Professional Documents
Culture Documents
True/False
1. Detective controls have built-in correction mechanisms to reverse the effects of an error or
irregularity. F. Detective controls are designed to detect and report errors or irregularities
but do not necessarily have built-in correction mechanisms.
2. An organisation should choose either COBIT or COSO as the framework for organisation-
wide internal control. F. each has different purpose.
3. If timeliness is a critical factor in its business processes, an organisation should choose online
real-time data processing over batch processing. T
4. Physical controls do not apply to computers because computers are normally password-
protected. F.
6. As long as the documents are pre-numbered, it doesn't matter whether the numbers are
consecutive. F
8. Validity and reasonableness checks ensure that data within the system is correctly and
accurately processed. T
9. Whereas a hot site should be located away from an organisation, a cold site can be located
nearby. T.
10. Computer-based internal controls mainly depend on the design of relevant programs rather
than the control environment and general controls.
12. The smaller the number of employees, the less the less adequate the segregation of duties.
Multiple choice
13. The comparison of actual and budgeted figures and the conduct of variance analysis to
determine the source of the variance is a type of:
a. General control
b. Information processing control
c. Performance review
Chapter 8: Internal controls II
d. Application control
14. Information processing controls are those that are put in place within the organisation to
work towards the _______ of transactions.
a. Application controls are designed around the control objectives of a specific business
process or system.
b. Application controls operate within the scope of general controls.
c. Application controls only provides reasonable assurance that all transactions have
occurred, are authorised, and are completely and accurately recorded and processed.
d. None of the above.
17. An antivirus program scans and monitors files in a computer continuously for viruses. This is
an example of:
a. Preventive control
b. Detective control
c. Corrective control
d. Application control
a. Good preventative controls should always be able to stop all risks from occurring.
b. Sometimes corrective control is the only option available.
c. Detective and corrective controls, when used together, can substitute preventive
control.
d. A mixture of preventive, detective and corrective controls should always be used.
8.2
Chapter 8: Internal controls II
19. A computer virus is found in a file in the computer system. Because a solution for recovering
the file is not yet available, the infected file is quarantined by the antivirus software.
Quarantining the infected file is an example of:
a. Preventive control
b. Detective control
c. Corrective control
d. None of the above.
20. Which of the following is NOT a major aim of a computerised accounting information
system?
a. Proper authorisation.
b. Timeliness.
c. Proper recording.
d. User friendly
8.3
Chapter 8: Internal controls II
27. A cash disbursement clerk issues a cheque that has been approved by the treasurer. This is an
example of:
a. ah@123re$d
b. Nik890102336757099924PoT
c. A_d33erZb#4G
d. Qwertyuiopasdfghjklzxcvbnm1234567890
8.4
Chapter 8: Internal controls II
32. A purchase order is entered into a computer purchasing system. The purchase is for $25,000
and has been entered by the purchase clerk. Company policy dictates that purchases over $2000
must be entered by the purchasing manager. This is an example of a breach of controls relating
to:
a. Timeliness
b. Input accuracy
c. Input validity
d. Authorisation
34. A reasonableness check that is used when processing fortnightly employee wage payments
would best be used to:
35. Which of the following controls will best help detect inventory input accuracy concerns
when entering credit sales into a system?
b. A hash total of the number of inventory items ordered across all invoices
c. A hash total of customer numbers from all sales invoices
d. A sequence check on sales invoice numbers
36. Which control would best help achieve the aim of correct valuation for purchase transactions
entered into a system?
a. Temporary sites
b. Staffing
c. Employee evacuation procedures
d. Business relationships restoration
a. Consistent application
b. Independent on control environment and general controls
c. Timely execution
d. Greater degree of difficulty in working around or avoiding the control
8.6
Chapter 8: Internal controls II
8.7