1. Information that needs to be stored for general and application controls, with a 10 years or more would most likely be focus on determining if there is stored in which type of file? compliance with policies and adequate a. Back up safeguarding of assets? b. Archive a. Information systems audit c. Encrypted b. Financial Audit d. Log c. Operational Audit 2. Which of the following is an example of d. Compliance Audit the kind of batch total called a hash 6. At what step in audit process do the total? concepts of reasonable assurance and a. The sum of the purchase materiality enter into the auditor’s amount field in a set of decision process? purchase orders a. Planning b. The sum of the purchase order b. Evidence Collection number field in a set of c. Evidence Evaluation purchase orders d. They are important in all three c. The number of completed steps documents in a set of purchase 7. Which of the following procedures is orders not used to detect unauthorized d. All of the Above program changes 3. Which of the following is a a. Source code comparison characteristic of auditing? b. Parallel Simulation a. Auditing is a systematic, step- c. Reprocessing by-step process d. Reprogramming code b. Auditing involves the collection 8. The fundamental purpose of internal and review of evidence control is to c. Auditing involves the use of a. Safeguard the resources of the established criteria to evaluate organization evidence b. Provide reasonable assurance d. All of the above are that the objective of the characteristic of the auditing organization are achieved 4. Which of the following is not a reason c. Encourage compliance with an internal auditor should participate in organization objectives internal control reviews during the d. Ensure the accuracy, reliability, design of new system? and timeliness of information a. It is more economical to design e. All of the above controls during the design than f. None of the Above to do so later 9. The auditor would most likely be b. It eliminates the need for concerned with internal control policies testing controls during regular and procedures that provide reasonable audits assurance about the c. It minimizes the need for a. Efficiency of management’s expensive modifications after decision making process the system is implemented b. Appropriate prices the entity d. It permits the design of audit should charge for its products trails while they are economical c. Methods of assigning production tasks to employees d. Entity’s ability to process and b. The auditor’s specific audit summarize financial data objectives e. All of the Above c. The consideration of inherent 10. Components of internal control risk and control risk through includes: which the auditor arrives at the a. Control Environment risk assessment b. Risk Assessment d. The auditor’s design and c. Information and performance of tests of control Communication Systems and substantive procedures d. Control Activities appropriate to meet the audit e. All of the Above objective f. None of the Above 13. Which of the following statement is not 11. The characteristics the distinguish correct? computer processing from manual a. The overall objective and scope processing include the following: of an audit do not change in a I. Computer processing uniformly CIS Environment subjects like transactions to the b. When computer or CIS are same instructions introduced, the basic concept II. Computer System always ensure of evidence accumulation that complete transaction trails remain the same useful for audit purposes are c. Most CIS rely extensively on preserved for indefinite periods (1 the same type of procedures for characteristics of CIS is the lack of control that are used in manual visible transaction trail) processing system III. Compute processing virtually d. The specific methods eliminates the occurrence of clerical appropriate for implementing errors normally associated with the basic auditing concepts do manual processing not change IV. Control procedures as to 14. Which of the following is not a general segregation of functions may no control? longer be necessary in computer D. Processing Controls environment (may be combined but 15. Which of the following activities would is necessary) most likely be performed in the CIS a. All of the above statements Department? are true B. Conversion of information to machine- b. Only Statements 2 and 4 readable form are True 16. For control purposes, which of the c. Only Statements 1 and 3 following should be organizationally are True segregated from the computer d. All of the above statement operations functions? are False B. System Development 12. The use of CIS will least likely affect the 17. Unauthorized alteration of online a. The procedures followed by the records can be prevented by employing auditor in obtaining a sufficient D. Database Access Controls understanding of the 18. Some CIS control procedures relate to Accounting and Internal Control all CIS activities (general controls) and Systems some relate to specific tasks (application controls). General Controls 1. Data and computer program can’t be include access and altered by unauthorized C. Controls for documenting and approving persons without leaving visible evidence. programs and changes to the programs TRUE 19. The management of ABC Co. suspects 2. Incorporating appropriate controls to the that someone is tampering with pay system to limit the access of data files and rates by entering changes through the programs only to authorized personnel is Company’s remote terminals located in very important. the factory. The method ABC Co. should TRUE implement to protect the system from 3. In a CIS environment, functions that are these unauthorized alterations to the normally segregated in manual processing system’s file is are combined. C. Passwords FALSE 20. Which of the following controls most 4. All transactions are initiated by the CIS likely would assure that an entity can itself without the need for an input reconstruct its financial records? document. B. Back up disks or tapes of files is stored TRUE away from originals 5. The information on the computed can be 21. A Co. updates its accounts receivable easily changed, leaving no trace of the master file weekly and retains the master original content. files and corresponding update transactions FALSE for the most recent 2- week period. The purpose of this practice is to 6. The elements of internal control are the C. Permit reconstruction of the master file if same; the computer just changes the needed methods by which these elements are 22. Which of the following is correct? implemented. D. Check digits are designed to detect TRUE transcription errors 7. General controls are those control 23. In updating a computerized accounts policies and procedures that relate to the receivable file, which one of the following overall computer information system. would be used a batch controls to verify the These controls include input controls, accuracy of the posting of cash receipts processing controls and output controls. remittances? FALSE D. The sum of the cash deposits plus the 8. Application controls refer to the discounts taken by customers transactions and data relating to each 24. Which statement is not correct? The computer- based application system, goal of batch controls is to ensure that therefore, they are specific to each during processing application. C. Transactions are not added TRUE 25. The employee entered “40” in the hours 9. Input controls are used mainly to check worked per day field. Which check would detect the integrity of data entered into a this unintentional error? business application, whether the data is C. Limit Check entered directly by staff, remotely by a business partner or through a Web- True or False enabled application or interface. Data FALSE input is checked to ensure that is remain within specified parameters. TRUE