is the purpose of the auditor's review of SDLC documentation?

Which statement is not true?

Which statement is not true? Embedded audit modules

All systems should be informally approved to ensure economic justification and feasibility.

The presence of a SPLMS effectively guarantees program integrity.

Source program library controls should prevent and detect unauthorized access to application programs.

The base case system evaluation is a variation of the test data method.

What is an embedded audit module?

Maintenance access to systems increases the risk that logic will be corrupted either by the accident or intent to defraud.

What are program version numbers and how are the used?

Generalized audit software packages are used to assist the auditor in performing substantive tests.

Describe a test of controls that would provide evidence that only authorized program maintenance is occurring.

Firms with an independent internal audit staff may conduct tests of the system development life cycle on an ongoing basis.

Meaningful test data is relatively easy to create.

Use of the integrated test facility poses no threat to organizational data files.

All of the following are advantages of the test data technique except

To meet the governance-related expectations of management under SOX, an organization's internal audit department needs to be

All of the following are disadvantages of the test data technique except

All of the following statements are true about the integrated test facility (ITF) except

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting, and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls Part I: Sarbanes-Oxley and It Governance

IT Controls Part II: Security and Access

Filters

Exam 17: IT Controls Part III: Systems Development, Program Changes, and Application Controls

Identify six controllable activities that distinguish an effective systems development process.

What is the purpose of the auditor's review of SDLC documentation?

Which statement is not true?

Which statement is not true? Embedded audit modules

All systems should be informally approved to ensure economic justification and feasibility.

The presence of a SPLMS effectively guarantees program integrity.

Source program library controls should prevent and detect unauthorized access to application programs.

The base case system evaluation is a variation of the test data method.

What is an embedded audit module?

Maintenance access to systems increases the risk that logic will be corrupted either by the accident or intent to defraud.

What are program version numbers and how are the used?

Generalized audit software packages are used to assist the auditor in performing substantive tests.

Describe a test of controls that would provide evidence that only authorized program maintenance is occurring.

Firms with an independent internal audit staff may conduct tests of the system development life cycle on an ongoing basis.

Meaningful test data is relatively easy to create.

Use of the integrated test facility poses no threat to organizational data files.

All of the following are advantages of the test data technique except

To meet the governance-related expectations of management under SOX, an organization's internal audit department needs to be

All of the following are disadvantages of the test data technique except

All of the following statements are true about the integrated test facility (ITF) except

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting, and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls Part I: Sarbanes-Oxley and It Governance

IT Controls Part II: Security and Access

Filters