Professional Documents
Culture Documents
Email address *
gonzales.gloreejoyabsa1993@gmail.com
An auditor would most likely be concerned with which of the following 0/1
controls in a distributed data processing system?
Access controls.
Hardware controls.
Standards of fieldwork
General standards
Reporting standards
An on-line access control that checks whether the user’s code number is 1/1
authorized to initiate a specific type of transaction or inquiry is referred to
as
Password
Compatibility test
Limit check
Reasonableness test
Controls over the system development process and operations may not be viewed by
the developer, the user or management as being as important or cost-effective.
In almost all commercially available operating systems, the built-in security provided
has gradually increased over the years.
Generally, the CIS environment in which personal computers are used is less
structured than a centrally-controlled CIS environment.
Correct answer
Certain general CIS controls that are particularly important to on-line 0/1
processing least likely include
Access controls.
Correct answer
810
900
Virus
Utility program
Encryption
A CIS environment exists when a computer of any type or size is involved in the
processing by the entity of financial information of significance to the audit; whether
that computer is operated by the entity or by a third party.
The auditor should consider how a CIS environment affects the audit.
Complexity
Significance
Threshold
Relevance
Are very versatile programs that can be used on hardware of many manufacturers.
Correct answer
If general CIS controls are not effective, there may be a risk that misstatements might
occur and go undetected in the application systems.
The general CIS controls may have a pervasive effect on the processing of
transactions in application systems.
Manual procedures exercised by users may provide effective control at the application
level.
Weaknesses in general CIS controls cannot preclude testing certain CIS application
controls.
A control feature in an electronic data processing system requires the 1/1
central processing unit (CPU) to send signals to the printer to activate the
print mechanism for each character. The print mechanism, just prior to
printing, sends a signal back to the CPU verifying that the proper print
position has been activated. This type of hardware control is referred to as
Validity control
Echo check
Signal control
For the accounting system of ERMOSO Company, the amounts of cash 1/1
disbursements entered into an EDP terminal are transmitted to the
computer that immediately transmits the amounts back to the terminal for
display on the terminal screen. This display enables the operator to
Which of the following is least considered if the auditor has to determine 1/1
whether specialized CIS skills are needed in an audit?
The auditor needs to obtain a sufficient understanding of the accounting and internal
control system affected by the CIS environment.
The need of the auditor to make analytical procedures during the completion stage of
audit.
The auditor needs to determine the effect of the CIS environment on the assessment
of overall risk and of risk at the account balance and class of transactions level.
Which of the following least likely protects critical and sensitive information 0/1
from unauthorized access in a personal computer environment?
Employing passwords.
Correct answer
The effect of personal computers on the accounting system and the 1/1
associated risks will least likely depend on
The extent to which the personal computer is being used to process accounting
applications.
CIS application controls include, except 1/1
Monitoring controls.
Which of the following is not a major reason for maintaining an audit trail 1/1
for a computer system?
Monitoring purposes.
Query answering.
Deterrent to fraud.
Analytical procedures.
The volume of the transactions is such that users would find it difficult to identify and
correct errors in processing.
Which one of the following input validation routines is not likely to be 1/1
appropriate in a real time operation?
Sequence check
Sign check
Field check
Encryption
Anti-virus
Back-up
Most of today’s computer systems have hardware controls that are built in 0/1
by the computer manufacturer. Common hardware controls are
Duplicate circuitry, echo check, tape file protection, and internal header labels
Correct answer
Computer systems that enable users to access data and programs directly 1/1
through workstations are referred to as
Database systems
After the preliminary phase of the review of a client’s computer controls, an 1/1
auditor may decide not to perform tests of controls related to the controls
within the computer portion of the client’s internal control. Which of the
following would not be a valid reason for choosing to omit such tests?
The time and peso costs of testing exceed the time and peso savings in substantive
testing if the tests of controls show the controls to be operative.
There appear to be major weaknesses that would preclude reliance on the stated
procedure.
Prepare spreadsheets.
An auditor most likely would test for the presence of unauthorized 0/1
computer program changes by running a
Correct answer
The potential unauthorized access to data or to alter them without visible evidence
maybe greater.
Certain CIS application controls that are particularly important to on-line 1/1
processing least likely include
Pre-processing authorization.
Balancing.
Cut-off procedures.
Transaction logs.
The nature of the risks and the internal characteristics in CIS environment 1/1
that the auditors are mostly concerned include the following except:
Cost-benefit ratio.
Which of the following is not likely a control over removable storage media 1/1
to prevent misplacement, alteration without authorization or destruction?
Placing responsibility for such media under personnel whose responsibilities include
duties of software custodians or librarians.
Keeping current copies of diskettes, compact disks or back-up tapes and hard disks in
a fireproof container, either on-site, off-site or both.
Using a program and data file check-in and check-out system and locking the
designated storage locations.
Forms