1
CIA Part 1: Control: Types & Techniques
Questions and Answers
Control - -Correct Answer-is "any action taken by management, the board,
and other parties to manage risk and increase the likelihood that established
objectives and goals will be acheived. Management plans, organizaes, and
directs the performance of sufficient actions to provide reasonable assurance
that objectives and goals will be achieved.
Control processes - -Correct Answer-are "the policies, procedures (both
manual and automated), and activities that are part of the control framework,
designed and operated to ensure that risks are contained within the level that
an organization is willing to accept
measurement and correction - -Correct Answer-Control requires feedback on
the results of organizational activities for the purposes of ________ ____
__________
Transaction trails - -Correct Answer-a complete trail useful for audit and other
purposes might exist for only a short time or only in computer readable form.
The nature of the trail is often dependent on the transaction processing
mode.
Uniform processing of transactions - -Correct Answer-Computer processing
uniformly subjects similar transactions to the same processing instructions
and thus virtually eliminates clerical error.
1
, 2
Segregation of functions - -Correct Answer-many controls once performed by
separate individuals may be concentrated in computer systems. Thus, an
individual who has access to the computer may perform incompatible
functions. As a result, other controls may be necessary to achieve the control
objectives ordinarily accomplished by ________ ___ ______
Potential for increased management supervision - -Correct Answer-computer
systems offer management many analytical tools for review and supervision
of operations. These additional controls may enhance internal control. For
example, traditional comparisons of actual and budgeted operating ratios and
reconciliations of accounts are often available for review on a more timely
basis. Furtermore, some programmed applications provide statistics
regarding computer operations that may be used to monitor actual
processing.
Initiation or subsequent execution of transactions by compuer - -Correct
Answer-certain transactions may be automatically initiated or certain
procedures required to execute a transaction may be automatically performed
by a computer system. The authorization of these transactions or procedures
may not be documented in the same way as those in a manual system.
Accordingly, management's authorization may be implicit in its acceptance of
the design of the system.
Preventative controls - -Correct Answer-_______ ______ deter the
occurrence of unwanted events
detective controls - -Correct Answer-_________ ________ alert the proper
people after an unwanted event.
2
CIA Part 1: Control: Types & Techniques
Questions and Answers
Control - -Correct Answer-is "any action taken by management, the board,
and other parties to manage risk and increase the likelihood that established
objectives and goals will be acheived. Management plans, organizaes, and
directs the performance of sufficient actions to provide reasonable assurance
that objectives and goals will be achieved.
Control processes - -Correct Answer-are "the policies, procedures (both
manual and automated), and activities that are part of the control framework,
designed and operated to ensure that risks are contained within the level that
an organization is willing to accept
measurement and correction - -Correct Answer-Control requires feedback on
the results of organizational activities for the purposes of ________ ____
__________
Transaction trails - -Correct Answer-a complete trail useful for audit and other
purposes might exist for only a short time or only in computer readable form.
The nature of the trail is often dependent on the transaction processing
mode.
Uniform processing of transactions - -Correct Answer-Computer processing
uniformly subjects similar transactions to the same processing instructions
and thus virtually eliminates clerical error.
1
, 2
Segregation of functions - -Correct Answer-many controls once performed by
separate individuals may be concentrated in computer systems. Thus, an
individual who has access to the computer may perform incompatible
functions. As a result, other controls may be necessary to achieve the control
objectives ordinarily accomplished by ________ ___ ______
Potential for increased management supervision - -Correct Answer-computer
systems offer management many analytical tools for review and supervision
of operations. These additional controls may enhance internal control. For
example, traditional comparisons of actual and budgeted operating ratios and
reconciliations of accounts are often available for review on a more timely
basis. Furtermore, some programmed applications provide statistics
regarding computer operations that may be used to monitor actual
processing.
Initiation or subsequent execution of transactions by compuer - -Correct
Answer-certain transactions may be automatically initiated or certain
procedures required to execute a transaction may be automatically performed
by a computer system. The authorization of these transactions or procedures
may not be documented in the same way as those in a manual system.
Accordingly, management's authorization may be implicit in its acceptance of
the design of the system.
Preventative controls - -Correct Answer-_______ ______ deter the
occurrence of unwanted events
detective controls - -Correct Answer-_________ ________ alert the proper
people after an unwanted event.
2
