1

ACCOUNTANCY DEPARTMENT
COLUMBAN COLLEGE, INC
No. 1 Mt. Apo Street, East Tapinac
Olongapo City, Philippines

AY: 2017-2018, 1st Semester

Quiz in Auditing in CIS Environment

Last Name:______________________________Schedule :________________________________________

First Name:______________________________Professor :________________________________________

TABLE OF SPECIFICATION (TOS)

Theories Problems Solving

Topics/Contents Knowledge & Analysis & Synth Evalu Items
Comprehension Application esis ation
1. CIS 25 0 0 0 25
Total 25 0 0 0 25

Score Equi
Distribution of the Examination
No. of Items v
%age
Part 1. Theories-Multiple Choice 25 0 0 0 0 0 0 0 25
Total 25 0 0 0 0 0 0 0 25

Prepared by: Noted by:

Prof. Laarni D. Bingcang, CPA Dr. Peter O. Tulio, CPA

BSA Faculty Chairperson

ANSWER SHEET
- SHADE THE LETTER OF YOUR CHOICE -
PART 1
Theories-Multiple Choice
1 [a] [b] [c] 21 [a] [b] [c]
[d] [d]
2 [a] [b] [c] 22 [a] [b] [c]
[d] [d]
3 [a] [b] [c] 23 [a] [b] [c]
[d] [d]
4 [a] [b] [c] 24 [a] [b] [c]
[d] [d]
5 [a] [b] [c] 25 [a] [b] [c]
[d] [d]
6 [a] [b] [c] 26 [a] [b] [c]
[d] [d]
7 [a] [b] [c] 27 [a] [b] [c]
[d] [d]
8 [a] [b] [c] 28 [a] [b] [c]
[d] [d]
9 [a] [b] [c] 29 [a] [b] [c]
[d] [d]
10 [a] [b] [c] 30 [a] [b] [c]
[d] [d]
11 [a] [b] [c]
[d]
12 [a] [b] [c]
[d]
13 [a] [b] [c]
[d]
14 [a] [b] [c]
 2
[d]
15 [a] [b] [c]
[d]
16 [a] [b] [c]
[d]
17 [a] [b] [c]
[d]
18 [a] [b] [c]
[d]
19 [a] [b] [c]
[d]
20 [a] [b] [c]
[d]

PART 1

1. For good internal control over computer program changes, a policy should be established requiring that
a. The programmer designing the change adequately test the revised program.
b. All program changes be supervised by the CBIS control group.
c. Superseded portions of programs be deleted from the program run manual to avoid confusion.
d. All proposed changes be approved in writing by a responsible individual.

2. Which of the following is not a major reason why an accounting audit trail should be maintained for a computer
system?
a. Query answering.
b. Deterrent to fraud.
c. Monitoring purposes.
d. Analytical review.

3. An organizational control over CBIS operations is

a. Run-to-run balancing of control totals.
b. Check digit verification of unique identifiers.
c. Separation of operating and programming functions.
d. Maintenance of output distribution logs.

4. Compared to a manual system, a CBIS generally

1. Reduces segregation of duties.
2. Increases segregation of duties.
3. Decreases manual inspection of processing results.
4. Increases manual inspection of processing results.
a. 1 and 3.
b. 1 and 4
c. 2 and 3
d. 2 and 4.

5. What type of computer-based system is characterized by data that are assembled from more than one location and
records that are updated immediately?
a. Microcomputer system.
b. Minicomputer system.
c. Batch processing system.
d. Online real-time system.

6. One of the features that distinguishes computer processing from manual processing is
a. Computer processing virtually eliminates the occurrence of computational error normally associated with
manual processing.
b. Errors or fraud in computer processing will be detected soon after their occurrences.
c. The potential for systematic error is ordinarily greater in manual processing than in computerized
processing.
d. Most computer systems are designed so that transaction trails useful for audit purposes do not exist.
 3
7. The increased presence of the microcomputer in the workplace has resulted in an increasing number of persons
having access to the computer. A control that is often used to prevent unauthorized access to sensitive programs is:
a. Backup copies
b. Passwords for each of the users.
c. Disaster-recovery procedures.
d. Record counts of the number of input transactions in a batch being processed.
diskettes.

8. The possibility of losing a large amount of information stored in computer files most likely would be reduced by
the
use of
a. Back-up files
b. Check digits
c. Completeness tests
d. Conversion verification

9. Unauthorized alteration of on-line records can be prevented by employing:

a. Key verification.
b. Computer sequence checks.
c. Computer matching.
d. Data base access controls.

10. In the preliminary survey the auditor learns that a department has several microcomputers. Which of the
following is usually true and should be considered in planning the audit?
a. Microcomputers, though small, are capable of processing financial information, and physical security is a
control concern.
b. Microcomputers are limited to applications such as worksheet generation and do not present a significant
audit risk.
c. Microcomputers are generally under the control of the data processing department and use the same control
features.
d. Microcomputers are too small to contain any built-in control features. Therefore, other controls must be
relied upon.

11. Which of the following statements most likely represents a disadvantage for an entity that keeps
microcomputer-prepared data files rather than manually prepared files?
a. It is usually more difficult to detect transposition errors.
b. Transactions are usually authorized before they are executed and recorded.
c. It is usually easier for unauthorized persons to access and alter the files.
d. Random error associated with processing similar transactions in different ways is usually greater.

12. Given the increasing use of microcomputers as a means for accessing data bases, along with on-line real-time
processing, companies face a serious challenge relating to data security. Which of the following is not an
appropriate means for meeting this challenge?
a. Institute a policy of strict identification and password controls housed in the computer software that permit
only specified individuals to access the computer files and perform a given function.
b. Limit terminals to perform only certain transactions.
c. Program software to produce a log of transactions showing date, time, type of transaction, and operator.
d. Prohibit the networking of microcomputers and do not permit users to access centralized data bases.

13. Company A has recently converted its manual payroll to a computer-based system. Under the old system,
employees who had resigned or been terminated were occasionally kept on the payroll and their checks were
claimed and cashed by other employees, in collusion with shop foremen. The controller is concerned that this
practice not be allowed to continue under the new system. The best control for preventing this form of
"payroll padding" would be to
a. Conduct exit interviews with all employees leaving the company, regardless of reason.
b. Require foremen to obtain a signed receipt from each employee claiming a payroll check.
c. Require the human resources department to authorize all hires and terminations, and to forward a current
computerized list of active employee numbers to payroll prior to processing. Program the computer to reject
inactive employee numbers.
d. Install time clocks for use by all hourly employees.

14. Which of the following is likely to be of least importance to an auditor in reviewing the internal control in a
company with a CBIS?
a. The segregation of duties within the data processing center.
b. The control over source documents.
c. The documentation maintained for accounting applications.
 4
d. The cost/benefit ratio of data processing operations.

15. Which of the following would lessen internal control in a CBIS?

a. The computer librarian maintains custody of computer program instructions and detailed listings.
b. Computer operators have access to operator instructions and detailed program listings.
c. The control group is solely responsible for the distribution of all computer output.
d. Computer programmers write and debug programs which perform routines designed by the systems
analyst.

16. Access control in an on-line CBIS can best be provided in most circumstances by
a. An adequate librarianship function controlling access to files.
b. A label affixed to the outside of a file medium holder that identifies the contents.
c. Batch processing of all input through a centralized, well-guarded facility.
d. User and terminal identification controls, such as passwords.

17. A major exposure associated with the rapidly expanding use of microcomputers is the absence of:
a. Adequate size of main memory and disk storage.
b. Compatible operating systems.
c. Formalized procedures for purchase justification.
d. Physical, data file, and program security.

18. . The process of transforming programs and information into a form that cannot be understood without access
to specific decoding algorithms (cryptographic keys).
a. encryption b. decode c. key code d. password

19. When the auditor encounters sophisticated computer-based systems, he or she may need to modify the audit
approach. Of the following conditions, which one is not a valid reason for modifying the audit approach?
a. More advanced computer systems produce less documentation, thus reducing the visibility of the audit trail.
b. In complex computer-based systems, computer verification of data at the point of input replaces the manual
verification found in less sophisticated data processing systems.
c. Integrated data processing has replaced the more traditional separation of duties that existed in manual and
batch processing systems.
d. Real-time processing of transactions has enabled the auditor to concentrate less on the completeness
assertion.

20. In studying a client's internal controls, an auditor must be able to distinguish between prevention controls and
detection controls. Of the following data processing controls, which is the best detection control?
a. Use of data encryption techniques.
b. Review of machine utilization logs.
c. Policy requiring password security.
d. Backup and recovery procedure.

21. Adequate control over access to data processing is required to

a. Prevent improper use or manipulation of data files and programs.
b. Ensure that only console operators have access to program documentation.
c. Minimize the need for backup data files.
d. Ensure that hardware controls are operating effectively and as designed by the computer manufacturer.

22. Which of the following audit techniques most likely would provide an auditor with the most assurance about
the effectiveness of the operation of an internal control procedure?
a. Inquiry of client personnel.
b. Recomputation of account balance amounts.
c. Observation of client personnel.
d. Confirmation with outside parties.

23. Checklists, systems development methodology, and staff hiring are examples of what type of controls?
a. Detective.
b. Preventive.
c. Subjective.
d. Corrective.

24. The primary reason for internal auditing's involvement in the development of new computer-based systems is
to:
a. Plan post-implementation reviews.
b. Promote adequate controls.
c. Train auditors in CBIS techniques.
d. Reduce overall audit effort.
 5

25. Assets, liabilities and equity balances are included in the financial statements at appropriate amounts and any
resulting valuation or allocation adjustments are appropriately recorded.
a. Accuracy b. Completeness c. Cut off d. Valuation and
Accuracy

END OF Quiz– GODBLESS FOR THE RESULTS! 