Topics

Explore all topics

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

Professors

Overall Quality
-/5
c c
Overall Quality
-/5
Billt Camp
Overall Quality
-/5
mathio g
Explore all Professors
Add Browser Extension
Start Free Trial
Need Help? Contact us
title
Textbook Solutions
Step-by-step solutions verified by experts
title
24/7 Homework Help
Complete assignments with the help of our community
title
Flashcards
Stimulate your visual memory & walk into test day with confidence
title
DocuAssist
Upload your study materials and we’ll help fill in the answers.
title
Campus Reps
Become a Campus Rep and earn up to 20% commission, plus weekly and monthly cash prizes.
title
My Courses
Add the courses you're enrolled in for tailored study material to meet your requirements
Explore all services
Add Browser Extension
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
العربية
search
ai logoChat with AI
Servicesarrow
Textbook Solutions icon
Textbook Solutions
24/7 Homework Help icon
24/7 Homework Help
Flashcards icon
Flashcards
DocuAssist icon
DocuAssist
Campus Reps icon
Campus Reps
My Courses icon
My Courses
Mobile App icon
Mobile App
Explore All Services
Discoverarrow

Topics

Explore All Services

Universities

uni logo
University of North Carolina at Chapel Hill
uni logo
University of Notre Dame
uni logo
Clemson University
Explore all Universities

professors

/5
c c
/5
Billt Camp
/5
mathio g
Explore all Professors
Explore all topics
Discover more topics
HomeSchoolingAsk a question

Deck 9: Auditing Computer-Based Informtion Systems

Full screen (f)
exit full mode
Question
A system that employs various types of advanced technology has more __________ risk than traditional batch processing.

A)control
B)detection
C)inherent
D)investing
Use Space or
up arrow
down arrow
to flip the card.
Question
The purpose of an internal audit is

A)to evaluate the adequacy and effectiveness of company's internal controls.
B)to determine the extent to which assigned responsibilities are actually carried out.
C)to collect evidence on whether the company is continuing as a going concern.
D)A and B only
Question
The Institute of Internal Auditors (IIA)has established five audit scope standards that outline the internal auditor's responsibilities.Which standard below deals with the principles of reliability and integrity?

A)determining whether the systems are designed to comply with operating and reporting policies
B)review of how assets are safeguarded and verification of their existence as appropriate
C)review of company operations and programs to determine whether they are being carried out as planned
D)review of operating and financial information and how it is identified,measured,classified,and reported
Question
One type of audit that is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives corresponds to the fourth and fifth standards set forth by the IIA.This is known as a(n)__________ audit.

A)financial
B)information systems
C)internal control
D)operational or management
Question
The possibility that a material error will occur even though auditors are following audit procedures and using good judgment is referred to as

A)control risk.
B)detection risk.
C)inherent risk.
D)investigating risk.
Question
Which characteristics below is not a characteristic of auditing?

A)evidence collection
B)establishing audit criteria
C)objectivity
D)systems development
Question
What is not a typical responsibility of an internal auditor?

A)helping management to improve organizational effectiveness
B)assisting in the design and implementation of an AIS
C)preparation of the company's financial statements
D)implementing and monitoring of internal controls
Question
An audit should be planned so that the greatest amount of audit work focuses on the areas with the highest risk factors.Regarding risk factors,control risk is defined as

A)the susceptibility to material risk in the absence of controls.
B)the risk that a material misstatement will get through the internal control structure and into the financial statements.
C)the risk that auditors and their audit procedures will not detect a material error or misstatement.
D)the risk auditors will not be given the appropriate documents and records by management who wants to control audit activities and procedures.
Question
The type of audit in which the primary responsibility of the auditors is the management of the organization is

A)an external audit.
B)a governmental audit.
C)an internal audit.
D)a public audits.
Question
The __________ part of the auditing process involves (among other things)the auditors observing the operating activities and having discussion with employees.

A)audit planning
B)collection of audit evidence
C)communication of audit results
D)evaluation of audit evidence
Question
Auditing involves the

A)collection,review,and documentation of audit evidence.
B)planning and verification of economic events.
C)collection of audit evidence and approval of economic events.
D)testing,documentation,and certification of audit evidence.
Question
Practically all audits follow a similar sequence of activities that can be divided into four stages.Organizing the audit team and the physical examination of assets are components of which two separate audit stages?

A)audit planning; evaluation of audit evidence
B)audit planning; collection of audit evidence
C)collection of audit evidence; communication of audit results
D)audit planning only
Question
With which stage in the auditing process are the consideration of risk factors and materiality most associated?

A)audit planning
B)collection of audit evidence
C)communication of audit results
D)evaluation of audit evidence
Question
The __________ audit examines the reliability and integrity of accounting records.

A)financial
B)informational
C)information systems
D)operational
Question
There are different types of internal audit work.Which type of work listed below is not typical of internal auditors?

A)operational and management audits
B)information system audits
C)financial statement audit
D)financial audit of accounting records
Question
The purpose of __________ is to determine why,how,when,and who will perform the audit.

A)audit planning
B)the collection of audit evidence
C)the communication of audit results
D)the evaluation of audit evidence
Question
The evidence collection method that is used to gather data about the system is

A)reperformance.
B)questionnaires.
C)valuation.
D)none of the above
Question
The __________ audit is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives.

A)financial
B)informational
C)information systems
D)operational
Question
The three different types of internal audits commonly performed today are

A)internal,external,defense contracting.
B)financial,operational,information systems.
C)financial,operational,management.
D)internal,external,public.
Question
The __________ audit reviews the general and application controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets.

A)financial
B)information systems
C)management
D)internal control
Question
How would auditors determine if unauthorized program changes have been made?

A)by interviewing and making inquiries of the programming staff
B)by examining the systems design and programming documentation
C)by using a source code comparison program
D)by interviewing and making inquiries of recently terminated programming staff
Question
The risk-based audit approach is

A)a four-step approach to internal control evaluation.
B)a four-step approach to financial statement review and recommendations.
C)a three-step approach to internal control evaluation.
D)a three-step approach to financial statement review and recommendations.
Question
Which of the following is the first step in the risk-based audit approach?

A)identify the control procedures that should be in place
B)evaluate the control procedures
C)determine the threats facing the AIS
D)evaluate weaknesses to determine their effect on the audit procedures
Question
An auditor must be willing to accept some degree of risk that the audit conclusion is incorrect.Accordingly,the auditor's objective is to seek __________ that no material error exists in the information audited.

A)absolute reliability
B)reasonable evidence
C)reasonable assurance
D)reasonable objectivity
Question
Which auditing technique will not assist in determining if unauthorized programming changes have been made?

A)use of a source code comparison program
B)use of the reprocessing technique to compare program output
C)interviewing and making inquiries of the programming staff
D)use of parallel simulation to compare program output
Question
Using the risk-based auditing approach,when the auditor identifies a control deficiency,the auditor should inquire about

A)tests of controls.
B)the feasibility of a systems review.
C)materiality and inherent risk factors.
D)compensating controls.
Question
One way an auditor gauges how much audit work and testing needs to be performed is through evaluating materiality and seeking reasonable assurance about the nature of the information or process.What is key to determining materiality during an audit?

A)determining if material errors exist in the information or processes undergoing audit
B)the testing of records,account balances,and procedures on a sample basis
C)determining what is and is not important given a set of circumstances is primarily a matter of judgment
D)none of the above
Question
The evidence collection method that considers the relationship and trends among information to detect items that should be investigated further is called

A)review of the documentation.
B)vouching.
C)physical examination.
D)analytical review.
Question
Strong __________ controls sometimes can compensate for inadequate __________ controls.

A)development; processing
B)processing; development
C)operational; internal
D)internal; operational
Question
Determining whether the necessary control procedures are in place is accomplished by conducting

A)a systems overhaul.
B)a systems review.
C)tests of controls.
D)none of the above
Question
The evidence collection method that examines all supporting documents to determine the validity of a transaction is called

A)review of documentation.
B)vouching.
C)physical examination.
D)analytical review.
Question
The auditor's role in systems development should be

A)an advisor and developer of internal control specifications.
B)a developer of internal controls.
C)that of an independent reviewer only.
D)A and B above
Question
Much of the effort spent in an audit entails the collection of evidence.Verifying the accuracy of certain information,often through communication with certain third parties,is known in the language of the auditor as

A)reperformance.
B)confirmation.
C)substantiation.
D)documentation.
Question
To maintain the objectivity necessary for performing an independent evaluation function,auditors should not be involved in

A)making recommendations to management for improvement of existing internal controls.
B)examining system access logs.
C)examining logical access policies and procedures.
D)developing the system.
Question
There are six objectives of an AIS audit.The objective that pertains to source data being processed into some form of output is

A)Objective 1: overall security.
B)Objective 2: program development.
C)Objective 3: program modifications.
D)Objective 4: processing.
Question
Regarding program modifications,which statement below is incorrect?

A)Only material program changes should be thoroughly tested and documented.
B)When a program change is submitted for approval,a list of all required updates should be compiled and then approved by management and program users.
C)During the change process,the developmental version of the program must be kept separate from the production version.
D)After the amended program has received final approval,the change is implemented by replacing the production version with the developmental version.
Question
What is the purpose of an AIS audit?

A)to determine the inherent risk factors found in the system
B)to review and evaluate the internal controls that protects the system
C)to examine the reliability and integrity of accounting records
D)to examine whether resources have been used in an economical and efficient manner in keeping with organization goals and objectives
Question
During all stages of the audit,findings and conclusions are documented in

A)audit trails.
B)audit working papers.
C)audit reports.
D)audit objectives.
Question
The __________ to auditing provides auditors with a clear understanding of possible errors and irregularities and the related risks and exposures.

A)risk-based approach
B)risk-adjusted approach
C)financial audit approach
D)information systems approach
Question
Assessing the quality of internal controls,the reliability of information,and operating performance are all part of which stage of the auditing process?

A)audit planning
B)collection of audit evidence
C)evaluation of audit evidence
D)communication of audit results
Question
Reference to the operational policies manual indicate that all visitors to the production facility should produce photo identification and be signed in and out with the times noted.Observation indicates that guards often wave people through if they are accompanied by a known employee.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Question
The use of a secure file library and restrictions on physical access to data files is a control procedure used in conjunction with

A)computer processing controls.
B)data files.
C)program modification procedures.
D)program development.
Question
An increase in the effectiveness of internal controls will have the effect of

A)increasing inherent risk.
B)reducing inherence risk.
C)increasing control risk.
D)reducing control risk.
Question
A sample of sales records is selected and each record is traced from the initial order record to product delivery and payment.Errors are noted.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Question
Auditors have several techniques available to them to test computer-processing controls.An audit routine that flags suspicious transactions is known as

A)SCARF.
B)an audit hook.
C)an audit sinker.
D)the snapshot technique.
Question
One function of CAS is to review data files to retrieve records meeting a specified criteria.What is this function called?

A)reformatting
B)file processing
C)data analysis
D)data selection
Question
Evaluating effectiveness,efficiency,and goal achievement are objectives of __________ audits.

A)financial
B)operational
C)information systems
D)all of the above
Question
The scope of a(n)__________ audit encompasses all aspects of information systems management.

A)operational
B)information systems
C)financial
D)internal control
Question
Physical examination of inventory reveals discrepancies with accounting records.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Question
When the auditor wants to read data in different formats and convert it into a single common format,the __________ function of a generalized audit software package is used.

A)data selection
B)reformatting
C)file processing
D)statistics
Question
In the __________ stage of an operational audit,the auditor measures the actual system against an ideal standard.

A)evidence collection
B)evidence evaluation
C)testing
D)internal control
Question
One way to document the review of source data controls is to use

A)a flowchart generator program.
B)a mapping program.
C)an input control matrix.
D)a program algorithm matrix.
Question
To document the review of source data controls,an auditor may use

A)an input control matrix.
B)test data processing.
C)computer audit software.
D)analysis of program logic.
Question
Comparison of budgets and operating objectives with performance reveals material discrepancies.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Question
The auditor uses __________ to continuously monitor the system and collect audit evidence while live data are processed.

A)test data processing
B)parallel simulation
C)concurrent audit techniques
D)analysis of program logic
Question
The __________ procedure for auditing computer process controls uses a hypothetical series of valid and invalid transactions.

A)concurrent audit techniques
B)test data processing
C)integrated test facility
D)dual process
Question
The auditor has various software programs available to help in the audit effort.A program that,based on auditor specifications,generates programs that perform certain audit functions is referred to a(n)

A)input controls matrix.
B)CAS.
C)VAN.
D)mapping program.
Question
Interviews with operations employees indicate that delays in the delivery of components often result in "slack time" during which production stops and employees are idle.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Question
When it is suspected that a particular application program contains unauthorized code or serious errors,a detailed analysis of the program logic may be necessary.The auditor has several types of software packages available to help in analyzing program logic.A program which identifies unexecuted program code is

A)a mapping program.
B)an audit log.
C)a scanning routine.
D)program tracing.
Question
What is the primary purpose of computer audit software?

A)to free the auditor from the attest phase of the audit
B)to assist the auditor in reviewing and retrieving information in computer files
C)to look for unauthorized modifications and changes to system program code
D)to assist the auditor in reviewing and retrieving information in accounting records and systems documentation
Question
Name the different types of audits.
Question
The auditor seeks ____________ that no _______________ exist in the audited process.

A)absolute certainty; financial errors
B)reasonable assurance; material errors
C)relative certainty; accounting errors
D)reasonable assurance; control weaknesses
Question
An auditor examining a firm's accounting information system creates a fictitious customer in the system and then creates several fictitious sales to the customer.The records are then tracked as they are processed by the system.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Question
List the types of risk possible when conducting an audit.
Question
Explain why the auditor's role in program development and acquisition should be limited.
Question
Why are audit tests and procedures performed on a sample basis?
Question
An auditor examines documents related to the acquisition and disposal of a firm's delivery van and manually calculates accumulated depreciation for comparison with accounting records.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Question
When programmers are working with program code,they often employ utilities that are also used in auditing.For example,as program code evolves,it is often the case that blocks of code are superseded by other blocks of code.Blocks of code that are not executed by the program are identified by

A)program tracing.
B)scanning routines.
C)mapping programs.
D)automated flow charting programs.
Question
Name the four major stages of all audits.
Question
An auditor examining a firm's accounting information system sets an embedded audit module to record all credit transactions in excess of $1,500 and store the data in an audit log.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Question
An internal auditor has set the firm's information system to flag questionable online transactions,The system then displays information about the transaction on the auditor's computer system and sends a text message to the auditor's cell phone.This is an example of collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Question
When programmers are working with program code,they often employ utilities that are also used in auditing.For example,as program code evolves,it is often the case that variables defined during the early part of development become irrelevant.The occurrences of variables that are not used by the program are found using

A)program tracing.
B)scanning routines.
C)mapping programs.
D)automated flow charting programs.
Question
An auditor examining a firm's accounting information system sets an embedded audit module to flag all credit transactions in excess of $1,500.The flag causes the system state to be recorded before and after each transaction is processed.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Question
An internal auditor has embedded an audit module in the firm's accounting system that selectively monitors transactions.Selected transactions are then processed independently and the results are compared with those obtained by the system.This is an example of collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Question
Which of the following is not one of the three types of internal audits?

A)Financial
B)Operational
C)Information systems
D)Organizational
Question
How and to whom does an auditor communicate the audit results?
Question
An auditor examines all documents related to the acquisition,repair history,and disposal of a firm's delivery van.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Question
An increase in the effectiveness of auditing software will have the effect of

A)increasing detection risk.
B)reducing detection risk.
C)increasing control risk.
D)reducing control risk.
Question
An auditor finds that absentee rates are significantly higher on Mondays and Fridays than on other work days.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Question
An expansion of a firm's operations to include production in Russia and China will have the effect of

A)increasing inherent risk.
B)reducing inherence risk.
C)increasing control risk.
D)reducing control risk.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/94
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 9: Auditing Computer-Based Informtion Systems
1
A system that employs various types of advanced technology has more __________ risk than traditional batch processing.

A)control
B)detection
C)inherent
D)investing
C
2
The purpose of an internal audit is

A)to evaluate the adequacy and effectiveness of company's internal controls.
B)to determine the extent to which assigned responsibilities are actually carried out.
C)to collect evidence on whether the company is continuing as a going concern.
D)A and B only
D
3
The Institute of Internal Auditors (IIA)has established five audit scope standards that outline the internal auditor's responsibilities.Which standard below deals with the principles of reliability and integrity?

A)determining whether the systems are designed to comply with operating and reporting policies
B)review of how assets are safeguarded and verification of their existence as appropriate
C)review of company operations and programs to determine whether they are being carried out as planned
D)review of operating and financial information and how it is identified,measured,classified,and reported
D
4
One type of audit that is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives corresponds to the fourth and fifth standards set forth by the IIA.This is known as a(n)__________ audit.

A)financial
B)information systems
C)internal control
D)operational or management
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
5
The possibility that a material error will occur even though auditors are following audit procedures and using good judgment is referred to as

A)control risk.
B)detection risk.
C)inherent risk.
D)investigating risk.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
6
Which characteristics below is not a characteristic of auditing?

A)evidence collection
B)establishing audit criteria
C)objectivity
D)systems development
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
7
What is not a typical responsibility of an internal auditor?

A)helping management to improve organizational effectiveness
B)assisting in the design and implementation of an AIS
C)preparation of the company's financial statements
D)implementing and monitoring of internal controls
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
8
An audit should be planned so that the greatest amount of audit work focuses on the areas with the highest risk factors.Regarding risk factors,control risk is defined as

A)the susceptibility to material risk in the absence of controls.
B)the risk that a material misstatement will get through the internal control structure and into the financial statements.
C)the risk that auditors and their audit procedures will not detect a material error or misstatement.
D)the risk auditors will not be given the appropriate documents and records by management who wants to control audit activities and procedures.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
9
The type of audit in which the primary responsibility of the auditors is the management of the organization is

A)an external audit.
B)a governmental audit.
C)an internal audit.
D)a public audits.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
10
The __________ part of the auditing process involves (among other things)the auditors observing the operating activities and having discussion with employees.

A)audit planning
B)collection of audit evidence
C)communication of audit results
D)evaluation of audit evidence
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
11
Auditing involves the

A)collection,review,and documentation of audit evidence.
B)planning and verification of economic events.
C)collection of audit evidence and approval of economic events.
D)testing,documentation,and certification of audit evidence.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
12
Practically all audits follow a similar sequence of activities that can be divided into four stages.Organizing the audit team and the physical examination of assets are components of which two separate audit stages?

A)audit planning; evaluation of audit evidence
B)audit planning; collection of audit evidence
C)collection of audit evidence; communication of audit results
D)audit planning only
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
13
With which stage in the auditing process are the consideration of risk factors and materiality most associated?

A)audit planning
B)collection of audit evidence
C)communication of audit results
D)evaluation of audit evidence
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
14
The __________ audit examines the reliability and integrity of accounting records.

A)financial
B)informational
C)information systems
D)operational
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
15
There are different types of internal audit work.Which type of work listed below is not typical of internal auditors?

A)operational and management audits
B)information system audits
C)financial statement audit
D)financial audit of accounting records
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
16
The purpose of __________ is to determine why,how,when,and who will perform the audit.

A)audit planning
B)the collection of audit evidence
C)the communication of audit results
D)the evaluation of audit evidence
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
17
The evidence collection method that is used to gather data about the system is

A)reperformance.
B)questionnaires.
C)valuation.
D)none of the above
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
18
The __________ audit is concerned with the economical and efficient use of resources and the accomplishment of established goals and objectives.

A)financial
B)informational
C)information systems
D)operational
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
19
The three different types of internal audits commonly performed today are

A)internal,external,defense contracting.
B)financial,operational,information systems.
C)financial,operational,management.
D)internal,external,public.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
20
The __________ audit reviews the general and application controls of an AIS to assess its compliance with internal control policies and procedures and its effectiveness in safeguarding assets.

A)financial
B)information systems
C)management
D)internal control
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
21
How would auditors determine if unauthorized program changes have been made?

A)by interviewing and making inquiries of the programming staff
B)by examining the systems design and programming documentation
C)by using a source code comparison program
D)by interviewing and making inquiries of recently terminated programming staff
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
22
The risk-based audit approach is

A)a four-step approach to internal control evaluation.
B)a four-step approach to financial statement review and recommendations.
C)a three-step approach to internal control evaluation.
D)a three-step approach to financial statement review and recommendations.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following is the first step in the risk-based audit approach?

A)identify the control procedures that should be in place
B)evaluate the control procedures
C)determine the threats facing the AIS
D)evaluate weaknesses to determine their effect on the audit procedures
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
24
An auditor must be willing to accept some degree of risk that the audit conclusion is incorrect.Accordingly,the auditor's objective is to seek __________ that no material error exists in the information audited.

A)absolute reliability
B)reasonable evidence
C)reasonable assurance
D)reasonable objectivity
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
25
Which auditing technique will not assist in determining if unauthorized programming changes have been made?

A)use of a source code comparison program
B)use of the reprocessing technique to compare program output
C)interviewing and making inquiries of the programming staff
D)use of parallel simulation to compare program output
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
26
Using the risk-based auditing approach,when the auditor identifies a control deficiency,the auditor should inquire about

A)tests of controls.
B)the feasibility of a systems review.
C)materiality and inherent risk factors.
D)compensating controls.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
27
One way an auditor gauges how much audit work and testing needs to be performed is through evaluating materiality and seeking reasonable assurance about the nature of the information or process.What is key to determining materiality during an audit?

A)determining if material errors exist in the information or processes undergoing audit
B)the testing of records,account balances,and procedures on a sample basis
C)determining what is and is not important given a set of circumstances is primarily a matter of judgment
D)none of the above
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
28
The evidence collection method that considers the relationship and trends among information to detect items that should be investigated further is called

A)review of the documentation.
B)vouching.
C)physical examination.
D)analytical review.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
29
Strong __________ controls sometimes can compensate for inadequate __________ controls.

A)development; processing
B)processing; development
C)operational; internal
D)internal; operational
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
30
Determining whether the necessary control procedures are in place is accomplished by conducting

A)a systems overhaul.
B)a systems review.
C)tests of controls.
D)none of the above
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
31
The evidence collection method that examines all supporting documents to determine the validity of a transaction is called

A)review of documentation.
B)vouching.
C)physical examination.
D)analytical review.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
32
The auditor's role in systems development should be

A)an advisor and developer of internal control specifications.
B)a developer of internal controls.
C)that of an independent reviewer only.
D)A and B above
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
33
Much of the effort spent in an audit entails the collection of evidence.Verifying the accuracy of certain information,often through communication with certain third parties,is known in the language of the auditor as

A)reperformance.
B)confirmation.
C)substantiation.
D)documentation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
34
To maintain the objectivity necessary for performing an independent evaluation function,auditors should not be involved in

A)making recommendations to management for improvement of existing internal controls.
B)examining system access logs.
C)examining logical access policies and procedures.
D)developing the system.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
35
There are six objectives of an AIS audit.The objective that pertains to source data being processed into some form of output is

A)Objective 1: overall security.
B)Objective 2: program development.
C)Objective 3: program modifications.
D)Objective 4: processing.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
36
Regarding program modifications,which statement below is incorrect?

A)Only material program changes should be thoroughly tested and documented.
B)When a program change is submitted for approval,a list of all required updates should be compiled and then approved by management and program users.
C)During the change process,the developmental version of the program must be kept separate from the production version.
D)After the amended program has received final approval,the change is implemented by replacing the production version with the developmental version.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
37
What is the purpose of an AIS audit?

A)to determine the inherent risk factors found in the system
B)to review and evaluate the internal controls that protects the system
C)to examine the reliability and integrity of accounting records
D)to examine whether resources have been used in an economical and efficient manner in keeping with organization goals and objectives
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
38
During all stages of the audit,findings and conclusions are documented in

A)audit trails.
B)audit working papers.
C)audit reports.
D)audit objectives.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
39
The __________ to auditing provides auditors with a clear understanding of possible errors and irregularities and the related risks and exposures.

A)risk-based approach
B)risk-adjusted approach
C)financial audit approach
D)information systems approach
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
40
Assessing the quality of internal controls,the reliability of information,and operating performance are all part of which stage of the auditing process?

A)audit planning
B)collection of audit evidence
C)evaluation of audit evidence
D)communication of audit results
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
41
Reference to the operational policies manual indicate that all visitors to the production facility should produce photo identification and be signed in and out with the times noted.Observation indicates that guards often wave people through if they are accompanied by a known employee.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
42
The use of a secure file library and restrictions on physical access to data files is a control procedure used in conjunction with

A)computer processing controls.
B)data files.
C)program modification procedures.
D)program development.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
43
An increase in the effectiveness of internal controls will have the effect of

A)increasing inherent risk.
B)reducing inherence risk.
C)increasing control risk.
D)reducing control risk.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
44
A sample of sales records is selected and each record is traced from the initial order record to product delivery and payment.Errors are noted.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
45
Auditors have several techniques available to them to test computer-processing controls.An audit routine that flags suspicious transactions is known as

A)SCARF.
B)an audit hook.
C)an audit sinker.
D)the snapshot technique.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
46
One function of CAS is to review data files to retrieve records meeting a specified criteria.What is this function called?

A)reformatting
B)file processing
C)data analysis
D)data selection
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
47
Evaluating effectiveness,efficiency,and goal achievement are objectives of __________ audits.

A)financial
B)operational
C)information systems
D)all of the above
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
48
The scope of a(n)__________ audit encompasses all aspects of information systems management.

A)operational
B)information systems
C)financial
D)internal control
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
49
Physical examination of inventory reveals discrepancies with accounting records.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
50
When the auditor wants to read data in different formats and convert it into a single common format,the __________ function of a generalized audit software package is used.

A)data selection
B)reformatting
C)file processing
D)statistics
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
51
In the __________ stage of an operational audit,the auditor measures the actual system against an ideal standard.

A)evidence collection
B)evidence evaluation
C)testing
D)internal control
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
52
One way to document the review of source data controls is to use

A)a flowchart generator program.
B)a mapping program.
C)an input control matrix.
D)a program algorithm matrix.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
53
To document the review of source data controls,an auditor may use

A)an input control matrix.
B)test data processing.
C)computer audit software.
D)analysis of program logic.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
54
Comparison of budgets and operating objectives with performance reveals material discrepancies.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
55
The auditor uses __________ to continuously monitor the system and collect audit evidence while live data are processed.

A)test data processing
B)parallel simulation
C)concurrent audit techniques
D)analysis of program logic
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
56
The __________ procedure for auditing computer process controls uses a hypothetical series of valid and invalid transactions.

A)concurrent audit techniques
B)test data processing
C)integrated test facility
D)dual process
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
57
The auditor has various software programs available to help in the audit effort.A program that,based on auditor specifications,generates programs that perform certain audit functions is referred to a(n)

A)input controls matrix.
B)CAS.
C)VAN.
D)mapping program.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
58
Interviews with operations employees indicate that delays in the delivery of components often result in "slack time" during which production stops and employees are idle.This is an application of which of the following five internal audit scope standards?

A)Operating and financial information integrity
B)Policy compliance verification
C)Asset security verification
D)Resource use efficiency
E)Operational effectiveness
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
59
When it is suspected that a particular application program contains unauthorized code or serious errors,a detailed analysis of the program logic may be necessary.The auditor has several types of software packages available to help in analyzing program logic.A program which identifies unexecuted program code is

A)a mapping program.
B)an audit log.
C)a scanning routine.
D)program tracing.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
60
What is the primary purpose of computer audit software?

A)to free the auditor from the attest phase of the audit
B)to assist the auditor in reviewing and retrieving information in computer files
C)to look for unauthorized modifications and changes to system program code
D)to assist the auditor in reviewing and retrieving information in accounting records and systems documentation
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
61
Name the different types of audits.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
62
The auditor seeks ____________ that no _______________ exist in the audited process.

A)absolute certainty; financial errors
B)reasonable assurance; material errors
C)relative certainty; accounting errors
D)reasonable assurance; control weaknesses
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
63
An auditor examining a firm's accounting information system creates a fictitious customer in the system and then creates several fictitious sales to the customer.The records are then tracked as they are processed by the system.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
64
List the types of risk possible when conducting an audit.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
65
Explain why the auditor's role in program development and acquisition should be limited.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
66
Why are audit tests and procedures performed on a sample basis?
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
67
An auditor examines documents related to the acquisition and disposal of a firm's delivery van and manually calculates accumulated depreciation for comparison with accounting records.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
68
When programmers are working with program code,they often employ utilities that are also used in auditing.For example,as program code evolves,it is often the case that blocks of code are superseded by other blocks of code.Blocks of code that are not executed by the program are identified by

A)program tracing.
B)scanning routines.
C)mapping programs.
D)automated flow charting programs.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
69
Name the four major stages of all audits.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
70
An auditor examining a firm's accounting information system sets an embedded audit module to record all credit transactions in excess of $1,500 and store the data in an audit log.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
71
An internal auditor has set the firm's information system to flag questionable online transactions,The system then displays information about the transaction on the auditor's computer system and sends a text message to the auditor's cell phone.This is an example of collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
72
When programmers are working with program code,they often employ utilities that are also used in auditing.For example,as program code evolves,it is often the case that variables defined during the early part of development become irrelevant.The occurrences of variables that are not used by the program are found using

A)program tracing.
B)scanning routines.
C)mapping programs.
D)automated flow charting programs.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
73
An auditor examining a firm's accounting information system sets an embedded audit module to flag all credit transactions in excess of $1,500.The flag causes the system state to be recorded before and after each transaction is processed.This is an example collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
74
An internal auditor has embedded an audit module in the firm's accounting system that selectively monitors transactions.Selected transactions are then processed independently and the results are compared with those obtained by the system.This is an example of collecting audit evidence using

A)an integrated test facility.
B)the snapshot technique.
C)a system control audit review file.
D)audit hooks.
E)continuous and intermittent simulation.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
75
Which of the following is not one of the three types of internal audits?

A)Financial
B)Operational
C)Information systems
D)Organizational
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
76
How and to whom does an auditor communicate the audit results?
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
77
An auditor examines all documents related to the acquisition,repair history,and disposal of a firm's delivery van.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
78
An increase in the effectiveness of auditing software will have the effect of

A)increasing detection risk.
B)reducing detection risk.
C)increasing control risk.
D)reducing control risk.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
79
An auditor finds that absentee rates are significantly higher on Mondays and Fridays than on other work days.This is an example collecting audit evidence by

A)confirmation.
B)reperformance.
C)vouching.
D)analytical review.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
80
An expansion of a firm's operations to include production in Russia and China will have the effect of

A)increasing inherent risk.
B)reducing inherence risk.
C)increasing control risk.
D)reducing control risk.
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 94 flashcards in this deck.
QuizPlus
surly
Quizplus
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App
surly
English
English
العربية
Scan to downloadDownload the App
qr-code

English
English
العربية
Copyright © 2025 Quizplus LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree