Question 1

Which of the following is NOT a requirement in management's report on the effectiveness of internal controls over financial reporting?

Accepted Answer

A)  A statement of management's responsibility for establishing and maintaining adequate internal control user satisfaction. 
B)  A statement that the organization's internal auditors has issued an attestation report on management's assessment of the company's internal controls. 
C)  A statement identifying the framework used by management to conduct their assessment of internal controls. 
D)  An explicit written conclusion as to the effectiveness of internal control over financial reporting. 
A)  A statement of management's responsibility for establishing and maintaining adequate internal control user satisfaction. 
B)  A statement that the organization's internal auditors has issued an attestation report on management's assessment of the company's internal controls. 
C)  A statement identifying the framework used by management to conduct their assessment of internal controls. 
D)  An explicit written conclusion as to the effectiveness of internal control over financial reporting.

Question 2

Which of the following is not a generally accepted auditing standard general standard?

Accepted Answer

A)  The auditor must have adequate technical training and proficiency. 
B)  The auditor must obtain sufficient, competent evidence. 
C)  The auditor must have independence of mental attitude. 
D)  All of the above are generally accepted auditing standard general standards. 
A)  The auditor must have adequate technical training and proficiency. 
B)  The auditor must obtain sufficient, competent evidence. 
C)  The auditor must have independence of mental attitude. 
D)  All of the above are generally accepted auditing standard general standards.

Question 3

Explain the outsourcing risk of failure to perform.

Accepted Answer

Once a client firm has outsourced specif

Question 4

Scavenging is a form of fraud in which the perpetrator uses a computer program to search for key terms in a database and then steal the data.

Accepted Answer

A) True 
 B)False

Question 5

IT auditing is a small part of most external and internal audits.

Accepted Answer

A) True 
 B)False

Question 6

Internal control in a computerized environment can be divided into two broad categories. What are they? Explain each.

Accepted Answer

Internal controls can be divided into tw

Question 7

Discuss the key features of Section 404 of the Sarbanes-Oxley Act.

Accepted Answer

Section 404 requires the management of p

Question 8

The financial statements of an organization reflect a set of management assertions about the financial health of the business. All of the following describe types of assertions except

Accepted Answer

A)  that all of the assets and equities on the balance sheet exist 
B)  that all employees are properly trained to carry out their assigned duties 
C)  that all transactions on the income statement actually occurred 
D)  that all allocated amounts such as depreciation are calculated on a systematic and rational basis 
A)  that all of the assets and equities on the balance sheet exist 
B)  that all employees are properly trained to carry out their assigned duties 
C)  that all transactions on the income statement actually occurred 
D)  that all allocated amounts such as depreciation are calculated on a systematic and rational basis

Question 9

Compare and contrast the following disaster recovery options: empty shell, recovery operations center, and internally provided backup. Rank them from most risky to least risky, as well as most costly to least costly.

Accepted Answer

The lowest cost method is internally pro

Question 10

For disaster recovery purposes, what criteria are used to identify an application or data as critical?

Accepted Answer

Critical application and files

Question 11

Both the SEC and the PCAOB require management to use the COSO framework for assessing internal control adequacy.

Accepted Answer

A) True 
 B)False

Question 12

To ensure sound internal control, program coding and program processing should be separated.

Accepted Answer

A) True 
 B)False

Question 13

The following are examples of specific assets except

Accepted Answer

A)  application maintenance 
B)  data warehousing 
C)  highly skilled employees 
D)  server maintenance 
A)  application maintenance 
B)  data warehousing 
C)  highly skilled employees 
D)  server maintenance

Question 14

Which statement is not correct?

Accepted Answer

A)  Auditors gather evidence using tests of controls and substantive tests. 
B)  The most important element in determining the level of materiality is the mathematical formula. 
C)  Auditors express an opinion in their audit report. 
D)  Auditors compare evidence to established criteria. 
A)  Auditors gather evidence using tests of controls and substantive tests. 
B)  The most important element in determining the level of materiality is the mathematical formula. 
C)  Auditors express an opinion in their audit report. 
D)  Auditors compare evidence to established criteria.

Question 15

What fraud detection responsibilities (if any) are imposed on auditors by the Sarbanes-Oxley Act?

Accepted Answer

SOX places responsibility on auditors to

Question 16

External auditors can cooperate with and use evidence gathered by internal audit departments that are organizationally independent and that report to the Audit Committee of the Board of Directors.

Accepted Answer

A) True 
 B)False

Question 17

The following are examples of commodity assets except

Accepted Answer

A)  network management 
B)  systems operations 
C)  systems development 
D)  server maintenance 
A)  network management 
B)  systems operations 
C)  systems development 
D)  server maintenance

Question 18

All of the following are components of audit risk except

Accepted Answer

A)  control risk 
B)  legal risk 
C)  detection risk 
D)  inherent risk 
A)  control risk 
B)  legal risk 
C)  detection risk 
D)  inherent risk

Question 19

Name three types of program fraud.

Accepted Answer

Program fraud includes:
(1) creating ill

Question 20

Describe the components of a disaster recovery plan.

Accepted Answer

Every disaster recovery plan should:
des

Which of the following is NOT a requirement in management's report on the effectiveness of internal controls over financial reporting?

Which of the following is not a generally accepted auditing standard general standard?

Explain the outsourcing risk of failure to perform.

Scavenging is a form of fraud in which the perpetrator uses a computer program to search for key terms in a database and then steal the data.

IT auditing is a small part of most external and internal audits.

Internal control in a computerized environment can be divided into two broad categories. What are they? Explain each.

Discuss the key features of Section 404 of the Sarbanes-Oxley Act.

The financial statements of an organization reflect a set of management assertions about the financial health of the business. All of the following describe types of assertions except

Compare and contrast the following disaster recovery options: empty shell, recovery operations center, and internally provided backup. Rank them from most risky to least risky, as well as most costly to least costly.

For disaster recovery purposes, what criteria are used to identify an application or data as critical?

Both the SEC and the PCAOB require management to use the COSO framework for assessing internal control adequacy.

To ensure sound internal control, program coding and program processing should be separated.

The following are examples of specific assets except

Which statement is not correct?

What fraud detection responsibilities (if any) are imposed on auditors by the Sarbanes-Oxley Act?

External auditors can cooperate with and use evidence gathered by internal audit departments that are organizationally independent and that report to the Audit Committee of the Board of Directors.

The following are examples of commodity assets except

All of the following are components of audit risk except

Name three types of program fraud.

Describe the components of a disaster recovery plan.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting, and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls Part II: Security and Access

IT Controls Part III: Systems Development, Program Changes, and Application Controls

Filters

Exam 15: IT Controls Part I: Sarbanes-Oxley and It Governance

Which of the following is NOT a requirement in management's report on the effectiveness of internal controls over financial reporting?

Which of the following is not a generally accepted auditing standard general standard?

Explain the outsourcing risk of failure to perform.

Scavenging is a form of fraud in which the perpetrator uses a computer program to search for key terms in a database and then steal the data.

IT auditing is a small part of most external and internal audits.

Internal control in a computerized environment can be divided into two broad categories. What are they? Explain each.

Discuss the key features of Section 404 of the Sarbanes-Oxley Act.

The financial statements of an organization reflect a set of management assertions about the financial health of the business. All of the following describe types of assertions except

Compare and contrast the following disaster recovery options: empty shell, recovery operations center, and internally provided backup. Rank them from most risky to least risky, as well as most costly to least costly.

For disaster recovery purposes, what criteria are used to identify an application or data as critical?

Both the SEC and the PCAOB require management to use the COSO framework for assessing internal control adequacy.

To ensure sound internal control, program coding and program processing should be separated.

The following are examples of specific assets except

Which statement is not correct?

What fraud detection responsibilities (if any) are imposed on auditors by the Sarbanes-Oxley Act?

External auditors can cooperate with and use evidence gathered by internal audit departments that are organizationally independent and that report to the Audit Committee of the Board of Directors.

The following are examples of commodity assets except

All of the following are components of audit risk except

Name three types of program fraud.

Describe the components of a disaster recovery plan.

The Information System: an Accountants Perspective

Introduction to Transaction Processing

Ethics, Fraud, and Internal Control

The Revenue Cycle

The Expenditure Cycle Part I: Purchases and Cash Disbursements Procedures

The Expenditure Cycle Part II: Payroll Processing and Fixed Asset Procedures

The Conversion Cycle

Financial Reporting, and Management Reporting Systems

Database Management Systems

The Rea Approach to Business Process Modeling

Enterprise Resource Planning Systems

Electronic Commerce Systems

Managing the Systems Development Life Cycle

Construct, Deliver, and Maintain Systems Projects

IT Controls Part II: Security and Access

IT Controls Part III: Systems Development, Program Changes, and Application Controls

Filters