 |
1 | |
Which of the following is not an advantage of a computerized accounting system? |
| | A) | Computers process transactions uniformly. |
| | B) | Computers help alleviate human errors. |
| | C) | Computers can process many transactions quickly. |
| | D) | Computers leave a thorough audit trail which can be easily followed. |
|
|
2 | |
A common difficulty in auditing a computerized accounting system is: |
| | A) | Data can be erased from the computer with no visible evidence. |
| | B) | Because of the lack of an audit trail, computer systems have weaker controls and more substantive testing is required. |
| | C) | Because of the uniform nature of transaction processing, computer systems have strong controls and less substantive testing is required. |
| | D) | The large dissemination of entry points into the computer system leads to weak overall reliance on information generated by a computer. |
|
|
3 | |
How have Electronic Date Interchange (EDI) systems affected audits? |
| | A) | Since orders and billing transactions are done over the computer, source documents cannot be obtained. |
| | B) | Auditors often need to plan ahead to capture information about selected transactions over the EDI. |
| | C) | There is no audit trail in an EDI system, so controls are typically assessed as weak. |
| | D) | Since all transactions occur over the computer, reliability is high and little substantive testing is needed. |
|
|
4 | |
Since the computer can do many jobs simultaneously, segregation is not as defined as it is in a manual system. How can a computer system be modified to compensate for the lack of segregation of duties? |
| | A) | The computer system should be under the direction of the internal audit department. |
| | B) | The computer system should be accessible to various competent parties so they can check on each others' work. |
| | C) | Strong controls should be built into both the computer software and hardware to limit access and manipulation. |
| | D) | Many companies run complete parallel manual and automated accounting systems for a cross check on input and output. |
|
|
5 | |
One key control in the organization of the information systems department is the: |
| | A) | separation of the systems development group and the operations (data processing) group. |
| | B) | operating personnel should strictly control access to the client's database. |
| | C) | controller should manage the information system since it supplements the accounting work already done under the supervision of the controller. |
| | D) | information systems department should be under the direction of systems development personnel since they are responsible for the overall performance of the system. |
|
|
6 | |
Which of the following represent examples of general, application and user control activities, respectively, in the computer environment? |
| | A) | Control over access to programs, computer exception reports, and manual checks of computer output. |
| | B) | Manual checks of computer output, control over access to programs, and computer exception reports. |
| | C) | Computer exception reports, control over access to programs, and manual checks of computer output. |
| | D) | Manual checks of computer output, computer exception reports, and control over access to programs. |
|
|
7 | |
When would an auditor typically not perform additional tests of a computer systems controls? |
| | A) | When the assessed level of control risk is at a minimum. |
| | B) | When computer controls appear to be strong and risk is at a minimum. |
| | C) | When controls appear to be weak. |
| | D) | When inherent risk is at a maximum. |
|
|
8 | |
When would "auditing around the computer" be appropriate? |
| | A) | When controls over the computer system are strong. |
| | B) | When controls over the computer system are non-existent. |
| | C) | When controls over the computer system are adequate. |
| | D) | It is never appropriate to audit around the computer. |
|
|
9 | |
Which of the following would not be an appropriate procedure for testing the general control activities of an information system? |
| | A) | Inquiries of client personnel. |
| | B) | Inspecting computer logs. |
| | C) | Testing for the serial sequence of source documents. |
| | D) | Examination of the organizational chart to determine the segregation of duties. |
|
|
10 | |
If an auditor is using test data in a client's computer system to test the integrity of the systems output, which of the following types of controls is the auditor testing. |
| | A) | General controls. |
| | B) | User controls. |
| | C) | Quantitative test controls. |
| | D) | Application controls. |
|
|
11 | |
Which of the following is not a function of generalized audit software? |
| | A) | To aid in the random selection of transactions for substantive testing. |
| | B) | To run in parallel with the client's application software and compare the output. |
| | C) | To test the mathematical accuracy by footing and cross-foot items in the accounting system. |
| | D) | To keep an independent log of access to the computer application software. |
|
|
12 | |
Which of the following is not a computer-assisted audit technique? |
| | A) | Test data. |
| | B) | Tagging and lagging. |
| | C) | Integrated test facility |
| | D) | Program analysis. |
|