IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website, in whole or in part, except for use as permitted in a
license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. Chapter 1—Auditing and Internal Control
TRUE/FALSE
1.Co
rporate management (including the CEO) must certify monthly and annually their organization’s
internal controls over financial reporting. ANS
: F PTS: 1
2.B
oth the SEC and the PCAOB require management to use the COBIT framework for assessing internal
control adequacy. ANS
: F PTS: 1
3.B
oth the SEC and the PCAOB require management to use the COSO framework for assessing internal
control adequacy. ANS
: F PTS: 1
4.A qualified opinion on management’s assessment of internal controls over the financial reporting system
necessitates a qualified opinion on the financial statements? ANS
: F PTS: 1
5. T
he same internal control objectives apply to manual and computer- based information systems. ANS
: T PTS: 1
6.T
he external auditor is responsible for establishing and maintaining the internal control system. ANS
: F PTS: 1
7. S
egregation of duties is an example of an internal control procedure. ANS
: T PTS: 1
8
. Preventive controls are passive techniques designed to reduce fraud. ANS
: T PTS: 1
9. A key modifying assumption in internal control is that the internal control system is the responsibility of
management.
ANS
: T PTS: 1Information Technology Auditing, 4e James A. Hall (Test Bank All Chapters, 100% Original Verified, A+ Grade) IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 10. While the Sarbanes- Oxley Act prohibits auditors from providing non- accounting services to their audit clients, they are not prohibited from performing such services for non- audit clients or privately held companies. ANS: T PTS: 1 11. The Sarbanes -Oxley Act requires the audit committee to hire and oversee the external auditors. ANS: T PTS: 1 12. Section 404 requires that corporate management (including the CEO) certify their organization’s internal controls on a quarterly and annual basis. ANS: F PTS: 1 13. Section 302 requires the management of public companies to assess and formally report on the effectiveness of their organization’s internal controls. ANS: F PTS: 1 14. Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment. ANS: F PTS: 1 15. Advisory services is an emerging field that goes beyond the auditor’s traditional attestation function. ANS: T PTS: 1 16. An IT auditor expresses an opinion on the fairness of the financial statements. ANS: F PTS: 1 17. External auditing is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. ANS: F PTS: 1 18. External auditors can cooperate with and use evidence gathered by internal audit departments that are organizationally independent and that report to the Audit Committee of the Board of Directors. ANS: T PTS: 1 19. Tests of controls determine whether the database contents fairly reflect the organization's transactions. ANS: F PTS: 1 IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 20. Audit risk is the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated. ANS: T PTS: 1 21. A strong internal control system will reduce the amount of substantive testing that must be performed. ANS: T PTS: 1 22. Substantive testing techniq ues provide information about the accuracy and completeness of an application's processes. ANS: F PTS: 1 MULTIPLE CHOICE 1. The concept of reasonable assurance suggests that a. the cost of an internal control should be less than the benefit it provides b. a well -designed system of internal controls will detect all fraudulent activity c. the objectives achieved by an internal control system vary depending on the data processing method d. the effectiveness of internal controls is a function of the industry environment ANS: A PTS: 1 2. Which of the following is not a limitation of the internal control system? a. errors are made due to employee fatigue b. fraud occurs because of collusion between two employees c. the industry is inherently risky d. management instructs the bookkeeper to make fraudulent journal entries ANS: C PTS: 1 3. The most cost -effective type of internal control is a. preventive control b. accounting control c. detective control d. corrective control ANS: A PTS: 1 4. Which of the following is a preventive control? a. credit check before approving a sale on account b. bank reconciliation c. physical inventory count d. comparing the accounts receivable subsidiary ledger to the control account ANS: A PTS: 1 IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 5. A well -designed purchase order is an example of a a. preventive control b. detective control c. corrective control d. none of the above ANS: A PTS: 1 6. A physical inventory count is an example of a a. preventive control b. detective control c. corrective control d. Feed-forward control ANS: B PTS: 1 7. The bank reconciliation uncovered a transposition error in the books. This is an example of a a. preventive control b. detective control c. corrective control d. none of the above ANS: B PTS: 1 8. Which of the following is not an element of the internal control environment? a. management philosophy and operating style b. organizational structure of the firm c. well-designed documents and records d. the functioning of the board of directors and the audit committee ANS: C PTS: 1 9. Which of the following suggests a weakness in the internal control environment? a. the firm has an up -to-date organizational chart b. monthly reports comparing actual performance to budget are distributed to managers c. performance evaluations are prepared every three years d. the audit committee meets quarterly with the external auditors ANS: C PTS: 1 10. Which of the following indicates a strong internal control environment? a. the internal audit group reports to the audit committee of the board of directors b. there is no segregation of duties between organization functions c. there are questions about the integrity of management d. adverse business conditions exist in the industry ANS: A PTS: 1
license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. Chapter 1—Auditing and Internal Control
TRUE/FALSE
1.Co
rporate management (including the CEO) must certify monthly and annually their organization’s
internal controls over financial reporting. ANS
: F PTS: 1
2.B
oth the SEC and the PCAOB require management to use the COBIT framework for assessing internal
control adequacy. ANS
: F PTS: 1
3.B
oth the SEC and the PCAOB require management to use the COSO framework for assessing internal
control adequacy. ANS
: F PTS: 1
4.A qualified opinion on management’s assessment of internal controls over the financial reporting system
necessitates a qualified opinion on the financial statements? ANS
: F PTS: 1
5. T
he same internal control objectives apply to manual and computer- based information systems. ANS
: T PTS: 1
6.T
he external auditor is responsible for establishing and maintaining the internal control system. ANS
: F PTS: 1
7. S
egregation of duties is an example of an internal control procedure. ANS
: T PTS: 1
8
. Preventive controls are passive techniques designed to reduce fraud. ANS
: T PTS: 1
9. A key modifying assumption in internal control is that the internal control system is the responsibility of
management.
ANS
: T PTS: 1Information Technology Auditing, 4e James A. Hall (Test Bank All Chapters, 100% Original Verified, A+ Grade) IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 10. While the Sarbanes- Oxley Act prohibits auditors from providing non- accounting services to their audit clients, they are not prohibited from performing such services for non- audit clients or privately held companies. ANS: T PTS: 1 11. The Sarbanes -Oxley Act requires the audit committee to hire and oversee the external auditors. ANS: T PTS: 1 12. Section 404 requires that corporate management (including the CEO) certify their organization’s internal controls on a quarterly and annual basis. ANS: F PTS: 1 13. Section 302 requires the management of public companies to assess and formally report on the effectiveness of their organization’s internal controls. ANS: F PTS: 1 14. Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment. ANS: F PTS: 1 15. Advisory services is an emerging field that goes beyond the auditor’s traditional attestation function. ANS: T PTS: 1 16. An IT auditor expresses an opinion on the fairness of the financial statements. ANS: F PTS: 1 17. External auditing is an independent appraisal function established within an organization to examine and evaluate its activities as a service to the organization. ANS: F PTS: 1 18. External auditors can cooperate with and use evidence gathered by internal audit departments that are organizationally independent and that report to the Audit Committee of the Board of Directors. ANS: T PTS: 1 19. Tests of controls determine whether the database contents fairly reflect the organization's transactions. ANS: F PTS: 1 IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 20. Audit risk is the probability that the auditor will render an unqualified opinion on financial statements that are materially misstated. ANS: T PTS: 1 21. A strong internal control system will reduce the amount of substantive testing that must be performed. ANS: T PTS: 1 22. Substantive testing techniq ues provide information about the accuracy and completeness of an application's processes. ANS: F PTS: 1 MULTIPLE CHOICE 1. The concept of reasonable assurance suggests that a. the cost of an internal control should be less than the benefit it provides b. a well -designed system of internal controls will detect all fraudulent activity c. the objectives achieved by an internal control system vary depending on the data processing method d. the effectiveness of internal controls is a function of the industry environment ANS: A PTS: 1 2. Which of the following is not a limitation of the internal control system? a. errors are made due to employee fatigue b. fraud occurs because of collusion between two employees c. the industry is inherently risky d. management instructs the bookkeeper to make fraudulent journal entries ANS: C PTS: 1 3. The most cost -effective type of internal control is a. preventive control b. accounting control c. detective control d. corrective control ANS: A PTS: 1 4. Which of the following is a preventive control? a. credit check before approving a sale on account b. bank reconciliation c. physical inventory count d. comparing the accounts receivable subsidiary ledger to the control account ANS: A PTS: 1 IT Auditing 4th Ed—Test Bank, Chapter 1 © 2016 Cengage Learning ®. May not be scanned, copied or duplicated or posted to a publicly accessible website , in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password- protected website or school -approved learning management system for classroom use. 5. A well -designed purchase order is an example of a a. preventive control b. detective control c. corrective control d. none of the above ANS: A PTS: 1 6. A physical inventory count is an example of a a. preventive control b. detective control c. corrective control d. Feed-forward control ANS: B PTS: 1 7. The bank reconciliation uncovered a transposition error in the books. This is an example of a a. preventive control b. detective control c. corrective control d. none of the above ANS: B PTS: 1 8. Which of the following is not an element of the internal control environment? a. management philosophy and operating style b. organizational structure of the firm c. well-designed documents and records d. the functioning of the board of directors and the audit committee ANS: C PTS: 1 9. Which of the following suggests a weakness in the internal control environment? a. the firm has an up -to-date organizational chart b. monthly reports comparing actual performance to budget are distributed to managers c. performance evaluations are prepared every three years d. the audit committee meets quarterly with the external auditors ANS: C PTS: 1 10. Which of the following indicates a strong internal control environment? a. the internal audit group reports to the audit committee of the board of directors b. there is no segregation of duties between organization functions c. there are questions about the integrity of management d. adverse business conditions exist in the industry ANS: A PTS: 1
