You are on page 1of 34

CIA Exam Questions Introduction to Internal Auditing 1.

Which of the following best describes the objective of internal auditing? a. To assist members of the organization in the effective discharge of their responsibilities b. To assist management with the design and implementation of accounting and control systems c. To examine and evaluate an organization's accounting system as a service to management d. To monitor the organization's internal control system for the external auditors 2. According the Statement of Responsibilities of Internal Auditing, which of the following is not included in the scope of the internal audit function? a. Appraising the economy and efficiency with which resources are employed b. Reviewing the strategic management process, assessing the quality of management decision making both quantatively and qualitatively, and reporting the results to the audit committee c. Reviewing the means of safeguarding assets and, as appropriate, verifying the existence of such assets d. Reviewing operations or programs to ascertain whether results are consisten with established objectives and goals and whether the operations or programs are being carried out as planned. 3. Of the following, which is the major objective of The Institue of Internal Auditors? a. Cultivate, promote and disseminate information concerning internal auditing and related subjects b. Oversee the activities of internal auditors c. Promulgate standards that must be followed by all corporations d. Investigate accusations that Certified Internal Auditors have violated The Institute of Internal Auditors Code of Ethics 4. One of the purposes of the Standards for the Professional Practice of Internal Auditing as stated in the Introduction to the Standards is to a. Encourage the professionalization of internal auditing b. Establish the independence of the internal audit department and emphasize the objectivity of internal auditing c. Encourage external auditors to make more extensive use of the work of internal auditors d. Establish the basis for guidance and measurement of internal auditing performance 5. Which of the following statements does not describe one of the purposes of The IIA Code of Ethics? The IIA Code of Ethics a. Sets forth basic principles in the practice of internal auditing b. Charges IIA members to maintain high standards of conduct c. Explains the internal audit profession's responsibility to society at large

d. States that a distinguishing mark of a profession is acceptance by its members of responsibility to those it serves 6. Independence permits internal auditors to render impartial and unbiased judgments. The best way to achieve independence is through a. Individual knowledge and skills b. Organizational status and objectivity c. Supervision within the organization d. Organizational knowledge and skills 7. Which of the following is considered a major reason for establishing an internal audit function? a. To relieve overburdened management of the responsibility for establishing an effective control structure b. To safeguard resources entrusted to the organization c. To ensure the accuracy, reliability and timeliness of financial and operating data used in managment's decision making d. To assist members of the organization in the measurement and evaluation of the effectivenss of the established internal control structure 8. The internal auditor's responsibility for the prevention of fraud includes all of the following except a. Determining if the organizational environment fosters control consciousness b. Ensuring that fraud will not occur c. Being aware of activities in which fraud is likely to occur d. Evaluating the effectiveness of actions taken by management to deter fraud 9. The internal auditing profession is believed to have advanced primarily as a consequence of a. Increased interest by graduating students and experienced auditors b. The limitation of external audit scope c. Job qualification specifications that include added emphasis on background knowledge and skills d. Increased complexity and sophistication of business operations 10. The audit committee can serve several important purposes, some of which directly benefit internal auditing. The most significant benefit provided by the audit committee to the internal auditor is a. Protecting the independence of the internal auditor from undue management influence b. Reviewing annual audit plans and monitoring audit results c. Approving audit plans, scheduling, staffing and meeting with the internal auditor as needed d. Reviewing copies of the procedures manuals for selected company operations and meeting with company officials to discuss them 11. Which of the following best describes and internal auditor's purpose in reviewing the

adequacy of the system of internal control? a. To help determine the nature, timing and extent of tests necessary to achieve audit objectives b. To ensure that material weaknesses in the internal control system are corrected c. To determine whether the internal control system provides reasonable assurance that the organization's objectives and goals are met efficiently and economically d. To determine whether the internal control system ensures that the accounting records are correct and that financial statements are fairly stated Introduction to Internal Auditing 1. A 2. B 3. A 4. D 5. C 6. B 7. D 8. B 9. D 10. A 11. C CIA Exam Questions -- Internal Auditing Standards 1. According to the Statement of Responsibilities, the authority of the internal auditing department is limited to that granted by a. The board of directors and the controller b. Senior management and the Standards c. Management and the board of directors d. The audit committee and the chief financial officer 2. A company's new president meets the director of internal auditing for the first time and asks the director to briefly describe the department's overall responsibility. The director states that internal auditing's overall responsibility is to a. Act an an independent appraisal function to review operations as a service to management by measuring and evaluating the effectiveness of controls b. Review the means of safeguarding assets and, as appropriate, verify the existence of such assets c. Ensure compliance with policies, plans, procedures, laws and regulations that could have a significant impact on operations and reports d. Review the reliability and integrity of financial and operating information and the means used top identify, measure, classify and report such informtion 3. A charter is being drafted for a newly formed internal auditing department. Which of the following best describes the appropriate opganizational status that should be

Auditee familiarity with auditor due to lack of rotation in assignments c. According to the Standards. In conducting an appraisal of the economy and efficiency with which resources are employed. Verifying the existence of assets c. Accomplishing desired operating program results 9. Procedures that are not cost justified c. The director of internal auditing should report to the chief executive officer but have access to the board of directors b. approved by the board of directors. Misapplication of accounting principles b. Developing and implementing control procedures d. Underusage of physical facilities 7. Exposure to the elements d. Stature within the organization c. Verifying the accuracy of asset valuation 8. An auditor's objectivity could be compromised in all of the following situations except a. The director of internal auditing should report to an administrative vice president 4. Approving the operating objectives or goals to be met b. Due professional care b. Determining whether underlying assumptions are appropriate c. internal auditors should review the means of physically safeguarding assets from losses arising from a. Independence 5. Relationship with management d. A conflict of interest b. According to the Standards. The Standards require that the internal audit director establish and maintain a quality assurance program to evaluate the operations of the internal audit department. Under Standard 110. an internal auditor is responsible for a. Determining whether operating standards have been established b. A written charter. The director of internal auditing should be a member of the audit committee of the board of directors c. an internal auditor's role with respect to operating objectives and goals includes a. is primarily meant to enhance the department's a. Reviewing the reliability of operating information d. the purpose. Auditor assumption of operational duties on a temporary basis d.incorporated into the charter? a. authority and responsibility of the internal audit department should be defined in a formal written document (charter). All of the . Reliance on outside expert opinion when appropriate 6. The director of internal auditing should be a staff officer reporting to the chief financial officer d.

Internal auditing has evolved to more of an operational orientation from a strictly financial orientation CIA Exam Answers -. laws and regulations c. D 6. Internal auditing involves evaluating compliance with policies. B 11. D 5.following are considered elements of a quality assurance program except a. C 2. External reviews to assess compliance with standards 10. A 3. Internal auditing is a dynamic profession. An event or action my adversely affect the organization c. Financial statements and/or internal records will contain material error 11. Annual appraisals of individual internal auditors' performance b. D . C 7. B 9. A 4. plans. Internal reviews of audits completed c. Internal auditing has evolved to verifying the existence of assets and reviewing the means of safeguarding assets d. An internal auditor will fail to detect a material error or event that causes financial statements or internal reports to be misstated or misleading b. make decisions that increase the potential liability of the organization d. the term risk is best defined as the probability that a. A 8. Internal auditing involves appraising the economy and efficiency with which resources are employed b. Which of the following best describes the scope of internal auditing as it has developed to date? a. As used in the Standards when discussing audit planning or risk assessment.IIA Standards 1. either knowingly or unknowingly. Supervision of audit work d. procedures. A 10. Management will.

These qualities are a. To outline criteria for professional behavior to maintain standards of competence.CIA Exam Questions -. skill and discipline d. irregularities were not noted c. An accounting association established a code of ethics for all members. To provide a framework within which accounting policies can be effectively developed and executed d. Ensure that all members of the profession perform at approximately the same level of competence c. alertness to conditions where irregularities are most likely was not shown d. Require members of the profession to exhibit loyalty in all matters pertaining to the affairs of their organization 2. reasonable care has been taken b. morality." This statement makes which of the following unnecessary? a. No.IIA Code of Ethics 1. "Due care implies reasonqble care and competence. The conduct of examinations and verifications to a reasonable extent b. Yes. Identify the association's primary purpose for establishing the code of ethics. Punctuality. Yes. honesty and dignity within the association b. A primary purpose for establishing a code of conduct within a professional organization is to a. The consideration of the possibility of material irregularities 4. To establish standards to follow for effective accounting practice c. the working papers were annotated 5. No. sobriety and clarity c. the auditor notes in the working papers that controls over receipts are adequate. Demonstrate acceptance of responsibility to the interests of those served by the profession d. The auditor worked with the clerk several years before and has a high level of trust in the individual. The conduct of extensive examinations c. Accordingly. a. objectivity and dilegence b. loyalty and dignity . Knowledge. Timeliness. The reasonable assurance that compliance does exist d. Reduce the likelihood that members of the profession will be sued for substandard work b. An internal auditor observes that a receivables clerk has physical access to and control of cash receipts. Is the auditor in compliance with the Standards? a. The Code of Ethics requires IIA members to exercise three particular qualities in the performance of their duties. To outline criteria that can be used in conducting interviews of potential new accountants 3. Honesty. not infallibility or extraordinary performance.

Although this is the first embezzlement ever encountered and the organization has a security department. no evidence regarding the dumping was collected. b. working for a chemical manufacturer. an auditor discovers that a clerk is embezzling company funds. An organization has recently placed a former operating manager in the position of director of internal auditing. Serving as consultants to competitor organizations c. A Certified Internal Auditor. the auditor decides to personally interrogate the suspect. what is the best course of action for the staff members? a. Lack of loyalty to the organization c. Internal auditors should be prudent in their relationships with persons and organizations external to their employers. Failing to show due diligence b. Which of the following concurrent occupations could appear to subvert the ethical behavior of an internal auditor? a. Did not violate the Code of Ethics. If the auditor is violating the Code of Ethics. The auditors must resign their jobs to avoid improper activities . The auditors must exhibit loyalty to the organization and ignore the Standards d. The new director is not a member of The IIA and is not a CIA. Which of the following activities is least likely to affect internal auditors' ethical behavior adversely? a. Discussing audit plans or results with external parties 9. but they are not CIAs. Serving as consultants to suppliers d. Henceforth. Internal auditor and landlord of apartment buildings that publicly advertise for tenants in local newspapers listing monthly rental fees 8. The auditors should adopt suitable means to comply with the Standards c. Did not violate the Code of Ethics. According to the Code of Ethics. believed that toxic waste was being dumped in violation of the law.6. The auditor a. not The IIA's. Violated the Code of Ethics by knowingly becoming a party to an illegal act b. Failing to comply with the law 10. All four staff members are members of The Institute. Lack of competence in this area d. the rule violated is most likely a. Violated the Code of Ethics by failing to protect the well-being of the general public c. the internal auditing department will be run strictly by the director's standards. Internal auditor and part-time business insurance broker c. Internal auditor and adjunct faculty member of local business college that educates potential employees d. Accepting compensation from professional organizations for consulting work b. Loyalty to the employer in all matters is required d. The Code does not apply because the auditors are not CIAs. Conclusive evidence of wrongdoing was not gathered 7. During the course of an audit. Internal auditor and a well-known charitable organization's local in-house chairperson b. Out of loyalty to the company.

A 3. Be required to retake the CIA examination c. emphasized finding the structure of the decision and programming as much of it as possible. Be required to take up to 40 hours of appropriate continuing professional education courses b. Decision support systems .IIA Code of Ethics 1. Early decision models used with structured decisions. Which of the following describes the disciplinary action most likely to be imposed by The IIA? The CIA will a. Is a single large system in an organization 2. A CIA learned that certain individuals in the organization were involved in industrial espionage for the benefit of the organization.Information Systems Environment 1. A 6. A 7. identify the auditor's course of action. Report the facts to the appropriate individual within the organization b. B 11. A 12. Report the condition to the appropriate government regulatory agency 12. C 5. More recent models have been developed to support unstructured decision process. A 9. B 8. B 4. Note the condition in the working papers but refrain from reporting it because it benefits the organization d. Forfeit his or her membership in The Institute d. According to the Code of Ethics. C 2. C CIA Exam Questions -. such as intentory reordering and production scheduling. Models of the latter type are called a. Primarily processes data and produces reports c. management and decision making functions in an organization d. A CIA is found to have committed a very serious violation of the Code of Ethics of The IIA. a. A management information system a. Can only exist with computers b. Supports the operations. C 10. Be assessed a fine not to exceeed $1.000 CIA Exam Answers -. During an audit.11. No action is required because this condition is not detrimental to the organization c.

applications development. The computer processing audit manager d. The control group in the computer processing department. Wide scope. Rational decision models 3. Frequent use. Future-oriented. Systems analysis techniques d. voice communications and local area networks. Management information systems c. aggregate. accurate. b. future-oriented information. Highly current. Which of the following statements concerning computer controls is false? a. The director of internal auditing b.b. Fraud 7. Input errors and omissions c. Disruption to computer processing caused by natural disasters d. 4. Data communications. A computer control may reduce exposure by minimizing potentially harmful effects or by reduing the probable frequency of the occurrence b. outdated. external. detailed information c. Computer operations. 5. The automation of data processing activities changes the degrees of effectiveness and appropriateness of the controls that were in existence prior to the time of automation . telecommunications and office automation. Which of the following best describes the information requirements for strategic planning? a. Operating management c. The most common computer-related problem confronting organizations is a. management control and operational control. External data services. Which of the following choices best describes the scope of information resources management? a. Management activities can be classified in three levels: strategic planning. 6. word processing and intelligent workstations d. Controls over computerized systems are at least as important as controls over comparable manual systems d. Data processing. aggregate information b. Who is ultimately responsible for the implementation of cost-effective controls in an automated system? a. largely internal information d. The use of a computer to process data significantly changes the basic concepts and objectives of control relevant to the organization c. Information requirements vary with the level of management activity. Hardware malfunction b. technical services and corporate database. The managemeng of information systems is experiencing a transition from an emphasis on information processing to an emphasis on information resources management. c.

In comparison with large-scale computers. A CIA Exam Questions -. such as COBOL or FORTRAN c. Compared to an AIS. Is used only by top management 9. Is more interactive d. Cathode ray tube (CRT) terminal c. A panel of outside consultants c. B 5. B 8. D 4. Is essentially the same b. Which of the following computer hardware devices allows for an immediate update of merchandise inventory in a retail environment? a. D 6.Information System Environment 1. A 3. Expert systems consist of a. microcomputers a. is planning to develop the firm's first decision support system (DSS). C 2. a DSS a. None of the above 2. Cannot be connected to large-scale computers d. Hardware and software used to automate routine tasks CIA Exam Answers -.8. B 7. Some taxpayers complete the tax return forms by hand-writing block style letters and numbers in designated areas on the forms. experienced in the development and use of accounting information systems (AIS). Are usually more reliable cecause there is less hardware to malfunction b. Software packages with the ability to make judgment decisions b. Video display terminal d. Inventory control terminal b. A medium-sized firm.Hardware Concepts 1. Use only compiler-based languages. The characters will most likely be translated . Point-of-sale terminal 3. C 9. Hardware designed to make judgment decisions d. Many organizations are using microcomputers for business purposes. Does not use accounting data c.

A piece of hardware that takes the computer's digital information and transforms it into signals that can be sent over ordinary telephone lines is called a(n) a. storage. Dumb workstation b. it is said to be a(n) a. A modem 9. A company experienced a power surge during a recent electrical storm. If a workstation contains a processor. printer. Modem 6. the company discovered that data in internal memory banks were scrambled beyond recovery. A secondary storage device b. RAM b. Terminal emulator b. MICR c. An online workstation c. whereas a floppy disk is not 7. Today many microcomputers have both a floppy disk drive and a hard disk drive. Provides an automatic audit trail. Intelligent workstation c. the least expensive and most efficient way to store large amounts of computer data that are accessed only occasionally is a. whereas a floppy disk is a sequential-access storage medium c. Is suitable for an online system. Is a direct-access storage medium. whereas a floppy disk does not d. POS 4. 80-column cards 5. Has a much larger storage capacity than a floppy disk and can also access information much more quickly b. Lacking adequate surge protection. Normally. Communications control unit c. OCR d. The major difference between the two types of storage is that a hard disk a. RAM d. Desktop publishing workstation 8.into machine-readable form by a. Noninteractive workstation d. Magnetic disk c. Uninterruptible power supplies are used in computer centers to reduce the likelihood of . Intelligent terminal d. The system component involved in the incident would correctly be described as a. Magnetic tape d. Keydisk b. monitor. and communications capabilities.

Compiling b. The ability of a computer to call into primary storage only that portion of a program and data needed immediately while storing the remaining portions in an auxiliary storage device is commonly called a.or high-speed data communication line? a. Which of the following is a device used in a data communications system to interleave the slow data transmissions of many different terminal devices to fully use the capacity of a medium. Multiplexor channeling c. Which of the following measures would indicate the computational power of a microprocessor? a. Coaxial cable d. Losing data stored in main memory c. Crashing disk drive read-write heads 10. Bus 11. C Software Concepts 1. Capacity of the hard disk b. B 8. Failing to control concurrent access to data b. Dropping bits in data transmission d. C 9. Main memory storage capacity c. D 6. Read only memory CIA Exam Answers -. D 12. B 10. Number of bits processed per second d. Virtual storage 12. D 2. C 4. compilers and interpreters are three types of software that perform .Hardware Concepts 1. Assemblers. Multiplexor b.a. Modem c. Real-time processing d. D 3. A 7. C 5. A 11.

Assembly language d. The program is a(n) a. IDMS and IMS are a. B 3. C 2. Efficient use of computer memory b. Assist managers in the decision-making process and are part of most decision support systems b. Limited range of application d. Access control systems c. Fourth-generation computer languages can be distinguished from earlier generations of languages by their a. Prepare reports using data extracted from an organization-wide database c. DB2. Provide the communication link between computers with different operating systems 2. Compiler b. B . manipulation and quirying of integrated files is called a(n) a. Algebra-like mathematical statements Software Concepts 1. DATACOM/DB. Convert high-level languages to machine language d. Nonprocedural coding c. Programming languages d. FORTRAN and COBOL are all examples of a. Utility program 3. Application program c. C 5. BASIC. Operating system c. D 6. Operating system b. Database management systems 6. Operating systems 5. Machine languages c. ADABAS. D 4. MHigh-level languages d. They are used to a. Database management system 4.essentially the same important task. Application programs b. An integrated set of computer programs that facilitate the creation. A computer program produces periodic payrolls and reports. Library systems b. Report generator d.

must recognize that a. A . part color and part weight. All of the above 5. order quantity and reorder point for a particular inventory item. Collectively. D 2. In an inventory system on a database management system. Which file structure would most appropriately be used to support this set of records? a. part description. Such chains of digits are referred to as a. Hierarchical structure c. These individual items are called a. These codes require that data be converted into predefined groups of binary digits. Record 4. Stored files c. File c.Data Organization 1. part name. one stored record contains part number. Occurrences 3. with each data element needing the same number of storage spaces. A logical record and a physical record may be identical c. these data make up a a. Input d Bytes 2. numbers or special characters. quantity-on-hand. Database management systems synthesize logical records d. An internal auditor encounters a batch-processed payroll in which each record contains the same type of data elements. in the same order. Relational structure Data Organization Concepts 1. Computers understand codes that represent letters of the alphabet. ASCII code c. Field b. using a computer terminal. Single flat file structure b. An internal auditor. Fields b. An inventory clerk. Bytes d. Network structure d. Registers b. views the following on screen: part number. Database d. quantity-on-order. Logical records are defined in terms of the information they contain and portions may be located in more than one physical record b. in determining the data elements (logical records) to be used for an audit.

D 4. Which of the following is most likely to be the approprite processing method under the circumstances? a. Batch 2. validating input. A Files and Processing 1. records 1 through 499 must be read first 4. Each record can be accessed in the same amount of time d. Users want access to current master file information at all times. batching records of transactions. There is relatively little file maintenance required. updating the master c. Online entry with immediate processing 5. Parallel b. A payroll system's master file is stored on tape. The address of the location of data is found through the use of either an algorithm or an index c. Conversion to a database system is inexpensive and can be accomplished quickly c. batching records of transactions. validating input. A new purchasing system for just-in-time production requirements has been proposed. updating the master 3. Multiple occurrences of data items are useful for consistency checking . D 5. Periodic entry with subsequent batch processing b.3. converting to machine-readable form. To read record 500. master file changes should be implemented with a. converting to machine-readable form. A company updates the payroll master file at the end of the week. the greatest advantage of a database architecture is a. Batching records of transactions. updating the master d. Validating input. Online entry with subsequent batch processing d. Network d. To satisfy user needs. validating input. Converting to machine-readable form. Data are stored on magnetic tape b. Batching records of transactions. Of the following. converting to machine-readable form. Data redundancy can be reduced b. real-time c. Online. Periodic entry with immediate batch processing c. The payroll time cards are transported to the computer center for processing. The sequence of events followed by the computer center in updating its master file should be a. The payroll is processed at night once every 2 weeks. updating the master b. Sequential access means that a.

an auditor needs to know what programs use the data. If data exist only in a database system. Sequential storage and indexes c. Network structure d. Collectively. Which of the following database models is considered to be the most versatile? a. Which of the following would not normally be considered a typical file structure for a database management system? a. What data file concepts should be used to provide the ability to answer customer inquiries as they are received? a. indexes and pointers d. DSS c. Network model d. Database schema c. and internal labels File Management 1. these files are called the firm's a. Database 7. D 4. the auditor could probably find all of this information in a a. Decision table 8. Backup and recovery procedures are minimized 6. D 2. B 3. D 5. Sequential storage and chains b. Data encryptor d. D . Tree model c. A firm maintains facts and figures on its sales. Hierarchical structure c. A business has decided to use magnetic disks to store accounts receivable information. and which printed reports display the data. Record keys. Hierarchical model b. A 6. Data dictionary b. Batched sequential structure 9. To trace data through several application programs.d. indexes. which files contain the data. MIS b. Relational structure b. Relational model 10. Inverted file structure. Data schem d. costs nd personnel in various computer files.

C Controls 1. Ensure that run-to-run totals in application systems are consistent 2. Which of the following is not an edit test? a. A device that prevents more than one peripheral unit from communicating with the CPU at the same time 3. Minimize the need for backup data files d. Parity check c. You wish to evaluate editing controls in your audit of the computer systems department. Batch controls b. Check digit routine d. The significance of hardware controls to auditors is that they a. an echo check. Assure the correct execution of machine instructions c.7. Reduce the incidence of user input errors in online systems d. A 8. Double writing of the CPU and peripheral equipment to prevent malfunctioning d. Deter improper use or manipulation of data files and programs b. Ensure that only console operators have access to program documentation c. Ensure correct programming of operating system functions b. many hardware controls assure the accuracy of data processed. A component that signals the control unit that an operation has been performed b. Ensure that hardware controls are operating effectively and as designed by the computer manufacturer 6. Two units that provide read-after-write and dual-read capabilities c. Limit check 4. In a data center. D 10. create new . Which new issues. associated with rapidly advancing computer technology. Header label check c. Parity check 5. One hardware control used to evaluate stored data by counting the number of on bits in each character and then determining whether the total obtained is odd or even is a a. D 9. Self-checking numbers d. Hardware controls usually are those built into the equipment by the manufacturer. Programmed check b. One such control. Adequate control over access to data processing is required to a. is best described as a.

Data access security related to applications may be enforced through all the following except a. Keying data to disk for batch processing . Authorization of access to program files c. Controls over library tape procedures c. Periodic server backup and storage in a secure area d. Security functions provided by a database management system 8. accuracy and vality of input 12. All administrative and professional staff in a corporate legal department prepare documents on terminals connected to a host LAN file server. The best control over unauthorized access to sensitive documents in the system is a. User identification and authentication functions incorporated in the application b. Required entry of passwords for access to individual documents 9. Completeness. Changes in organizational reporting requirements and controls over computer abuse b. Utility software functions c. An organization could incur material losses if a competitor gains access to sensitive operating information contained in computer files. Frequently changed passwords c. User identification and authentication functions in access control software d. accuracy and validity of updating d. Controlled disposal of documents and encryption of data files b. Keying data to disk for online processing b. Authorization of access to data files b. Data conversion is the translation of data into a form the computer can accept.risk exposures for organizations? a. The controls most likely to prevent such losses are a. Encryption of data files and frequent changes of passwords c. Primary and secondary key integrity checks and frequent changing of passwords 11. Complexity of operating systems and controls over privacy of data d. Completeness. The purpose of input controls is to ensure the a. Which of the following controls is least effective in preventing unauthorized access to a computer file from a remote. Primary and secondary key integrity checks and encryption of data files d. Physical security for all disks containing document files c. What method of data conversion is most difficult to audit? a. unauthorized terminal or personal computer? a. Changes in organizational behavior 7. Call back procedures b. Required entry of passwords for access to the system b. Frequently changed access codes 10. Echo checks d.

match payments and payables with invoices 15. Each time the file is updated. Check digits. the relevant data fields are . Match invoices with payments. Completeness test b. Valid code check c. A company's labor distribution report requires extensive corrections each month because of labor hours charged to inactive jobs. Limit test d. Keying data to source documents for magnetic-ink character recognition d. match payments with invoices b. Coding of data internal to the computer did not change when the data were moved from one internal storage location to another 14. The best approach for verifying the completeness of the data is for the auditor to use audit software on the workstation to a.000 for any employee. Match invoices with payments. The last record in an inventory file contains totals of items in the file. Control total 16. match payables with invoices c. Data processing has been performed as intended without omission or double counting of transactions b. Parity check d. Proof calculation b. Periodically. payments and payables for goods received for the prior month to an audit workstation. Reading source data using optical-character recognition 13. Record check 18. Limit check b. Data received for processing have been properly converted d. Master file lookup d. Validity test c. the totals are also updated. An online bank teller system permitted withdrawals from inactive accounts. match payments and payables with invoices d. Match invoices with payables. entry verification and batch totals are examples of controls designed to provide reasonable assurance that a. An internal auditor downloads the invoices. Only authorized persons have access to files c. A computer program for processing the weekly payroll contains an instruction that the gross pay field shall not exceed $1. The best control for denying such withdrawals is a a. Duplicate record check 17. Check-digit verification c.c. This instruction constitues a control known as a a. Match invoices with payments and payables. Which of the following data processing input controls appears to be missing? a.

D 7. A 6. Load the output in a file to print at local workstations c. Become familiar with the company's means of identifying. The major purpose of the auditor's study and evaluation of the company's computer processing operations is to a. The best approach for ensuring that only authorized emplyees receive computer output is a. D 10. D 5. File management control d. Evaluate the reliability and integrity of financial information d. Make printouts available only at specified times Controls 1. Ordinarily used with a computer program written to check the data 20. classifying and reporting information . Evaluate the competence of computer processing operating personnel b. Inexpensive and therefore widely used c. Output distribution control 19. measuring. Effectively used to detect the erroneous recording of data on source documents b. B 3. D 9. Used to detect errors introduced by the keying process d. Transmission control c. D 4.summed and compared with the totals. Hold the output in a secure area until it is picked up by authorized employees d. D 2. Place the output in bins early in the day rather than late in the day b. C Controls 1. A 8. Ensure the exercise of due professional care c. Input control b. Unbalanced conditions are reported and corrected. The key verification process associated with keying computer records for input to a computer system is a. This practice is a(n) a.

the internal auditor should consider the computer processing department entirely responsible for data a. Processing primarily consists of sorting the input data and updating the master file sequentially c. Calculating amounts for declining-balance depreciation charges d. Loss of independence c. When auditing computer security. Perform tests of the effectiveness of controls b. Levels of terminal access d. Saving valuable audit time d. Review contingency procedures and documentation standards c. Perform substantive test . Timeliness d. The programmer's access to confidential information 3. Testing for the presence of authorized signatures on documents b. Which of the following could the internal auditor examine only in online sytems? a. Prohibition of random access d. Generalized audit software is not available 7. Input transactions are batched and system logic is straightforward b. Results of test decks b. Parallel audit simulation (the audit model technique) is an appropriate audit approach for a.2. In a distributed database environment. Summarizing the results of accounts receivable confirmation work c. Completeness b. Auditing through the computer must be used when a. The auditor's programming experience b. Resolution of errors c. Accuracy c. Reconciliation of batch control totals b. Analysis of system-generated core dumps 6. Scanning the general ledger file for unusual transactions 8. which of the following is a test of control for access control administration? a. The auditor's primary concern with an auditee programmer's writing a program to age inventory is a. None of the above 4. Processing is primarily online and updating is real-time d. Tests of transactions 5. the internal auditor usually does not a. Examination of logged activity c. When evaluating computerized operating reports.

operations. the best computer audit technique is for the auditor to conduct a(n) a. an auditor selected certain fileupdating transactions for detailed testing. Collect transaction and master file records in a separate file c. security and data processing b. To determine whether any unauthorized program changes have been made since the last authorized program update. The best audit approach in a microcomputer environment is to increase a. The audit technique that will provide a computer trail of all relevant processing steps applied to a specific transaction is described as a. Simulation b. Tagging and tracing 12. Code review c. Substantive testing c. The audit effort most likely to yield relvant evidence in determining the adequacy of an organization's disaster recovery plan should focus on a. The sufficiency of the list of replacement equipment needed in event of a disaster c. Type of operating system . A primary reason auditors are reluctant to use an ITF (minicompany technique) is that it requires them to a. Attribute sampling d. Reserve specific master file records and process them at regular intervals b. Review personnel practices and policies 9. The completeness of the plan as to facilities. The question of whether the plan is in the planning or developmental stage d. Programs that access the data b.d. Code comparison b. Notify user personnel so they can make manual adjustments to output d. Analytical review 10. Test data run d. The role of the internal auditing department in developing and testing the plan 14. In auditing an online perpetual inventory system. Code comparison d. Different audit procedures may be required because a microcomputer may not be subject to the same degree of controls as larger computers. Tests of controls b. Snapshot c. What information would the auditor expect to find in the data dictionary that would assist in a payroll application audit? a. Identify and reverse the fictitious entries to avoid contamination of control totals 11. Documentation review 13. communications.

Check for duplications. Which one indicates the need for improved internal control? a. It allows immediate processing of audit data on a spreadsheet working paper c.c. The system employs message sequencing as a way to monitor data transmissions c. Provide totals of unusual items b. B 6. It allows direct confirmation of customer account balances 2. A 15. Modern computer technology makes it possible to perform paperless audits. B 13. Verify calculation totals and analyses produced . D 11. A 14. Which of the following is an advantage of this type of paperless audit of accounts receivable balances? a. Employees may only access the computer system via an ID and an encrypted password b. A 10. C 7. It reduces the amount of substantive testing required b. D 12. System network architecture and flowcharts 15. Specify which data elements will be tested and the criteria to be used d. D 4. For example. C 8. an auditor might use a microcomputer to access the accounts receivable files directly and copy selected customer records into the microcomputer for audit analysis. C 9. in an audit of computer-processed customer accounts receivable balances. C 2. It increases the amount of technical skill required of the auditor d. D Computer Assisted Auditing 1. missing information or ranges of values c. Which of the following statements is not true concerning the tasks that generalized audit software is able to perform? a. Online user identification d. B 3. Certain types of transactions may only be made at specific terminals d. Branch office employees may access the mainframe with a single call via modem Testing of Controls 1. An audit of the electronic data interchange area of a banking group revealed the facts listed below. C 5.

When an auditor performs test on a computerized inventory file containing over 2o. Analyses. Which of the following represents a limitation on the uae of generalized audit software? a. Evidential support for all findings is copied and provided to local management during the closing conference and to each person receiving the final report c. Eliminates the requirement to develop custom audit software for each type of audit d.000 line items.3. All of the above Computer Aided Auditing 1. conclusions and recommendations are file on electronic media and are therefore subject to computer system controls and security procedures b. Asking the console operator to print every item that cost more than $100 b. Permits greater reliance to be placed on the audit results than could be obtained from manual techniques 6. Tape operating systems d. B 2. Requires the auditor to have only a minimal knowledge of computer technology while providing the auditor with a high level of programming independence b. Assures compatibility with database management systems c. Which of the following concepts distinguishes the retention of computerized audit working papers from the traditional hard copy form? a. Disk operating systems c. Using a generalized audit software package c. D . Using the systems department's programmer to write an extraction program 5. It has limited application without significant modification c. An internal auditor can use a checkpoint in a computer audit program to avoid complete restarts with a. that auditor can maintain independence and perform most efficiently by a. It can only be used on hardware with compatible operating systems 4. Obtaining a printout of the entire file and then selecting each nth item d. C 3. Computerized data files can be used in computer audit procedures d. It requires lengthy detailed instructions in order to accomplish specific tasks b. Which of the following is not an advantage of using a generalized computer audit program? Such use a. It requires significant programming knowledge to be used effectively d. Audit programs can be standardized to eliminate the need for a preliminary survey at each location 7. Random access and sequential files b.

Several risks are inherent in the evaluation of audit evidence that has been obtained through the use of statistical sampling. 6. The evidence gathered is directly related to the assertion the auditor is attempting to verify d. Using an improper audit procedure with a sample c. is introduced. The internal auditor suspects that the invoices from a small number of vendors contain serious errors and therefore limits the sample to those vendors only. The precise number of items in the population must be known 4. Difficulty in obtaining sample items b. Inability to quantify the sampling error related to the total population of vendor invoices c. There is reasonable assurance that the items selected are representative of the sampled population 3. an additional risk.4. When sampling is used. Absence of a normal distribution d. Incorrectly applying an audit procedure to sample data d. Tendency to sample a greater number of units 2. sampling risk. Each item in the sampled population must have an equal or known probability of being selected d. 5. Drawing an erroneous conclusion from sample data 5. Each item in the sampled population must have a chance of being selected that is proportional to its book value c. An example of sampling risk is a. B B A D Sampling Methods 1. A major disadvantage of selecting such a directed sample of items to examine is the a. Each item in the population has a chance of being selected b. an example of a beta or Type II error related to . 7. The standard deviation in the sample is less than or equal to the corresponding statistic for the population c. sufficiency of audit evidence is achieved when a. Each time an internal auditor draws a conclusion based on evidence from a sample. In order to quantify the risk that sample evidence leads to erroneous conclusions about the sampled population. Projecting the results of sampling beyond the population tested b. a. Each item in the sampled population must have an equal chance of being selected b.

The audit resources available for execution of the sampling plan d. $100 c. In repeated sampling. The probability is 95% that the range $120 to $180 contains the true population mean 9. the point estimate of the true population mean will be $150 about 95% of the time b. The size of an account balance misstatement considered material c. $25 d. The objectives of the audit test being conducted 8. In repeated sampling. Properly define the population to be sampled b. A confidence level of 90% means that a. An auditor draws a random sample of 225 items from a population of 10. Sampling precision is calculated as +/. There are 90 chances out of 100 that the sample results will not vary from the true characteristics of the population by more than a specified amount d. the sample precision would have been approximately a. Draw a random sample from the population c.$30 at a 95% confidence level. The probability is 95% that the true population mean is $150 c. The sampling risk b. Which of the following statements correctly interprets these sample data? a.$50.40 with a confidence level of 95%. If a sample of 900 items had been drawn and if the same sample standard deviation of $386 had been calculated.sampling risk is the failure to a. intervals with precision +/. The expected error rate is equal to 10% b. Which of the following should not be a factor in the choice of desired precision? a.$30 around the sample mean will always contain the true population mean d. $13 . The point estimate obtained is within 10% of the true population value c. setting the appropriate confidence level and desired sample precision are decisions made by the auditor that will affect sample size for a substantive test. An auditor's statistical sample drawn from a population of invoices indicates a mean value of $150 and sampling precision of +/. In statistical sampling. $200 b. A larger sample size is required than if the desired confidence level were equal to 95% 7. Accept the statistical hypothesis that a book value is not materially misstated when the true book value is not materially misstated 6. Reject the statistical hypothesis that a book value is not materially misstated when the true book value is materially misstated d.000 and calculates the sample standard deviation at $386.

Using a variables sampling plan. is the a. The accounting department reports the accounts payable balance as $175. Degree of asymmetry of a distribution c. Extent to which the individual values of the items in the population are spread about the mean b. The risk that sample results will support the hypothesis when a material misstatement actually does exist is the risk of a. The variability of a population.000. Decreasing the size of the sample d. Measure the variability of a specific item within the sample b. Tendency of the means of large samples (at least 30 items) to be normally distributed d. Range c. as measured by the standard deviation. Measure of the closeness of a sample estimate to a corresponding population characteristic 13.10. The auditor then computes the standard error of the mean. The measure of variability of a statistical sample that serves as an estimate of the population variability is the a. Basic precision b. you compute a 95% confidence interval of $173. Find it impossible to determine the acceptability of the balance b. In conducting a substantive test of an account balance. Alpha error c. Increasing the size of the sample c. Measure the variability that exists among all possible invoice samples of the same size d. Stratifying the population b. Type I error . All of the above 14.000. An auditor draws a random sample of invoices and computes the mean invoice amount. Perform difference estimation and avoid a large sample 15. This information can be used to a. Accept the $175.000 of the actual balance. The auditor can change the standard error of the mean for a statistical sample by a. You would therefore a. Incorrect acceptance d. an auditor hypothesizes that no material misstatement exists. Determine the standard deviation of the sample c. Incorrect rejection b. Standard deviation d. Accept the balance but with a lower level of confidence c. Take a larger sample before totally rejecting the balance and requiring adjustments d.000 to $190. Confidence interval 12.000 balance because the confidence interval is within the materiality limits 11. You are willing to accept that balance if it is within $15.

the finite population correction factor a. a sample is taken to test for the presence of fictitious payees. Ratio-estimation sampling c. Attiribute sampling b. When would difference estimation of ratio estimation methods be inappropriate? a. Monte Carlo method c. Which estimation method must be used? a. Variables sampling d. Sensitivity analysis 18. In appraising the results of a statistical sample. Difference c. Ratio d. Stop or go sampling 19.16. In the audit of a health insureance claims processing department. Mean per unit b. If the average difference between the audit value and book value of a population is small c. Is needed when sampling is performed with replacement d. Can be greater than one b. Application of probability theory d. Is applied to reduce the size of the sample 17. An auditor for the state highway and safety department needs to estimate the average highway weight of tractor trailer trucks using the state's highway system. though none are suspected. If differences between the book value and audit value of a population are numerous d. Attribute sampling b. An internal auditor of a manufacturing company analyzes cost variances incurred in the manufacturing process to determine their statistical significance. Discovery sampling c. An internal auditor is preparing to sample accounts receivable for overstatement. Has less effect as the sample becomes a larger proportion of the population c. If the average difference between the audit value and book value of a population is large 21. If differences between the book values and audit values of a population are rare b. Dollar-unit sampling . The most appropriate sampling plan is a. A statistical sampling method that automatically provides stratification when using systematic selection is a. Which of the following techniques is most likely to be used for this purpose? a. Probability proportional to size 20. Markov chains b.

Population variance 26. When planning an attribute sampling application. Desired confidence level d.3% . Reliability c. Difference estimation sampling c. Ratio estimation sampling b. 5. Which factor below is the most important for the auditor to consider? a. A statistical sampling technique that will minimize sample size whenever a low rate of noncompliance is expected is a. It is complicated and always requires the use of a computer system to perform the calculations c. Under which of the following conditions would the auditor be least likely to use a stop or go sampling plan? a. An auditor planning an attribute sample from a large number of invoice items intends to estimate the actual rate of deviations. what precision can be assigned? a. Misstatement rates must be large and the misstatements must be overstatements d. It can only be used for substantive testing of asset accounts b. Skewness 27. the difference between the expected deviation rate and the maximum tolerable rate is the planned a. Population size c. Dispersion d. 6. Misstatement rates must be small and the misstatements must be overstatements 23.d. The auditor plans to determine an upper precision limit for the estimated percentage of deviations contained in the population 24. The population to be sampled is very large b. Precision b. At the 95% confidence level. Stop or go sampling 25. The auditor expects the population to contain a high rate of deviations c. Stratified mean per unit sampling d.9% b. Which of the following best describes an inherent limitation of the probability proportional to size sampling method? a. An internal auditor plans to test the accuracy of recorded quantities on hand in an inventory file against the actual quantities on hand. Audit objective b. A test of 200 invoices randomly selected by the auditor revealed that 35 had not been approved for payment. The auditor plans to draw a relatively small sample size d. Mean-per-unit sampling 22.

3. A statistical sample from an inventory containing a total of 10. Acceptable only if the risk of incorrect rejection is at least twice the risk of incorrect acceptance b. In an application of mean per unit sampling.$20 31.000 point estimate (estimated total value): $591.000 tolerable misstatement: +/.$52 d. In applying variables sampling. 9.$2 c +/. $230. Predict a monetary population value within a range of precision 30.1% d. The skew of the distribution of sample means cannot be determined c.000 The appropriate conclusion would be that the reported book value is a. 32. the following information has been obtained: reported book value: $600.000 to $270. Not acceptable d.5% 28. What is the interval estimate of the total value of the inventory at the 95. Acceptable c. what precision can the auditor assign to the estimate of the mean dollar value of a part? a. Given a sample standard deviation of $400.5% confidence level (C=2.22.000 allowance for sampling risk (precision): +/. a sample size of 400. The size of the sampling risk will increase disproportionately 29. +/. Acceptable only if the risk of incorrect acceptance is at least twice the risk of incorrect rejection. An internal auditor is using variables estimation as the statistical sampling technique to estimate the monetary value of a large inventory of parts.0)? a.45. an auditor attempts to a. The estimated population mean value will increase disproportionately d. Determine various rates of occurrence for specified attributes c. +/.000 . and a 95% two-tail confidence interval. Discover at least one instance of a critical deviation d.000 items produced a sample mean equal to $25 and a standard error of the mean equal to $1.$39 b.c. Very small random samples (fewer than 30) should normally be avoided when using a variables sampling plan because a. +/. Estimate a qualitative charactristic of interest b. The estimated standard deviation of the population will increase disproportionately b.

450 to $259.b. $240. Has an equal probability of being selected b.000 c. Defining the sampling unit in the population as an individual dollar value and not as an individual account balance 37. 550 d. Probable effect on the entire population is not provided 34. Amount is not material d. When an internal auditor uses dollar unit statistical sampling to examine the total value of invoices. Using a sampling technique in which the same account balance could be selected more than once c. Variables sampling plans with substantial stratification by dollar amount c.000 to $270. The number of sampling units is large Sampling 1. Selection of inventory records using a random starting point for the record selection d. Difference or ratio estimation plans applied on an unstratified basis 35. Sample selection using dollar unit sampling for inventory valuation will most likely result in selectgion of a sample with characteristics roughly equivalent to one provided by a. Has an unknown probability of being selected d. Has a probability proportional to its dollar value of being selected 36. An auditor's finding was stated as follows: "Twenty of one hundred randomly selected items tested revealed that $200 of cash discounts on purchases were lost. Combining negative and positive dollar error item amounts in the appraisal of a sample b. Recommendation specifies no action b. Which of the following would be an improper technique when using dollar unit statistical sampling in an audit of accounts receivable? a.000 33. Statistical inferences are to be made c. $250. each invoice a. Mean per unit or direct extenstion unstratified sampling plans b. Can be represented by no more than one dollar unit c." This variables sampling finding is deficient because the a. Selecting a random starting point and then sampling every nth dollar unit (systematic sampling) d. $240. Each account is of equal importance d.000 to $260. The use of probability proportional to size sampling is inefficient if a. Bank accounts are being audited b. B . Sampling methodology is not defined c.

D 5. C 8. D 23. C 7. C 22. D 3. B 32. A 33. B 19. D 25. C 10. A 27. C 12. The distribution or original data be approximately normal . A 21. A 31. C 16. Every item in the population have an equal chance of being selected c. C 6. C 15. C 18. A simple random sample requires that a. D 17. D 30. A 26.2. The population be unbiased b. D 14. D 11. D 36. A 20. A 13. D 34. B 28. B 24. C Sample Selection 1. B 35. C 4. D 29. A 37. D 9.

An identifiable means of subdividing a heterogeneous population into groups with more homogeneous characteristics must be available d. a statistical sample of suburban areas is first selected. Attribute sampling b. Dollar unit sampling c. The auditor randomly chooses a receipt from the first 25 receipts and then selects every 25th receipt thereafter. Which of the following is not a criterion for a good stratified random sampling plan? a. The original population of items must be normally distributed c. and within the selected blocks. Systematic random sampling b. the auditor selects the 100 most recent express mial transactions for review. This type of sample selection can best be described as a. A major limitation of such a sampling technique is that it a. Does not describe the population from which it was drawn 4. Variables sampling 3. In a regional survey of suburban households to obtain data on television viewing habits. An auditor wishes to sample 200 sales receipts from a population of 5. Turnover volume d. Cluster sampling . Number of items c. Does not allow a statistical generalization about all express mail transactions b. Storage locations 5. Dollar value b. The expected deviation rate be low (less than 5%) 2. Every item must belong to one and only one stratum b. heterogeneous inventory. Within the chosen areas. To use stratified sampling to evaluate a large. which of the following would least likely be used as a criterion to classify inventory items into strata? a. The number of items in each group must be known or determinable 6.d.000 receipts issued during the last year. The receipts have preprinted serial numbers and are arranged in chronological (and the serial number) order. Internal auditing is conducting an operational audit of the organization's mailroom activities to determine whether the use of express mail service is limited to cases of necessity. Stratified sampling c. Results in a sample size that is too small to project to the population c. Ths ampling procedure described here is called a. Judgment interval sampling d. random samples of households are selected. Does not evaluate existing controls in this area d. To test cost-effectiveness. statistical samples of whole blocks are selected.

The total number of invoices for the period b. A 3. The estimated loss being incurred by the division c. D 8. Which of the following factors will usually be most significant in determining the number of sales invoices to select for testing? a. Estimated deviation rate Sample Selection and Sample Size 1. B 6. B 2. You seek to determine the misstatements made in recording sales invoices. Assuming a statistical sampling plan is adopted. The dollars of sales considered to be material d. which of the factors listed below most directly affects the number of items that you seek to review? a. you are searching for expenditures that are improperly classified. Quality of the internal control structure d. Magnitude of the dollar budget for the agency b. The precision desired 8. D . B 5. In an audit of a governmental agency. A 4. Number of items you found misclassified in last year's audit c. Interval sampling 7. C 7.d.