MindanaokStatekUniversity
CollegekofkBusinesskAdministrationkandkAccountancy
DEPARTMENTkOFkACCOUNTANCY
MarawikCity
AUDITINGkINkAkCISkENVIRONMENT
Accountingk153
MULTIPLEkCHOICE.kReadkcarefullykthekquestionskbelowkandkchoosekthekbestkstatementkamongkth
ekchoices.kWritekthekletterkcorrespondingktokyourkanswerkonktheksheetkprovidedkalongkwithkthiskqu
estionnaire.kErasureskarekstrictlyknotkallowed.
1. WhichkstatementkiskincorrectkwhenkauditingkinkakCISkenvironment?
a. AkCISkenvironmentkexistskwhenkakcomputerkofkanyktypekorksizekiskinvolvedkinkthekproc
essingkbykthekentitykofkfinancialkinformationkofksignificancektokthekaudit,kwhetherkthat
kcomputerkiskoperatedkbykthekentitykorkbykakthirdkparty.
b. ThekauditorkshouldkconsiderkhowkakCISkenvironmentkaffectskthekaudit.
c. Thekusekofkakcomputerkchangeskthekprocessing,kstoragekandkcommunicationkofkfina
ncialkinformationkandkmaykaffectkthekaccountingkandkinternalkcontrolksystemskempl
oyedkbykthekentity.
d. AkCISkenvironmentkchangeskthekoverallkobjectivekandkscopekofkankaudit.
2. Whichkofkthekfollowingkconceptskdistinguisheskthekretentionkofkcomputerizedkauditkdocume
ntskfromkthektraditionalkhardkcopykform?
a. Analyses,kconclusionskandkrecommendationskarekfiledkonkelectronickmediakandkarek
thereforeksubjectktokcomputerksystemkcontrolskandksecuritykprocedures.
b. Evidentialksupportkforkallkfindingskiskcopiedkandkprovidedktoklocalkmanagementkdurin
gkthekclosingkconferencekandktokeachkpersonkreceivingkthekfinalkreport.
c. Computerizedkdatakfileskcankbekusedkinkcomputerkauditkprocedures.
d. Auditkprogramskcankbekstandardizedktokeliminatekthekneedkforkakpreliminaryksurveyk
atkeachklocation.
3. Responsibilitykforkthekcontrolkofkend-
userkcomputingkexistskatkthekorganizational,kdepartmentalkandkindividualkuserklevel.kAkdirect
kresponsibilitykofkthekindividualkuserskis:
a. Acquisitionkofkhardwarekandksoftware.
b. Takingkequipmentkinventories.
c. Strategickplanningkofkend-userkcomputing.
d. Physicalksecuritykcomputerkhardware.
4. WhichkofkthekfollowingkiskleastklikelykakriskkcharacteristickassociatedkwithkCISkenvironment?
a. Errorskembeddedkinkankapplication’skprogramklogickmaybekdifficultktokmanuallykdet
ectkonkaktimelykbasis.
b. Manykcontrolkprocedureskthatkwouldkordinarilykbekperformedkbykseparatekindividual
skinkmanualksystemkmaybekconcentratedkinkCIS.
c. Thekpotentialkunauthorizedkaccessktokdatakorktokalterkthemkwithoutkvisiblekevidencek
maybekgreater.
d. Initiationkofkchangeskinkthekmasterkfilekiskexclusivelykhandledkbykrespectivekusers.
5. Personalkcomputerskareksusceptiblektoktheft,kphysicalkdamage,kunauthorizedkaccesskorkmisu
sekofkequipment.kWhichkofkthekfollowingkiskleastklikelykakphysicalksecurityktokrestrictkaccessktok
personalkcomputerskwhenknotkinkuse?
a. Usingkdoorklockskorkotherksecuritykprotectionkduringknon-businesskhours.
b. Fasteningkthekpersonalkcomputerktokaktablekusingksecuritykcables.
c. Lockingkthekpersonalkcomputerkinkakprotectivekcabinetkorkshell.
d. Usingkanti-virusksoftwarekprograms.
6. WhichkofkthekfollowingksignificancekandkcomplexitykofkthekCISkactivitieskshouldkankauditorkle
astkunderstand?
a. Thekorganizationalkstructurekofkthekclient’skCISkactivities.
b. Lackkofktransactionktrails.
c. Theksignificancekandkcomplexitykofkcomputerkprocessingkinkeachksignificantkaccoun
tingkapplication.
d. Thekusekofksoftwarekpackageskinsteadkofkcustomizedksoftware.
7. Whichkofkthekfollowingkisknotklikelykakcontrolkoverkremovablekstoragekmediaktokpreventkmispl
acement,kalterationkwithoutkauthorizationkorkdestruction?
, ntokankunintelligiblekform.
b. Placingkresponsibilitykforksuchkmediakunderkpersonnelkwhosekresponsibilitieskincludek
dutieskofksoftwarekcustodianskorklibrarians.
c. Usingkakprogramkandkdatakfilekcheck-inkandkcheck-
outksystemkandklockingkthekdesignatedkstorageklocations.
d. Keepingkcurrentkcopieskofkdiskettes,kcompactkdiskskorkback-
upktapeskandkhardkdiskskinkakfireproofkcontainer,keitherkon-site,koff-sitekorkboth.
8. Tokachievekauditkefficiencykandkeffectivenesskwithkakpersonalkcomputer,kthektwokcrucialkre
quirementskare:
a. Thekappropriatekauditktaskkforkpersonalkcomputerkapplicationskandkthekappropriatek
softwarektokperformkthekselectedkauditktasks.
b. Thekappropriateksoftwarektokperformkthekselectedkauditktaskkandkdatakthatkcankbek
accessedkbykthekauditor’skpersonalkcomputer.
c. Companykdatakthatkcankbekaccessedkbykthekauditor’skpersonalkcomputerkandkthek
appropriatekauditktaskskforkpersonalkcomputerkapplications.
d. Thekappropriateksamplekofkcompanykdataktoktestkwithkthekauditor’skpersonalkcompu
terkandkthekappropriateksoftwarektokperformkthekselectedkauditktasks.
9. Whichkofkthekfollowingkleastklikelykprotectskcriticalkandksensitivekinformationkfromkunauthorize
dkaccesskinkakpersonalkcomputerkenvironment?
a. Usingksecretkfileknameskandkhidingkthekfiles.
b. Keepingkofkback-upkcopieskoffsite.
c. Employingkpasswords.
d. Segregatingkdatakintokfileskorganizedkunderkseparatekfilekdirectories.
10. WhichkstatementkiskincorrectkregardingkthekgeneralkCISkcontrolskofkparticularkimportancekink
akdatabasekenvironment?
a. Sincekdatakareksharedkbykmanykusers,kcontrolkmaykbekenhancedkwhenkakstandardk
approachkiskusedkforkdevelopingkeachknewkapplicationkprogramkandkforkapplicatio
nkprogramkmodification.
b. Severalkdatakownerskshouldkbekassignedkresponsibilitykforkdefiningkaccesskandksecuri
tykrules,ksuchkaskwhokcankusekthekdatak(access)kandkwhatkfunctionsktheykcankperfor
mk(security).
c. Userkaccessktokthekdatabasekcankbekrestrictedkthroughkthekusekofkpasswords.
d. Responsibilitieskforkperformingkthekvariouskactivitieskrequiredktokdesign,kimplementkan
dkoperatekakdatabasekarekdividedkamongktechnical,kdesign,kadministrativekandkuse
rkpersonnel.
11. Thekfollowingkmatterskarekofkparticularkimportancektokthekauditorkinkankon-
linekcomputerksystem,kexcept:
a. Authorization,kcompletenesskandkaccuracykofkon-linektransactions.
b. Integritykofkrecordskandkprocessing,kduektokon-
linekaccessktoktheksystemkbykmanykuserskandkprogrammers.
c. ChangeskinkthekperformancekofkauditkprocedureskincludingkthekusekofkCAAT's.
d. Cost-benefitkratiokofkinstallingkon-linekcomputerksystem.
12. Thekauditorkmaykoftenkassumekthatkcontrolkriskkiskhighkinkpersonalkcomputerksystemsksince,kitk
mayknotkbekpracticablekorkcost-
effectivekforkmanagementktokimplementksufficientkcontrolsktokreducekthekriskskofkundetecte
dkerrorsktokakminimumklevel.kThiskleastklikelykentail:
a. Morekphysicalkexaminationkandkconfirmationkofkassets.
b. Morekanalyticalkprocedureskthanktestskofkdetails.
c. Largerksampleksizes.
d. Greaterkusekofkcomputer-assistedkauditktechniques,kwherekappropriate.k
13. Auditkprocedureskinkakdatabasekenvironmentkwillkbekaffectedkprincipallykby:
a. Thekextentktokwhichkthekdatakinkthekdatabasekarekusedkbykthekaccountingksystem.
b. Thektypekandksignificancekofkfinancialktransactionskbeingkprocessed.
c. Theknaturekofkthekdatabase,kthekDBMS,kthekdatabasekadministrationktaskskandktheka
pplications.
d. ThekgeneralkCISkcontrolskwhichkarekparticularlykimportantkinkakdatabasekenvironmen
t.
14. WhichkstatementkiskincorrectkregardingkthekcharacteristicskofkakCISkorganizationalkstructure?
,k
stributionkandkusekofkthekoutput.
b. Manykconventionalkcontrolskbasedkonkadequateksegregationkofkincompatiblekfunct
ionskmayknotkexist,korkinkthekabsencekofkaccesskandkotherkcontrols,kmaykbeklesskeffec
tive.
c. Transactionkandkmasterkfilekdatakarekoftenkconcentrated,kusuallykinkmachine-
readablekform,keitherkinkonekcomputerkinstallationklocatedkcentrallykorkinkaknumberk
ofkinstallationskdistributedkthroughoutkankentity.
d. SystemskemployingkCISkmethodskdoknotkincludekmanualkoperationsksincektheknumbe
rkofkpersonskinvolvedkinkthekprocessingkofkfinancialkinformationkisksignificantlykreduce
d.
15. Akmajorkexposurekassociatedkwithkthekrapidlykexpandingkusekkofkmicrocomputerskiskthekabse
ncekof:kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
a. Adequateksizekofkmainkmemorykandkdiskkstorage.
b. Compatiblekoperatingksystems.
c. Formalizedkprocedureskforkpurchasekjustification.
d. Physical,kdatakfile,kandkprogramksecurity.kkkkkkkkkk
16. SystemkcharacteristicskthatkmaykresultkfromktheknaturekofkCISkprocessingkinclude,kexcept:
a. Absencekofkinputkdocuments.
b. Lackkofkvisiblektransactionktrail.
c. Lackkofkvisiblekoutput.
d. Difficultykofkaccessktokdatakandkcomputerkprograms.
17. ThekdevelopmentkofkCISkwillkgenerallykresultkinkdesignkandkproceduralkcharacteristicskthatkar
ekdifferentkfromkthosekfoundkinkmanualksystems.kThesekdifferentkdesignkandkproceduralkaspe
ctskofkCISkinclude,kexcept:
a. Consistencykofkperformance.
b. Programmedkcontrolkprocedures.
c. Vulnerabilitykofkdatakandkprogramkstoragekmedia
d. Multiplektransactionkupdatekofkmultiplekcomputerkfileskorkdatabases.
18. WhichkstatementkiskincorrectkregardingkinternalkcontrolskinkakCISkenvironment?
a. Manualkandkcomputerkcontrolkprocedureskcomprisekthekoverallkcontrolskaffectingkth
ekCISkenvironmentk(generalkCISkcontrols)kandkthekspecifickcontrolskoverkthekaccounti
ngkapplicationsk(CISkapplicationkcontrols).
b. ThekpurposekofkgeneralkCISkcontrolskisktokestablishkakframeworkkofkoverallkcontrolkove
rkthekCISkactivitieskandktokprovidekakreasonableklevelkofkassurancekthatkthekoverallko
bjectiveskofkinternalkcontrolkarekachieved.
c. ThekpurposekofkCISkapplicationkcontrolskisktokestablishkspecifickcontrolkprocedureskov
erkthekapplicationksystemskinkorderktokprovidekreasonablekassurancekthatkallktransact
ionskarekauthorizedkandkrecorded,kandkarekprocessedkcompletely,kaccuratelykandk
onkaktimelykbasis.
d. Thekinternalkcontrolskoverkcomputerkprocessing,kwhichkhelpktokachievekthekoverallko
bjectiveskofkinternalkcontrol,kincludekonlykthekprocedureskdesignedkintokcomputerkpr
ograms.
19. GeneralkCISkcontrolskmaykinclude,kexcept:
a. Organizationkandkmanagementkcontrols.
b. Deliverykandksupportkcontrols.
c. Developmentkandkmaintenancekcontrols.
d. Controlskoverkcomputerkdatakfiles.
20. CISkapplicationkcontrolskinclude,kexcept:
a. Controlskoverkinput.
b. Controlskoverkprocessingkandkcomputerkdatakfiles.
c. Controlskoverkoutput.
d. Monitoringkcontrols.
21. WhichkstatementkiskincorrectkregardingkthekreviewkofkgeneralkCISkcontrolskandkCISkapplicati
onkcontrols?
a. ThekauditorkshouldkconsiderkhowkthesekgeneralkCISkcontrolskaffectkthekCISkapplicatio
nsksignificantktokthekaudit.
b. GeneralkCISkcontrolskthatkrelatektoksomekorkallkapplicationskarektypicallykinterdepend
entkcontrolskinkthatktheirkoperationkiskoftenkessentialktokthekeffectivenesskofkCISkapplic
, onnel,kbykuserskofktheksystem,kbykakseparatekcontrolkgroup,korkmaykbekprogrammedki
ntokapplicationksoftware.
d. Itkmaykbekmorekefficientktokreviewkthekdesignkofkthekapplicationkcontrolskbeforekrevi
ewingkthekgeneralkcontrols.
22. WhichkstatementkiskincorrectkregardingkthekevaluationkofkgeneralkCISkcontrolskandkCISkappli
cationkcontrols?
a. ThekgeneralkCISkcontrolskmaykhavekakpervasivekeffectkonkthekprocessingkofktransacti
onskinkapplicationksystems.
b. IfkgeneralkCISkcontrolskareknotkeffective,ktherekmaykbekakriskkthatkmisstatementskmigh
tkoccurkandkgokundetectedkinkthekapplicationksystems.
c. Manualkprocedureskexercisedkbykuserskmaykprovidekeffectivekcontrolkatkthekapplica
tionklevel.
d. WeaknesseskinkgeneralkCISkcontrolskcannotkprecludektestingkcertainkCISkapplicationk
controls.
23. Ankinternalkauditorknotedkthekfollowingkpointskwhenkconductingkakpreliminaryksurveykinkcon
nectionkwithkthekauditkofkankEDPkdepartment.kWhichkofkthekfollowingkwouldkbekconsideredk
aksafeguardkinkthekcontrolksystemkonkwhichkthekauditorkmightkrely?
a. Programmerskandkcomputerkoperatorskcorrectkdailykprocessingkproblemskasktheykari
se.
b. Thekcontrolkgroupkworkskwithkuserkorganizationsktokcorrectkrejectedkinput.
c. Newksystemskarekdocumentedkasksoonkaskpossiblekafterktheykbeginkprocessingklivekd
ata.
d. ThekaveragektenurekofkemployeeskworkingkinkthekEDPkdepartmentkisktenkmonths.
24. Ankon-
linekaccesskcontrolkthatkcheckskwhetherkthekuser’skcodeknumberkiskauthorizedktokinitiatekaksp
ecificktypekofktransactionkorkinquirykiskreferredktokas:
a. Password.
b. Compatibilityktest.
c. Limitkcheck.
d. Reasonablenessktest.
25. Akcontrolkprocedurekthatkcouldkbekusedkinkankon-
lineksystemktokprovidekankimmediatekcheckkonkwhetherkankaccountknumberkhaskbeenkente
redkonkakterminalkaccuratelykiska:
a. Compatibilityktest.
b. Recordkcount.
c. Hashktotal.
d. Self-checkingkdigit.
26. Akcontrolkdesignedktokcatchkerrorskatkthekpointkofkdatakentrykis:
a. Batchktotal.
b. Self-checkingkdigit.
c. Recordkcount.
d. Checkpoints.
27. Programkdocumentationkiskakcontrolkdesignedkprimarilyktokensurekthat:
a. Programmerskhavekaccessktokthektapeklibrarykorkinformationkonkdiskkfiles.
b. Programskdoknotkmakekmathematicalkerrors.
c. Programskarekkeptkupktokdatekandkperformkaskintended.
d. Datakhavekbeenkenteredkandkprocessed.
28. Somekofkthekmorekimportantkcontrolskthatkrelatektokautomatedkaccountingkinformationksyst
emskarekvaliditykchecks,klimitkchecks,kfieldkchecks,kandksignktests.kThesekarekclassifiedkas:
a. Controlktotalkvalidationkroutines.
b. Outputkcontrols.
c. Hashktotaling.
d. Inputkvalidationkroutines.
29. Mostkofktoday’skcomputerksystemskhavekhardwarekcontrolskthatkarekbuiltkinkbykthekcomputer
kmanufacturer.kCommon khardwarekcontrolskare:
a. Duplicatekcircuitry,kechokcheck,kandkinternalkheaderklabels
b. Tapekfilekprotection,kcryptographickprotection,kandklimitkchecks
c. Duplicatekcircuitry,kechokcheck,kandkdualkreading
CollegekofkBusinesskAdministrationkandkAccountancy
DEPARTMENTkOFkACCOUNTANCY
MarawikCity
AUDITINGkINkAkCISkENVIRONMENT
Accountingk153
MULTIPLEkCHOICE.kReadkcarefullykthekquestionskbelowkandkchoosekthekbestkstatementkamongkth
ekchoices.kWritekthekletterkcorrespondingktokyourkanswerkonktheksheetkprovidedkalongkwithkthiskqu
estionnaire.kErasureskarekstrictlyknotkallowed.
1. WhichkstatementkiskincorrectkwhenkauditingkinkakCISkenvironment?
a. AkCISkenvironmentkexistskwhenkakcomputerkofkanyktypekorksizekiskinvolvedkinkthekproc
essingkbykthekentitykofkfinancialkinformationkofksignificancektokthekaudit,kwhetherkthat
kcomputerkiskoperatedkbykthekentitykorkbykakthirdkparty.
b. ThekauditorkshouldkconsiderkhowkakCISkenvironmentkaffectskthekaudit.
c. Thekusekofkakcomputerkchangeskthekprocessing,kstoragekandkcommunicationkofkfina
ncialkinformationkandkmaykaffectkthekaccountingkandkinternalkcontrolksystemskempl
oyedkbykthekentity.
d. AkCISkenvironmentkchangeskthekoverallkobjectivekandkscopekofkankaudit.
2. Whichkofkthekfollowingkconceptskdistinguisheskthekretentionkofkcomputerizedkauditkdocume
ntskfromkthektraditionalkhardkcopykform?
a. Analyses,kconclusionskandkrecommendationskarekfiledkonkelectronickmediakandkarek
thereforeksubjectktokcomputerksystemkcontrolskandksecuritykprocedures.
b. Evidentialksupportkforkallkfindingskiskcopiedkandkprovidedktoklocalkmanagementkdurin
gkthekclosingkconferencekandktokeachkpersonkreceivingkthekfinalkreport.
c. Computerizedkdatakfileskcankbekusedkinkcomputerkauditkprocedures.
d. Auditkprogramskcankbekstandardizedktokeliminatekthekneedkforkakpreliminaryksurveyk
atkeachklocation.
3. Responsibilitykforkthekcontrolkofkend-
userkcomputingkexistskatkthekorganizational,kdepartmentalkandkindividualkuserklevel.kAkdirect
kresponsibilitykofkthekindividualkuserskis:
a. Acquisitionkofkhardwarekandksoftware.
b. Takingkequipmentkinventories.
c. Strategickplanningkofkend-userkcomputing.
d. Physicalksecuritykcomputerkhardware.
4. WhichkofkthekfollowingkiskleastklikelykakriskkcharacteristickassociatedkwithkCISkenvironment?
a. Errorskembeddedkinkankapplication’skprogramklogickmaybekdifficultktokmanuallykdet
ectkonkaktimelykbasis.
b. Manykcontrolkprocedureskthatkwouldkordinarilykbekperformedkbykseparatekindividual
skinkmanualksystemkmaybekconcentratedkinkCIS.
c. Thekpotentialkunauthorizedkaccessktokdatakorktokalterkthemkwithoutkvisiblekevidencek
maybekgreater.
d. Initiationkofkchangeskinkthekmasterkfilekiskexclusivelykhandledkbykrespectivekusers.
5. Personalkcomputerskareksusceptiblektoktheft,kphysicalkdamage,kunauthorizedkaccesskorkmisu
sekofkequipment.kWhichkofkthekfollowingkiskleastklikelykakphysicalksecurityktokrestrictkaccessktok
personalkcomputerskwhenknotkinkuse?
a. Usingkdoorklockskorkotherksecuritykprotectionkduringknon-businesskhours.
b. Fasteningkthekpersonalkcomputerktokaktablekusingksecuritykcables.
c. Lockingkthekpersonalkcomputerkinkakprotectivekcabinetkorkshell.
d. Usingkanti-virusksoftwarekprograms.
6. WhichkofkthekfollowingksignificancekandkcomplexitykofkthekCISkactivitieskshouldkankauditorkle
astkunderstand?
a. Thekorganizationalkstructurekofkthekclient’skCISkactivities.
b. Lackkofktransactionktrails.
c. Theksignificancekandkcomplexitykofkcomputerkprocessingkinkeachksignificantkaccoun
tingkapplication.
d. Thekusekofksoftwarekpackageskinsteadkofkcustomizedksoftware.
7. Whichkofkthekfollowingkisknotklikelykakcontrolkoverkremovablekstoragekmediaktokpreventkmispl
acement,kalterationkwithoutkauthorizationkorkdestruction?
, ntokankunintelligiblekform.
b. Placingkresponsibilitykforksuchkmediakunderkpersonnelkwhosekresponsibilitieskincludek
dutieskofksoftwarekcustodianskorklibrarians.
c. Usingkakprogramkandkdatakfilekcheck-inkandkcheck-
outksystemkandklockingkthekdesignatedkstorageklocations.
d. Keepingkcurrentkcopieskofkdiskettes,kcompactkdiskskorkback-
upktapeskandkhardkdiskskinkakfireproofkcontainer,keitherkon-site,koff-sitekorkboth.
8. Tokachievekauditkefficiencykandkeffectivenesskwithkakpersonalkcomputer,kthektwokcrucialkre
quirementskare:
a. Thekappropriatekauditktaskkforkpersonalkcomputerkapplicationskandkthekappropriatek
softwarektokperformkthekselectedkauditktasks.
b. Thekappropriateksoftwarektokperformkthekselectedkauditktaskkandkdatakthatkcankbek
accessedkbykthekauditor’skpersonalkcomputer.
c. Companykdatakthatkcankbekaccessedkbykthekauditor’skpersonalkcomputerkandkthek
appropriatekauditktaskskforkpersonalkcomputerkapplications.
d. Thekappropriateksamplekofkcompanykdataktoktestkwithkthekauditor’skpersonalkcompu
terkandkthekappropriateksoftwarektokperformkthekselectedkauditktasks.
9. Whichkofkthekfollowingkleastklikelykprotectskcriticalkandksensitivekinformationkfromkunauthorize
dkaccesskinkakpersonalkcomputerkenvironment?
a. Usingksecretkfileknameskandkhidingkthekfiles.
b. Keepingkofkback-upkcopieskoffsite.
c. Employingkpasswords.
d. Segregatingkdatakintokfileskorganizedkunderkseparatekfilekdirectories.
10. WhichkstatementkiskincorrectkregardingkthekgeneralkCISkcontrolskofkparticularkimportancekink
akdatabasekenvironment?
a. Sincekdatakareksharedkbykmanykusers,kcontrolkmaykbekenhancedkwhenkakstandardk
approachkiskusedkforkdevelopingkeachknewkapplicationkprogramkandkforkapplicatio
nkprogramkmodification.
b. Severalkdatakownerskshouldkbekassignedkresponsibilitykforkdefiningkaccesskandksecuri
tykrules,ksuchkaskwhokcankusekthekdatak(access)kandkwhatkfunctionsktheykcankperfor
mk(security).
c. Userkaccessktokthekdatabasekcankbekrestrictedkthroughkthekusekofkpasswords.
d. Responsibilitieskforkperformingkthekvariouskactivitieskrequiredktokdesign,kimplementkan
dkoperatekakdatabasekarekdividedkamongktechnical,kdesign,kadministrativekandkuse
rkpersonnel.
11. Thekfollowingkmatterskarekofkparticularkimportancektokthekauditorkinkankon-
linekcomputerksystem,kexcept:
a. Authorization,kcompletenesskandkaccuracykofkon-linektransactions.
b. Integritykofkrecordskandkprocessing,kduektokon-
linekaccessktoktheksystemkbykmanykuserskandkprogrammers.
c. ChangeskinkthekperformancekofkauditkprocedureskincludingkthekusekofkCAAT's.
d. Cost-benefitkratiokofkinstallingkon-linekcomputerksystem.
12. Thekauditorkmaykoftenkassumekthatkcontrolkriskkiskhighkinkpersonalkcomputerksystemsksince,kitk
mayknotkbekpracticablekorkcost-
effectivekforkmanagementktokimplementksufficientkcontrolsktokreducekthekriskskofkundetecte
dkerrorsktokakminimumklevel.kThiskleastklikelykentail:
a. Morekphysicalkexaminationkandkconfirmationkofkassets.
b. Morekanalyticalkprocedureskthanktestskofkdetails.
c. Largerksampleksizes.
d. Greaterkusekofkcomputer-assistedkauditktechniques,kwherekappropriate.k
13. Auditkprocedureskinkakdatabasekenvironmentkwillkbekaffectedkprincipallykby:
a. Thekextentktokwhichkthekdatakinkthekdatabasekarekusedkbykthekaccountingksystem.
b. Thektypekandksignificancekofkfinancialktransactionskbeingkprocessed.
c. Theknaturekofkthekdatabase,kthekDBMS,kthekdatabasekadministrationktaskskandktheka
pplications.
d. ThekgeneralkCISkcontrolskwhichkarekparticularlykimportantkinkakdatabasekenvironmen
t.
14. WhichkstatementkiskincorrectkregardingkthekcharacteristicskofkakCISkorganizationalkstructure?
,k
stributionkandkusekofkthekoutput.
b. Manykconventionalkcontrolskbasedkonkadequateksegregationkofkincompatiblekfunct
ionskmayknotkexist,korkinkthekabsencekofkaccesskandkotherkcontrols,kmaykbeklesskeffec
tive.
c. Transactionkandkmasterkfilekdatakarekoftenkconcentrated,kusuallykinkmachine-
readablekform,keitherkinkonekcomputerkinstallationklocatedkcentrallykorkinkaknumberk
ofkinstallationskdistributedkthroughoutkankentity.
d. SystemskemployingkCISkmethodskdoknotkincludekmanualkoperationsksincektheknumbe
rkofkpersonskinvolvedkinkthekprocessingkofkfinancialkinformationkisksignificantlykreduce
d.
15. Akmajorkexposurekassociatedkwithkthekrapidlykexpandingkusekkofkmicrocomputerskiskthekabse
ncekof:kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
a. Adequateksizekofkmainkmemorykandkdiskkstorage.
b. Compatiblekoperatingksystems.
c. Formalizedkprocedureskforkpurchasekjustification.
d. Physical,kdatakfile,kandkprogramksecurity.kkkkkkkkkk
16. SystemkcharacteristicskthatkmaykresultkfromktheknaturekofkCISkprocessingkinclude,kexcept:
a. Absencekofkinputkdocuments.
b. Lackkofkvisiblektransactionktrail.
c. Lackkofkvisiblekoutput.
d. Difficultykofkaccessktokdatakandkcomputerkprograms.
17. ThekdevelopmentkofkCISkwillkgenerallykresultkinkdesignkandkproceduralkcharacteristicskthatkar
ekdifferentkfromkthosekfoundkinkmanualksystems.kThesekdifferentkdesignkandkproceduralkaspe
ctskofkCISkinclude,kexcept:
a. Consistencykofkperformance.
b. Programmedkcontrolkprocedures.
c. Vulnerabilitykofkdatakandkprogramkstoragekmedia
d. Multiplektransactionkupdatekofkmultiplekcomputerkfileskorkdatabases.
18. WhichkstatementkiskincorrectkregardingkinternalkcontrolskinkakCISkenvironment?
a. Manualkandkcomputerkcontrolkprocedureskcomprisekthekoverallkcontrolskaffectingkth
ekCISkenvironmentk(generalkCISkcontrols)kandkthekspecifickcontrolskoverkthekaccounti
ngkapplicationsk(CISkapplicationkcontrols).
b. ThekpurposekofkgeneralkCISkcontrolskisktokestablishkakframeworkkofkoverallkcontrolkove
rkthekCISkactivitieskandktokprovidekakreasonableklevelkofkassurancekthatkthekoverallko
bjectiveskofkinternalkcontrolkarekachieved.
c. ThekpurposekofkCISkapplicationkcontrolskisktokestablishkspecifickcontrolkprocedureskov
erkthekapplicationksystemskinkorderktokprovidekreasonablekassurancekthatkallktransact
ionskarekauthorizedkandkrecorded,kandkarekprocessedkcompletely,kaccuratelykandk
onkaktimelykbasis.
d. Thekinternalkcontrolskoverkcomputerkprocessing,kwhichkhelpktokachievekthekoverallko
bjectiveskofkinternalkcontrol,kincludekonlykthekprocedureskdesignedkintokcomputerkpr
ograms.
19. GeneralkCISkcontrolskmaykinclude,kexcept:
a. Organizationkandkmanagementkcontrols.
b. Deliverykandksupportkcontrols.
c. Developmentkandkmaintenancekcontrols.
d. Controlskoverkcomputerkdatakfiles.
20. CISkapplicationkcontrolskinclude,kexcept:
a. Controlskoverkinput.
b. Controlskoverkprocessingkandkcomputerkdatakfiles.
c. Controlskoverkoutput.
d. Monitoringkcontrols.
21. WhichkstatementkiskincorrectkregardingkthekreviewkofkgeneralkCISkcontrolskandkCISkapplicati
onkcontrols?
a. ThekauditorkshouldkconsiderkhowkthesekgeneralkCISkcontrolskaffectkthekCISkapplicatio
nsksignificantktokthekaudit.
b. GeneralkCISkcontrolskthatkrelatektoksomekorkallkapplicationskarektypicallykinterdepend
entkcontrolskinkthatktheirkoperationkiskoftenkessentialktokthekeffectivenesskofkCISkapplic
, onnel,kbykuserskofktheksystem,kbykakseparatekcontrolkgroup,korkmaykbekprogrammedki
ntokapplicationksoftware.
d. Itkmaykbekmorekefficientktokreviewkthekdesignkofkthekapplicationkcontrolskbeforekrevi
ewingkthekgeneralkcontrols.
22. WhichkstatementkiskincorrectkregardingkthekevaluationkofkgeneralkCISkcontrolskandkCISkappli
cationkcontrols?
a. ThekgeneralkCISkcontrolskmaykhavekakpervasivekeffectkonkthekprocessingkofktransacti
onskinkapplicationksystems.
b. IfkgeneralkCISkcontrolskareknotkeffective,ktherekmaykbekakriskkthatkmisstatementskmigh
tkoccurkandkgokundetectedkinkthekapplicationksystems.
c. Manualkprocedureskexercisedkbykuserskmaykprovidekeffectivekcontrolkatkthekapplica
tionklevel.
d. WeaknesseskinkgeneralkCISkcontrolskcannotkprecludektestingkcertainkCISkapplicationk
controls.
23. Ankinternalkauditorknotedkthekfollowingkpointskwhenkconductingkakpreliminaryksurveykinkcon
nectionkwithkthekauditkofkankEDPkdepartment.kWhichkofkthekfollowingkwouldkbekconsideredk
aksafeguardkinkthekcontrolksystemkonkwhichkthekauditorkmightkrely?
a. Programmerskandkcomputerkoperatorskcorrectkdailykprocessingkproblemskasktheykari
se.
b. Thekcontrolkgroupkworkskwithkuserkorganizationsktokcorrectkrejectedkinput.
c. Newksystemskarekdocumentedkasksoonkaskpossiblekafterktheykbeginkprocessingklivekd
ata.
d. ThekaveragektenurekofkemployeeskworkingkinkthekEDPkdepartmentkisktenkmonths.
24. Ankon-
linekaccesskcontrolkthatkcheckskwhetherkthekuser’skcodeknumberkiskauthorizedktokinitiatekaksp
ecificktypekofktransactionkorkinquirykiskreferredktokas:
a. Password.
b. Compatibilityktest.
c. Limitkcheck.
d. Reasonablenessktest.
25. Akcontrolkprocedurekthatkcouldkbekusedkinkankon-
lineksystemktokprovidekankimmediatekcheckkonkwhetherkankaccountknumberkhaskbeenkente
redkonkakterminalkaccuratelykiska:
a. Compatibilityktest.
b. Recordkcount.
c. Hashktotal.
d. Self-checkingkdigit.
26. Akcontrolkdesignedktokcatchkerrorskatkthekpointkofkdatakentrykis:
a. Batchktotal.
b. Self-checkingkdigit.
c. Recordkcount.
d. Checkpoints.
27. Programkdocumentationkiskakcontrolkdesignedkprimarilyktokensurekthat:
a. Programmerskhavekaccessktokthektapeklibrarykorkinformationkonkdiskkfiles.
b. Programskdoknotkmakekmathematicalkerrors.
c. Programskarekkeptkupktokdatekandkperformkaskintended.
d. Datakhavekbeenkenteredkandkprocessed.
28. Somekofkthekmorekimportantkcontrolskthatkrelatektokautomatedkaccountingkinformationksyst
emskarekvaliditykchecks,klimitkchecks,kfieldkchecks,kandksignktests.kThesekarekclassifiedkas:
a. Controlktotalkvalidationkroutines.
b. Outputkcontrols.
c. Hashktotaling.
d. Inputkvalidationkroutines.
29. Mostkofktoday’skcomputerksystemskhavekhardwarekcontrolskthatkarekbuiltkinkbykthekcomputer
kmanufacturer.kCommon khardwarekcontrolskare:
a. Duplicatekcircuitry,kechokcheck,kandkinternalkheaderklabels
b. Tapekfilekprotection,kcryptographickprotection,kandklimitkchecks
c. Duplicatekcircuitry,kechokcheck,kandkdualkreading
