Filters
Question type
Study Flashcards

Should the auditor feel, after obtaining an understanding of IT internal control, that control risk cannot be reduced, he or she will:


A) issue an adverse opinion.
B) increase the sample size for tests of controls.
C) issue a disclaimer.
D) expand the substantive testing portion of the audit.

E) A) and D)
F) A) and C)

Correct Answer

verifed

verified

When the client uses a computer but the auditor chooses to use only the non- IT segment of internal control to assess control risk, it is referred to as auditing around the computer. Which one of the following conditions need NOT be present in order to audit around the computer?


A) Computer programs must be available in English.
B) User controls include comparison of computer- produced records with source documents.
C) The accounting software can display or print ledger balances and transaction details that allow the auditor to trace individual transactions through the accounting records.
D) The source documents are available in a readable form and can be traced easily through the accounting system to output.

E) A) and D)
F) C) and D)

Correct Answer

verifed

verified

The objective of understanding internal control and assessing control risk in an IT system is:


A) to gain an understanding of the computer hardware and software.
B) to evaluate management's efficiency in designing and using the IT system.
C) to determine if the audit firm must have an IT auditor on the team.
D) to aid in determining the audit evidence that should be accumulated.

E) None of the above
F) A) and B)

Correct Answer

verifed

verified

Oversight of the IT function to ensure that all activities are carried out consistently with the IT strategic plan is the responsibility of the:


A) librarian.
B) chief information officer.
C) data control group.
D) computer operators.

E) B) and D)
F) A) and D)

Correct Answer

verifed

verified

When auditing a computerised system, an auditor may use the test data approach as an audit tool. This technique:


A) involves introducing simulated transactions into the client's actual application program(s) .
B) should not involve the actual application programs the client uses throughout the year, since use of the actual programs would contaminate the client's accounting data.
C) is more applicable to independent audits than internal audits.
D) is a commonly used audit technique for auditing around the computer.

E) A) and B)
F) All of the above

Correct Answer

verifed

verified

Which of the following is NOT a general control?


A) Processing controls
B) Procedures for documenting, reviewing and approving systems and payments
C) Hardware controls
D) The plan of organisation and operation of IT activity

E) A) and B)
F) C) and D)

Correct Answer

verifed

verified

One potential disadvantage of IT systems is the increased risk of destruction of entire data files.

A) True
B) False

Correct Answer

verifed

verified

Parallel testing involves:


A) requiring the user to re- input critical fields to verify accuracy of input.
B) operating the old and the new system simultaneously.
C) implementing a new system in one part of the organisation while other locations continue to rely on the old system.
D) processing test data against a copy of the client's application program.

E) A) and B)
F) A) and C)

Correct Answer

verifed

verified

The use of 'encryption' techniques protect the security of electronic communication during the:


A) recording process.
B) transmission process.
C) data backup process.
D) data output process.

E) All of the above
F) B) and C)

Correct Answer

verifed

verified

There are three concerns or difficulties that must be overcome before the test data approach can be used by the auditor. Discuss each of these concerns.

Correct Answer

verifed

verified

Three concerns to be addressed before th...

View Answer

Pre- designed formats for audit working papers and letters can be created and saved using both electronic spreadsheets and word processors. These are called:


A) audit software.
B) macros.
C) templates.
D) desktop publishing.

E) A) and B)
F) A) and D)

Correct Answer

verifed

verified

Encryption techniques protect the security of electronic communication during transmission.

A) True
B) False

Correct Answer

verifed

verified

A control which relates to all parts of the IT system is called:


A) a systems control.
B) an applications control.
C) a universal control.
D) a general control.

E) None of the above
F) C) and D)

Correct Answer

verifed

verified

Application controls vary with each application in the IT system. In attempting to review and gain an understanding of the internal control system, the auditor must evaluate the application controls for:


A) every audit area.
B) every material audit area.
C) every audit area in which the client uses the computer.
D) every audit area where the auditor plans to reduce assessed control risk.

E) None of the above
F) A) and B)

Correct Answer

verifed

verified

Control risk is often affected by a complex IT system even if it enhances internal controls.

A) True
B) False

Correct Answer

verifed

verified

Discuss the four areas of responsibility under the IT function that should be segregated in large companies.

Correct Answer

verifed

verified

The responsibilities for IT management, ...

View Answer

Which of the following is NOT an application control?


A) Reasonableness test for unit selling price of sale
B) Preprocessing authorisation of sales transactions
C) Separation of duties between computer programmer and operators
D) Post- processing review of sales transactions by the sales department

E) B) and D)
F) A) and C)

Correct Answer

verifed

verified

Which of the following is NOT a general control?


A) Post processing reviews
B) Preparation of backup plans
C) Access to hardware is restricted
D) Equipment error causes error messages to appear on the computer monitor

E) A) and B)
F) B) and C)

Correct Answer

verifed

verified

Assume you are using generalised audit software (GAS) during your audit of accounts receivable. Discuss four kinds of tests or audit procedures you can perform with the GAS if the client's data are in machine- readable form.

Correct Answer

verifed

verified

Examples of the types of tests that can ...

View Answer

One common use of generalised audit software is to help the auditor identify weaknesses in the client's IT control procedures.

A) True
B) False

Correct Answer

verifed

verified

Showing 81 - 100 of 107

Related Exams

Exam 1

Demand for Audit and Assurance Services

74 Questions

Exam 2

Auditors Legal Environment

89 Questions

Exam 3

Audit Quality and Ethics

101 Questions

Exam 4

Audit Responsibilities and Objectives

113 Questions

Exam 5

Audit Evidence

118 Questions

Exam 6

Audit Planning and Documentation

106 Questions

Exam 7

Materiality and Risk

106 Questions

Exam 8

Internal Control and Control Risk

120 Questions

Exam 9

Fraud Auditing

75 Questions

Exam 11

Overall Audit Plan and Audit Program

105 Questions

Exam 12

Audit of the Sales and Collection Cycle: Tests of Controls and Substantive Tests of Transactions

120 Questions

Exam 13

Completing Tests in the Sales and Collection Cycle: Accounts Receivable

109 Questions

Exam 14

Audit Sampling

146 Questions

Exam 15

Audit of Transaction Cycles and Financial Statement Balances I

138 Questions

Exam 16

Audit of Transaction Cycles and Financial Statement Balances II

137 Questions

Exam 17

Completing the Audit

100 Questions

Exam 18

Audit Reporting

85 Questions

Exam 19

Other Auditing and Assurance Engagements

103 Questions

Show Answer