Question 1

The audit procedure which is least useful in gathering evidence on significant computer processes is:

Accepted Answer

A)  documentation. 
B)  observation. 
C)  test decks. 
D)  generalized audit software. 
A)  documentation. 
B)  observation. 
C)  test decks. 
D)  generalized audit software.

Question 2

Which of the following statements is correct?

Accepted Answer

A)  Auditors should evaluate application controls before evaluating general controls. 
B)  Auditors should evaluate application controls and general controls simultaneously. 
C)  Auditors should evaluate general controls before evaluating application controls. 
D)  None of these statements is correct. 
A)  Auditors should evaluate application controls before evaluating general controls. 
B)  Auditors should evaluate application controls and general controls simultaneously. 
C)  Auditors should evaluate general controls before evaluating application controls. 
D)  None of these statements is correct.

Question 3

Briefly define general controls and application controls.

Accepted Answer

General controls are those that relate t

Question 4

Programmers should be allowed access to:

Accepted Answer

A)  user controls. 
B)  general controls. 
C)  systems controls. 
D)  applications controls. 
A)  user controls. 
B)  general controls. 
C)  systems controls. 
D)  applications controls.

Question 5

The objective of the computer audit technique known as the test data approach is to determine whether the client's computer programs can correctly process valid and invalid transactions.

Accepted Answer

A) True 
 B)False

Question 6

Controls which are designed to assure that the information processed by the computer is authorized, complete, and accurate are called:

Accepted Answer

A)  input controls. 
B)  processing controls. 
C)  output controls. 
D)  general controls. 
A)  input controls. 
B)  processing controls. 
C)  output controls. 
D)  general controls.

Question 7

The test data approach requires the auditor to insert an audit module in the client's application system to test how transaction data is processed.

Accepted Answer

A) True 
 B)False

Question 8

Identify the six categories of general controls and give one example of each.

Accepted Answer

General controls fall into the following

Question 9

Parallel testing is more expensive than pilot testing.

Accepted Answer

A) True 
 B)False

Question 10

One common use of generalized audit software is to help the auditor identify weaknesses in the client's IT control procedures.

Accepted Answer

A) True 
 B)False

Question 11

Identify the three categories of application controls, and give one example of each.

Accepted Answer

Application controls fall into three cat

Question 12

In IT systems, if general controls are effective, it increases the auditor's ability to rely on application controls to reduce control risk.

Accepted Answer

A) True 
 B)False

Question 13

In an IT-intensive environment, most processing controls are:

Accepted Answer

A)  input controls. 
B)  operator controls. 
C)  programmed controls. 
D)  documentation controls. 
A)  input controls. 
B)  operator controls. 
C)  programmed controls. 
D)  documentation controls.

Question 14

One category of general controls is physical and online security. Describe the control and give at least three examples of implementation of the control.

Accepted Answer

Access to hardware is restrict

Question 15

When performing a parallel simulation the auditor may use generalized audit software (GAS). Which of the following is not seen as an advantage to using GAS?

Accepted Answer

A)  Auditors can learn the software in a short period of time 
B)  Can be applied to a variety of client's after detailed customizations 
C)  Can be applied to a variety of client's with minimal adjustments to the software 
D)  Greatly accelerates audit testing over manual procedures 
A)  Auditors can learn the software in a short period of time 
B)  Can be applied to a variety of client's after detailed customizations 
C)  Can be applied to a variety of client's with minimal adjustments to the software 
D)  Greatly accelerates audit testing over manual procedures

Question 16

When using the test data approach:

Accepted Answer

A)  test data should include data that the client's system should accept or reject. 
B)  application programs tested must be virtually identical to those used by employees. 
C)  select data may remain in the client system after testing. 
D)  none of the above statements is correct. 
A)  test data should include data that the client's system should accept or reject. 
B)  application programs tested must be virtually identical to those used by employees. 
C)  select data may remain in the client system after testing. 
D)  none of the above statements is correct.

Question 17

Application controls vary across the IT system. To gain an understanding of internal control for a private company, the auditor must evaluate the application controls for every:

Accepted Answer

A)  audit area. 
B)  material audit area. 
C)  audit area in which the client uses the computer. 
D)  audit area where the auditor plans to reduce assessed control risk. 
A)  audit area. 
B)  material audit area. 
C)  audit area in which the client uses the computer. 
D)  audit area where the auditor plans to reduce assessed control risk.

Question 18

When auditing a client whose information is processed by an outside service provider, it is not acceptable for the auditor to rely on the audit report of another independent auditor who has previously tested the internal controls of the service provider, rather than testing the service provider's controls himself or herself.

Accepted Answer

A) True 
 B)False

Question 19

A control that relates to all parts of the IT system is called a(n):

Accepted Answer

A)  general control. 
B)  systems control. 
C)  universal control. 
D)  applications control. 
A)  general control. 
B)  systems control. 
C)  universal control. 
D)  applications control.

Question 20

Which of the following computer-assisted auditing techniques inserts an audit module in the client's application system to identify specific types of transactions?

Accepted Answer

A)  parallel simulation testing 
B)  test data approach 
C)  embedded audit module 
D)  generalized audit software testing 
A)  parallel simulation testing 
B)  test data approach 
C)  embedded audit module 
D)  generalized audit software testing

Exam 12: The Impact of Information Technology on the Audit Process

The audit procedure which is least useful in gathering evidence on significant computer processes is:

Which of the following statements is correct?

Briefly define general controls and application controls.

Programmers should be allowed access to:

The objective of the computer audit technique known as the test data approach is to determine whether the client's computer programs can correctly process valid and invalid transactions.

Controls which are designed to assure that the information processed by the computer is authorized, complete, and accurate are called:

The test data approach requires the auditor to insert an audit module in the client's application system to test how transaction data is processed.

Identify the six categories of general controls and give one example of each.

Parallel testing is more expensive than pilot testing.

One common use of generalized audit software is to help the auditor identify weaknesses in the client's IT control procedures.

Identify the three categories of application controls, and give one example of each.

In IT systems, if general controls are effective, it increases the auditor's ability to rely on application controls to reduce control risk.

In an IT-intensive environment, most processing controls are:

One category of general controls is physical and online security. Describe the control and give at least three examples of implementation of the control.

When performing a parallel simulation the auditor may use generalized audit software (GAS). Which of the following is not seen as an advantage to using GAS?

When using the test data approach:

Application controls vary across the IT system. To gain an understanding of internal control for a private company, the auditor must evaluate the application controls for every:

A control that relates to all parts of the IT system is called a(n):

Which of the following computer-assisted auditing techniques inserts an audit module in the client's application system to identify specific types of transactions?

The Demand for Audit and Other Assurance Services

The CPA Profession

Audit Reports

Professional Ethics

Legal Liability

The CPA Profession

Audit Evidence

Audit Planning and Analytical Procedures

Materiality and Risk

Section 404 Audits of Internal Control and Control Risk

Fraud Auditing

Overall Audit Plan and Audit Program

Audit of the Sales and Collection Cycle: Tests of Controls and Substantive Tests of Transactions

Audit Sampling for Tests of Controls and Substantive Tests of Transactions

Completing the Tests in the Sales and Collection Cycle: Accounts Receivable

Audit Sampling for Tests of Details and Balances

Audit of the Acquisition and Payment Cycle: Tests of Controls and Substantive Tests of Transactions, and Accounts Payable

Completing the Tests in the Acquisition and Payment Cycle: Verification of Selected Accounts

Audit of the Payroll and Personnel Cycle

Audit of the Inventory and Warehousing Cycle

Audit of the Capital Acquisition and Repayment Cycle

Audit of Cash Balances

Completing the Audit

Other Assurance Services

Internal and Governmental Financial Auditing and Operational Auditing

Filters